diff --git a/libs/ory-hydra-client/README.md b/libs/ory-hydra-client/README.md index d767021..2902b22 100644 --- a/libs/ory-hydra-client/README.md +++ b/libs/ory-hydra-client/README.md @@ -1,5 +1,5 @@ # ory-hydra-client -A client library for accessing ORY Hydra +A client library for accessing Ory Hydra ## Usage First, create a client: @@ -61,12 +61,14 @@ client = AuthenticatedClient( ) ``` +There are more settings on the generated `Client` class which let you control more runtime behavior, check out the docstring on that class for more info. + Things to know: 1. Every path/method combo becomes a Python module with four functions: 1. `sync`: Blocking request that returns parsed data (if successful) or `None` 1. `sync_detailed`: Blocking request that always returns a `Request`, optionally with `parsed` set if the request was successful. - 1. `asyncio`: Like `sync` but the async instead of blocking - 1. `asyncio_detailed`: Like `sync_detailed` by async instead of blocking + 1. `asyncio`: Like `sync` but async instead of blocking + 1. `asyncio_detailed`: Like `sync_detailed` but async instead of blocking 1. All path/query params, and bodies become method arguments. 1. If your endpoint had any tags on it, the first tag will be used as a module name for the function (my_tag above) diff --git a/libs/ory-hydra-client/ory_hydra_client/__init__.py b/libs/ory-hydra-client/ory_hydra_client/__init__.py index 0260c3f..e7a9b72 100644 --- a/libs/ory-hydra-client/ory_hydra_client/__init__.py +++ b/libs/ory-hydra-client/ory_hydra_client/__init__.py @@ -1,2 +1,7 @@ -""" A client library for accessing ORY Hydra """ +""" A client library for accessing Ory Hydra """ from .client import AuthenticatedClient, Client + +__all__ = ( + "AuthenticatedClient", + "Client", +) diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_login_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_login_request.py deleted file mode 100644 index f3cde33..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_login_request.py +++ /dev/null @@ -1,298 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from typing import Dict -from typing import cast -from ...models.completed_request import CompletedRequest -from ...models.generic_error import GenericError -from ...models.accept_login_request import AcceptLoginRequest - - - -def _get_kwargs( - *, - _client: Client, - json_body: AcceptLoginRequest, - login_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/login/accept".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["login_challenge"] = login_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - json_json_body = json_body.to_dict() - - - - - - return { - "method": "put", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "json": json_json_body, - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: - if response.status_code == HTTPStatus.OK: - response_200 = CompletedRequest.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - json_body: AcceptLoginRequest, - login_challenge: str, - -) -> Response[Union[CompletedRequest, GenericError]]: - """Accept a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - This endpoint tells ORY Hydra that the subject has successfully authenticated and includes - additional information such as - the subject's ID and if ORY Hydra should remember the subject's subject agent for future - authentication attempts by setting - a cookie. - - The response contains a redirect URL which the login provider should redirect the user-agent to. - - Args: - login_challenge (str): - json_body (AcceptLoginRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, -login_challenge=login_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - json_body: AcceptLoginRequest, - login_challenge: str, - -) -> Optional[Union[CompletedRequest, GenericError]]: - """Accept a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - This endpoint tells ORY Hydra that the subject has successfully authenticated and includes - additional information such as - the subject's ID and if ORY Hydra should remember the subject's subject agent for future - authentication attempts by setting - a cookie. - - The response contains a redirect URL which the login provider should redirect the user-agent to. - - Args: - login_challenge (str): - json_body (AcceptLoginRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - return sync_detailed( - _client=_client, -json_body=json_body, -login_challenge=login_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - json_body: AcceptLoginRequest, - login_challenge: str, - -) -> Response[Union[CompletedRequest, GenericError]]: - """Accept a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - This endpoint tells ORY Hydra that the subject has successfully authenticated and includes - additional information such as - the subject's ID and if ORY Hydra should remember the subject's subject agent for future - authentication attempts by setting - a cookie. - - The response contains a redirect URL which the login provider should redirect the user-agent to. - - Args: - login_challenge (str): - json_body (AcceptLoginRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, -login_challenge=login_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - json_body: AcceptLoginRequest, - login_challenge: str, - -) -> Optional[Union[CompletedRequest, GenericError]]: - """Accept a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - This endpoint tells ORY Hydra that the subject has successfully authenticated and includes - additional information such as - the subject's ID and if ORY Hydra should remember the subject's subject agent for future - authentication attempts by setting - a cookie. - - The response contains a redirect URL which the login provider should redirect the user-agent to. - - Args: - login_challenge (str): - json_body (AcceptLoginRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -json_body=json_body, -login_challenge=login_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_logout_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_logout_request.py deleted file mode 100644 index ff619b4..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_logout_request.py +++ /dev/null @@ -1,209 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from ...models.completed_request import CompletedRequest -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - logout_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/logout/accept".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["logout_challenge"] = logout_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "put", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: - if response.status_code == HTTPStatus.OK: - response_200 = CompletedRequest.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - logout_challenge: str, - -) -> Response[Union[CompletedRequest, GenericError]]: - """Accept a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm - that logout request. - No body is required. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - logout_challenge (str): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -logout_challenge=logout_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - logout_challenge: str, - -) -> Optional[Union[CompletedRequest, GenericError]]: - """Accept a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm - that logout request. - No body is required. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - logout_challenge (str): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - return sync_detailed( - _client=_client, -logout_challenge=logout_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - logout_challenge: str, - -) -> Response[Union[CompletedRequest, GenericError]]: - """Accept a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm - that logout request. - No body is required. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - logout_challenge (str): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -logout_challenge=logout_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - logout_challenge: str, - -) -> Optional[Union[CompletedRequest, GenericError]]: - """Accept a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm - that logout request. - No body is required. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - logout_challenge (str): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -logout_challenge=logout_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/create_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/create_o_auth_2_client.py deleted file mode 100644 index 6e34c5f..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/create_o_auth_2_client.py +++ /dev/null @@ -1,223 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from ...models.o_auth_2_client import OAuth2Client -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - json_body: OAuth2Client, - -) -> Dict[str, Any]: - url = "{}/clients".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - json_json_body = json_body.to_dict() - - - - - - return { - "method": "post", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "json": json_json_body, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2Client]]: - if response.status_code == HTTPStatus.CREATED: - response_201 = OAuth2Client.from_dict(response.json()) - - - - return response_201 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.CONFLICT: - response_409 = GenericError.from_dict(response.json()) - - - - return response_409 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2Client]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - json_body: OAuth2Client, - -) -> Response[Union[GenericError, OAuth2Client]]: - """Create an OAuth 2.0 Client - - Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a - random secret will be generated. The secret will be returned in the response and you will not be - able to retrieve it later on. Write the secret down and keep it somwhere safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - json_body: OAuth2Client, - -) -> Optional[Union[GenericError, OAuth2Client]]: - """Create an OAuth 2.0 Client - - Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a - random secret will be generated. The secret will be returned in the response and you will not be - able to retrieve it later on. Write the secret down and keep it somwhere safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - return sync_detailed( - _client=_client, -json_body=json_body, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - json_body: OAuth2Client, - -) -> Response[Union[GenericError, OAuth2Client]]: - """Create an OAuth 2.0 Client - - Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a - random secret will be generated. The secret will be returned in the response and you will not be - able to retrieve it later on. Write the secret down and keep it somwhere safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - json_body: OAuth2Client, - -) -> Optional[Union[GenericError, OAuth2Client]]: - """Create an OAuth 2.0 Client - - Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a - random secret will be generated. The secret will be returned in the response and you will not be - able to retrieve it later on. Write the secret down and keep it somwhere safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - return (await asyncio_detailed( - _client=_client, -json_body=json_body, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key.py deleted file mode 100644 index 403362d..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key.py +++ /dev/null @@ -1,225 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - set_: str, - kid: str, - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/keys/{set}/{kid}".format( - _client.base_url,set=set_,kid=kid) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "delete", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.FORBIDDEN: - response_403 = GenericError.from_dict(response.json()) - - - - return response_403 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - set_: str, - kid: str, - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """Delete a JSON Web Key - - Use this endpoint to delete a single JSON Web Key. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - set_=set_, -kid=kid, -_client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - set_: str, - kid: str, - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """Delete a JSON Web Key - - Use this endpoint to delete a single JSON Web Key. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - set_=set_, -kid=kid, -_client=_client, - - ).parsed - -async def asyncio_detailed( - set_: str, - kid: str, - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """Delete a JSON Web Key - - Use this endpoint to delete a single JSON Web Key. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - set_=set_, -kid=kid, -_client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - set_: str, - kid: str, - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """Delete a JSON Web Key - - Use this endpoint to delete a single JSON Web Key. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - set_=set_, -kid=kid, -_client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key_set.py deleted file mode 100644 index 7f7db9c..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key_set.py +++ /dev/null @@ -1,212 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - set_: str, - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/keys/{set}".format( - _client.base_url,set=set_) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "delete", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.FORBIDDEN: - response_403 = GenericError.from_dict(response.json()) - - - - return response_403 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - set_: str, - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """Delete a JSON Web Key Set - - Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - set_=set_, -_client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - set_: str, - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """Delete a JSON Web Key Set - - Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - set_=set_, -_client=_client, - - ).parsed - -async def asyncio_detailed( - set_: str, - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """Delete a JSON Web Key Set - - Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - set_=set_, -_client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - set_: str, - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """Delete a JSON Web Key Set - - Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a - cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key - is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys - used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined - keys as well. - - Args: - set_ (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - set_=set_, -_client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_client.py deleted file mode 100644 index c104eb6..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_client.py +++ /dev/null @@ -1,202 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - id: str, - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/clients/{id}".format( - _client.base_url,id=id) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "delete", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - id: str, - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """Deletes an OAuth 2.0 Client - - Delete an existing OAuth 2.0 Client by its ID. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - id=id, -_client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - id: str, - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """Deletes an OAuth 2.0 Client - - Delete an existing OAuth 2.0 Client by its ID. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - id=id, -_client=_client, - - ).parsed - -async def asyncio_detailed( - id: str, - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """Deletes an OAuth 2.0 Client - - Delete an existing OAuth 2.0 Client by its ID. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - id=id, -_client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - id: str, - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """Deletes an OAuth 2.0 Client - - Delete an existing OAuth 2.0 Client by its ID. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - id=id, -_client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_token.py deleted file mode 100644 index e1df3a0..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_token.py +++ /dev/null @@ -1,189 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - client_id: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/tokens".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["client_id"] = client_id - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "delete", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - client_id: str, - -) -> Response[Union[Any, GenericError]]: - """Delete OAuth2 Access Tokens from a Client - - This endpoint deletes OAuth2 access tokens issued for a client from the database - - Args: - client_id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -client_id=client_id, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - client_id: str, - -) -> Optional[Union[Any, GenericError]]: - """Delete OAuth2 Access Tokens from a Client - - This endpoint deletes OAuth2 access tokens issued for a client from the database - - Args: - client_id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, -client_id=client_id, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - client_id: str, - -) -> Response[Union[Any, GenericError]]: - """Delete OAuth2 Access Tokens from a Client - - This endpoint deletes OAuth2 access tokens issued for a client from the database - - Args: - client_id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -client_id=client_id, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - client_id: str, - -) -> Optional[Union[Any, GenericError]]: - """Delete OAuth2 Access Tokens from a Client - - This endpoint deletes OAuth2 access tokens issued for a client from the database - - Args: - client_id (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -client_id=client_id, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/flush_inactive_o_auth_2_tokens.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/flush_inactive_o_auth_2_tokens.py deleted file mode 100644 index 578b8df..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/flush_inactive_o_auth_2_tokens.py +++ /dev/null @@ -1,202 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.flush_inactive_o_auth_2_tokens_request import FlushInactiveOAuth2TokensRequest -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - json_body: FlushInactiveOAuth2TokensRequest, - -) -> Dict[str, Any]: - url = "{}/oauth2/flush".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - json_json_body = json_body.to_dict() - - - - - - return { - "method": "post", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "json": json_json_body, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - json_body: FlushInactiveOAuth2TokensRequest, - -) -> Response[Union[Any, GenericError]]: - """Flush Expired OAuth2 Access Tokens - - This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which - no tokens will be - not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be - flushed as they are deleted - automatically when performing the refresh flow. - - Args: - json_body (FlushInactiveOAuth2TokensRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - json_body: FlushInactiveOAuth2TokensRequest, - -) -> Optional[Union[Any, GenericError]]: - """Flush Expired OAuth2 Access Tokens - - This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which - no tokens will be - not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be - flushed as they are deleted - automatically when performing the refresh flow. - - Args: - json_body (FlushInactiveOAuth2TokensRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, -json_body=json_body, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - json_body: FlushInactiveOAuth2TokensRequest, - -) -> Response[Union[Any, GenericError]]: - """Flush Expired OAuth2 Access Tokens - - This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which - no tokens will be - not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be - flushed as they are deleted - automatically when performing the refresh flow. - - Args: - json_body (FlushInactiveOAuth2TokensRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - json_body: FlushInactiveOAuth2TokensRequest, - -) -> Optional[Union[Any, GenericError]]: - """Flush Expired OAuth2 Access Tokens - - This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which - no tokens will be - not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be - flushed as they are deleted - automatically when performing the refresh flow. - - Args: - json_body (FlushInactiveOAuth2TokensRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -json_body=json_body, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_consent_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/get_consent_request.py deleted file mode 100644 index 3cf7616..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_consent_request.py +++ /dev/null @@ -1,263 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from ...models.consent_request import ConsentRequest -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - consent_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/consent".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["consent_challenge"] = consent_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[ConsentRequest, GenericError]]: - if response.status_code == HTTPStatus.OK: - response_200 = ConsentRequest.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.CONFLICT: - response_409 = GenericError.from_dict(response.json()) - - - - return response_409 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[ConsentRequest, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - consent_challenge: str, - -) -> Response[Union[ConsentRequest, GenericError]]: - """Get Consent Request Information - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - Args: - consent_challenge (str): - - Returns: - Response[Union[ConsentRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -consent_challenge=consent_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - consent_challenge: str, - -) -> Optional[Union[ConsentRequest, GenericError]]: - """Get Consent Request Information - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - Args: - consent_challenge (str): - - Returns: - Response[Union[ConsentRequest, GenericError]] - """ - - - return sync_detailed( - _client=_client, -consent_challenge=consent_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - consent_challenge: str, - -) -> Response[Union[ConsentRequest, GenericError]]: - """Get Consent Request Information - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - Args: - consent_challenge (str): - - Returns: - Response[Union[ConsentRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -consent_challenge=consent_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - consent_challenge: str, - -) -> Optional[Union[ConsentRequest, GenericError]]: - """Get Consent Request Information - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - Args: - consent_challenge (str): - - Returns: - Response[Union[ConsentRequest, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -consent_challenge=consent_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key.py deleted file mode 100644 index 7d1a5da..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key.py +++ /dev/null @@ -1,199 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from ...models.json_web_key_set import JSONWebKeySet -from typing import cast -from typing import Dict - - - -def _get_kwargs( - set_: str, - kid: str, - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/keys/{set}/{kid}".format( - _client.base_url,set=set_,kid=kid) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: - if response.status_code == HTTPStatus.OK: - response_200 = JSONWebKeySet.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - set_: str, - kid: str, - *, - _client: Client, - -) -> Response[Union[GenericError, JSONWebKeySet]]: - """Fetch a JSON Web Key - - This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid). - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - kwargs = _get_kwargs( - set_=set_, -kid=kid, -_client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - set_: str, - kid: str, - *, - _client: Client, - -) -> Optional[Union[GenericError, JSONWebKeySet]]: - """Fetch a JSON Web Key - - This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid). - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - return sync_detailed( - set_=set_, -kid=kid, -_client=_client, - - ).parsed - -async def asyncio_detailed( - set_: str, - kid: str, - *, - _client: Client, - -) -> Response[Union[GenericError, JSONWebKeySet]]: - """Fetch a JSON Web Key - - This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid). - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - kwargs = _get_kwargs( - set_=set_, -kid=kid, -_client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - set_: str, - kid: str, - *, - _client: Client, - -) -> Optional[Union[GenericError, JSONWebKeySet]]: - """Fetch a JSON Web Key - - This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid). - - Args: - set_ (str): - kid (str): - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - return (await asyncio_detailed( - set_=set_, -kid=kid, -_client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_login_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/get_login_request.py deleted file mode 100644 index 1b739c8..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_login_request.py +++ /dev/null @@ -1,249 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.login_request import LoginRequest -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - login_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/login".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["login_challenge"] = login_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, LoginRequest]]: - if response.status_code == HTTPStatus.OK: - response_200 = LoginRequest.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.CONFLICT: - response_409 = GenericError.from_dict(response.json()) - - - - return response_409 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, LoginRequest]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - login_challenge: str, - -) -> Response[Union[GenericError, LoginRequest]]: - """Get a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - Args: - login_challenge (str): - - Returns: - Response[Union[GenericError, LoginRequest]] - """ - - - kwargs = _get_kwargs( - _client=_client, -login_challenge=login_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - login_challenge: str, - -) -> Optional[Union[GenericError, LoginRequest]]: - """Get a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - Args: - login_challenge (str): - - Returns: - Response[Union[GenericError, LoginRequest]] - """ - - - return sync_detailed( - _client=_client, -login_challenge=login_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - login_challenge: str, - -) -> Response[Union[GenericError, LoginRequest]]: - """Get a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - Args: - login_challenge (str): - - Returns: - Response[Union[GenericError, LoginRequest]] - """ - - - kwargs = _get_kwargs( - _client=_client, -login_challenge=login_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - login_challenge: str, - -) -> Optional[Union[GenericError, LoginRequest]]: - """Get a Login Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent - (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject - the requested authentication process. - - Args: - login_challenge (str): - - Returns: - Response[Union[GenericError, LoginRequest]] - """ - - - return (await asyncio_detailed( - _client=_client, -login_challenge=login_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_logout_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/get_logout_request.py deleted file mode 100644 index 4045676..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_logout_request.py +++ /dev/null @@ -1,193 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from ...models.logout_request import LogoutRequest -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - logout_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/logout".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["logout_challenge"] = logout_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, LogoutRequest]]: - if response.status_code == HTTPStatus.OK: - response_200 = LogoutRequest.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, LogoutRequest]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - logout_challenge: str, - -) -> Response[Union[GenericError, LogoutRequest]]: - """Get a Logout Request - - Use this endpoint to fetch a logout request. - - Args: - logout_challenge (str): - - Returns: - Response[Union[GenericError, LogoutRequest]] - """ - - - kwargs = _get_kwargs( - _client=_client, -logout_challenge=logout_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - logout_challenge: str, - -) -> Optional[Union[GenericError, LogoutRequest]]: - """Get a Logout Request - - Use this endpoint to fetch a logout request. - - Args: - logout_challenge (str): - - Returns: - Response[Union[GenericError, LogoutRequest]] - """ - - - return sync_detailed( - _client=_client, -logout_challenge=logout_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - logout_challenge: str, - -) -> Response[Union[GenericError, LogoutRequest]]: - """Get a Logout Request - - Use this endpoint to fetch a logout request. - - Args: - logout_challenge (str): - - Returns: - Response[Union[GenericError, LogoutRequest]] - """ - - - kwargs = _get_kwargs( - _client=_client, -logout_challenge=logout_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - logout_challenge: str, - -) -> Optional[Union[GenericError, LogoutRequest]]: - """Get a Logout Request - - Use this endpoint to fetch a logout request. - - Args: - logout_challenge (str): - - Returns: - Response[Union[GenericError, LogoutRequest]] - """ - - - return (await asyncio_detailed( - _client=_client, -logout_challenge=logout_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/get_o_auth_2_client.py deleted file mode 100644 index 1ace7fd..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_o_auth_2_client.py +++ /dev/null @@ -1,206 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from ...models.o_auth_2_client import OAuth2Client -from typing import Dict - - - -def _get_kwargs( - id: str, - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/clients/{id}".format( - _client.base_url,id=id) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2Client]]: - if response.status_code == HTTPStatus.OK: - response_200 = OAuth2Client.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2Client]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - id: str, - *, - _client: Client, - -) -> Response[Union[GenericError, OAuth2Client]]: - """Get an OAuth 2.0 Client. - - Get an OAUth 2.0 client by its ID. This endpoint never returns passwords. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - kwargs = _get_kwargs( - id=id, -_client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - id: str, - *, - _client: Client, - -) -> Optional[Union[GenericError, OAuth2Client]]: - """Get an OAuth 2.0 Client. - - Get an OAUth 2.0 client by its ID. This endpoint never returns passwords. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - return sync_detailed( - id=id, -_client=_client, - - ).parsed - -async def asyncio_detailed( - id: str, - *, - _client: Client, - -) -> Response[Union[GenericError, OAuth2Client]]: - """Get an OAuth 2.0 Client. - - Get an OAUth 2.0 client by its ID. This endpoint never returns passwords. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - kwargs = _get_kwargs( - id=id, -_client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - id: str, - *, - _client: Client, - -) -> Optional[Union[GenericError, OAuth2Client]]: - """Get an OAuth 2.0 Client. - - Get an OAUth 2.0 client by its ID. This endpoint never returns passwords. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - return (await asyncio_detailed( - id=id, -_client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_version.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/get_version.py deleted file mode 100644 index dd3c755..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_version.py +++ /dev/null @@ -1,164 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.version import Version -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/version".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Version]: - if response.status_code == HTTPStatus.OK: - response_200 = Version.from_dict(response.json()) - - - - return response_200 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Version]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Version]: - """Get Service Version - - This endpoint returns the service version typically notated using semantic versioning. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Returns: - Response[Version] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - -) -> Optional[Version]: - """Get Service Version - - This endpoint returns the service version typically notated using semantic versioning. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Returns: - Response[Version] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Version]: - """Get Service Version - - This endpoint returns the service version typically notated using semantic versioning. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Returns: - Response[Version] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - -) -> Optional[Version]: - """Get Service Version - - This endpoint returns the service version typically notated using semantic versioning. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Returns: - Response[Version] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/introspect_o_auth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/introspect_o_auth_2_token.py deleted file mode 100644 index a52d0c1..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/introspect_o_auth_2_token.py +++ /dev/null @@ -1,194 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.introspect_o_auth_2_token_data import IntrospectOAuth2TokenData -from ...models.o_auth_2_token_introspection import OAuth2TokenIntrospection -from typing import Dict -from typing import cast -from ...models.generic_error import GenericError - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/oauth2/introspect".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "post", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2TokenIntrospection]]: - if response.status_code == HTTPStatus.OK: - response_200 = OAuth2TokenIntrospection.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2TokenIntrospection]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Union[GenericError, OAuth2TokenIntrospection]]: - """Introspect OAuth2 Tokens - - The introspection endpoint allows to check if a token (both refresh and access) is active or not. An - active token - is neither expired nor revoked. If a token is active, additional information on the token will be - included. You can - set additional data for a token by setting `accessTokenExtra` during the consent flow. - - For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection- - endpoint/). - - Returns: - Response[Union[GenericError, OAuth2TokenIntrospection]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - -) -> Optional[Union[GenericError, OAuth2TokenIntrospection]]: - """Introspect OAuth2 Tokens - - The introspection endpoint allows to check if a token (both refresh and access) is active or not. An - active token - is neither expired nor revoked. If a token is active, additional information on the token will be - included. You can - set additional data for a token by setting `accessTokenExtra` during the consent flow. - - For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection- - endpoint/). - - Returns: - Response[Union[GenericError, OAuth2TokenIntrospection]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Union[GenericError, OAuth2TokenIntrospection]]: - """Introspect OAuth2 Tokens - - The introspection endpoint allows to check if a token (both refresh and access) is active or not. An - active token - is neither expired nor revoked. If a token is active, additional information on the token will be - included. You can - set additional data for a token by setting `accessTokenExtra` during the consent flow. - - For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection- - endpoint/). - - Returns: - Response[Union[GenericError, OAuth2TokenIntrospection]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - -) -> Optional[Union[GenericError, OAuth2TokenIntrospection]]: - """Introspect OAuth2 Tokens - - The introspection endpoint allows to check if a token (both refresh and access) is active or not. An - active token - is neither expired nor revoked. If a token is active, additional information on the token will be - included. You can - set additional data for a token by setting `accessTokenExtra` during the consent flow. - - For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection- - endpoint/). - - Returns: - Response[Union[GenericError, OAuth2TokenIntrospection]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/list_o_auth_2_clients.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/list_o_auth_2_clients.py deleted file mode 100644 index ee5bdb5..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/list_o_auth_2_clients.py +++ /dev/null @@ -1,260 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from typing import Dict -from typing import Union -from typing import cast -from ...types import UNSET, Unset -from ...models.generic_error import GenericError -from typing import cast, List -from ...models.o_auth_2_client import OAuth2Client -from typing import Optional - - - -def _get_kwargs( - *, - _client: Client, - limit: Union[Unset, None, int] = UNSET, - offset: Union[Unset, None, int] = UNSET, - -) -> Dict[str, Any]: - url = "{}/clients".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["limit"] = limit - - - params["offset"] = offset - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, List['OAuth2Client']]]: - if response.status_code == HTTPStatus.OK: - response_200 = [] - _response_200 = response.json() - for response_200_item_data in (_response_200): - response_200_item = OAuth2Client.from_dict(response_200_item_data) - - - - response_200.append(response_200_item) - - return response_200 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, List['OAuth2Client']]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - limit: Union[Unset, None, int] = UNSET, - offset: Union[Unset, None, int] = UNSET, - -) -> Response[Union[GenericError, List['OAuth2Client']]]: - """List OAuth 2.0 Clients - - This endpoint lists all clients in the database, and never returns client secrets. As a default it - lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has - an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - limit (Union[Unset, None, int]): - offset (Union[Unset, None, int]): - - Returns: - Response[Union[GenericError, List['OAuth2Client']]] - """ - - - kwargs = _get_kwargs( - _client=_client, -limit=limit, -offset=offset, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - limit: Union[Unset, None, int] = UNSET, - offset: Union[Unset, None, int] = UNSET, - -) -> Optional[Union[GenericError, List['OAuth2Client']]]: - """List OAuth 2.0 Clients - - This endpoint lists all clients in the database, and never returns client secrets. As a default it - lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has - an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - limit (Union[Unset, None, int]): - offset (Union[Unset, None, int]): - - Returns: - Response[Union[GenericError, List['OAuth2Client']]] - """ - - - return sync_detailed( - _client=_client, -limit=limit, -offset=offset, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - limit: Union[Unset, None, int] = UNSET, - offset: Union[Unset, None, int] = UNSET, - -) -> Response[Union[GenericError, List['OAuth2Client']]]: - """List OAuth 2.0 Clients - - This endpoint lists all clients in the database, and never returns client secrets. As a default it - lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has - an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - limit (Union[Unset, None, int]): - offset (Union[Unset, None, int]): - - Returns: - Response[Union[GenericError, List['OAuth2Client']]] - """ - - - kwargs = _get_kwargs( - _client=_client, -limit=limit, -offset=offset, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - limit: Union[Unset, None, int] = UNSET, - offset: Union[Unset, None, int] = UNSET, - -) -> Optional[Union[GenericError, List['OAuth2Client']]]: - """List OAuth 2.0 Clients - - This endpoint lists all clients in the database, and never returns client secrets. As a default it - lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has - an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - limit (Union[Unset, None, int]): - offset (Union[Unset, None, int]): - - Returns: - Response[Union[GenericError, List['OAuth2Client']]] - """ - - - return (await asyncio_detailed( - _client=_client, -limit=limit, -offset=offset, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/list_subject_consent_sessions.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/list_subject_consent_sessions.py deleted file mode 100644 index 93bdb33..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/list_subject_consent_sessions.py +++ /dev/null @@ -1,239 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from typing import Dict -from ...models.previous_consent_session import PreviousConsentSession -from typing import cast -from ...models.generic_error import GenericError -from typing import cast, List - - - -def _get_kwargs( - *, - _client: Client, - subject: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/sessions/consent".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["subject"] = subject - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, List['PreviousConsentSession']]]: - if response.status_code == HTTPStatus.OK: - response_200 = [] - _response_200 = response.json() - for response_200_item_data in (_response_200): - response_200_item = PreviousConsentSession.from_dict(response_200_item_data) - - - - response_200.append(response_200_item) - - return response_200 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, List['PreviousConsentSession']]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - subject: str, - -) -> Response[Union[GenericError, List['PreviousConsentSession']]]: - """Lists All Consent Sessions of a Subject - - This endpoint lists all subject's granted consent sessions, including client and granted scope. - If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an - empty JSON array with status code 200 OK. - - - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - subject (str): - - Returns: - Response[Union[GenericError, List['PreviousConsentSession']]] - """ - - - kwargs = _get_kwargs( - _client=_client, -subject=subject, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - subject: str, - -) -> Optional[Union[GenericError, List['PreviousConsentSession']]]: - """Lists All Consent Sessions of a Subject - - This endpoint lists all subject's granted consent sessions, including client and granted scope. - If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an - empty JSON array with status code 200 OK. - - - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - subject (str): - - Returns: - Response[Union[GenericError, List['PreviousConsentSession']]] - """ - - - return sync_detailed( - _client=_client, -subject=subject, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - subject: str, - -) -> Response[Union[GenericError, List['PreviousConsentSession']]]: - """Lists All Consent Sessions of a Subject - - This endpoint lists all subject's granted consent sessions, including client and granted scope. - If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an - empty JSON array with status code 200 OK. - - - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - subject (str): - - Returns: - Response[Union[GenericError, List['PreviousConsentSession']]] - """ - - - kwargs = _get_kwargs( - _client=_client, -subject=subject, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - subject: str, - -) -> Optional[Union[GenericError, List['PreviousConsentSession']]]: - """Lists All Consent Sessions of a Subject - - This endpoint lists all subject's granted consent sessions, including client and granted scope. - If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an - empty JSON array with status code 200 OK. - - - The \"Link\" header is also included in successful responses, which contains one or more links for - pagination, formatted like so: '; - rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and - 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - - Args: - subject (str): - - Returns: - Response[Union[GenericError, List['PreviousConsentSession']]] - """ - - - return (await asyncio_detailed( - _client=_client, -subject=subject, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/prometheus.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/prometheus.py deleted file mode 100644 index a2023d8..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/prometheus.py +++ /dev/null @@ -1,125 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/metrics/prometheus".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - - - -def _build_response(*, response: httpx.Response) -> Response[Any]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=None, - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Any]: - """Get Snapshot Metrics from the Hydra Service. - - If you're using k8s, you can then add annotations to your deployment like so: - - ``` - metadata: - annotations: - prometheus.io/port: \"4445\" - prometheus.io/path: \"/metrics/prometheus\" - ``` - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Returns: - Response[Any] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Any]: - """Get Snapshot Metrics from the Hydra Service. - - If you're using k8s, you can then add annotations to your deployment like so: - - ``` - metadata: - annotations: - prometheus.io/port: \"4445\" - prometheus.io/path: \"/metrics/prometheus\" - ``` - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Returns: - Response[Any] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_consent_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_consent_request.py deleted file mode 100644 index 814d91b..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_consent_request.py +++ /dev/null @@ -1,298 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from typing import Dict -from typing import cast -from ...models.reject_request import RejectRequest -from ...models.completed_request import CompletedRequest -from ...models.generic_error import GenericError - - - -def _get_kwargs( - *, - _client: Client, - json_body: RejectRequest, - consent_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/consent/reject".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["consent_challenge"] = consent_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - json_json_body = json_body.to_dict() - - - - - - return { - "method": "put", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "json": json_json_body, - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: - if response.status_code == HTTPStatus.OK: - response_200 = CompletedRequest.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - json_body: RejectRequest, - consent_challenge: str, - -) -> Response[Union[CompletedRequest, GenericError]]: - """Reject a Consent Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access - resources on his/her behalf. - The consent provider must include a reason why the consent was not granted. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - consent_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, -consent_challenge=consent_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - json_body: RejectRequest, - consent_challenge: str, - -) -> Optional[Union[CompletedRequest, GenericError]]: - """Reject a Consent Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access - resources on his/her behalf. - The consent provider must include a reason why the consent was not granted. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - consent_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - return sync_detailed( - _client=_client, -json_body=json_body, -consent_challenge=consent_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - json_body: RejectRequest, - consent_challenge: str, - -) -> Response[Union[CompletedRequest, GenericError]]: - """Reject a Consent Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access - resources on his/her behalf. - The consent provider must include a reason why the consent was not granted. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - consent_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, -consent_challenge=consent_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - json_body: RejectRequest, - consent_challenge: str, - -) -> Optional[Union[CompletedRequest, GenericError]]: - """Reject a Consent Request - - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the - subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent - (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted - or rejected the request. - - This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access - resources on his/her behalf. - The consent provider must include a reason why the consent was not granted. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - - Args: - consent_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[CompletedRequest, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -json_body=json_body, -consent_challenge=consent_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_logout_request.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_logout_request.py deleted file mode 100644 index 336d86e..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_logout_request.py +++ /dev/null @@ -1,222 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from ...models.reject_request import RejectRequest -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - json_body: RejectRequest, - logout_challenge: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/logout/reject".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["logout_challenge"] = logout_challenge - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - json_json_body = json_body.to_dict() - - - - - - return { - "method": "put", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "json": json_json_body, - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - json_body: RejectRequest, - logout_challenge: str, - -) -> Response[Union[Any, GenericError]]: - """Reject a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny - that logout request. - No body is required. - - The response is empty as the logout provider has to chose what action to perform next. - - Args: - logout_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, -logout_challenge=logout_challenge, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - json_body: RejectRequest, - logout_challenge: str, - -) -> Optional[Union[Any, GenericError]]: - """Reject a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny - that logout request. - No body is required. - - The response is empty as the logout provider has to chose what action to perform next. - - Args: - logout_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, -json_body=json_body, -logout_challenge=logout_challenge, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - json_body: RejectRequest, - logout_challenge: str, - -) -> Response[Union[Any, GenericError]]: - """Reject a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny - that logout request. - No body is required. - - The response is empty as the logout provider has to chose what action to perform next. - - Args: - logout_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -json_body=json_body, -logout_challenge=logout_challenge, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - json_body: RejectRequest, - logout_challenge: str, - -) -> Optional[Union[Any, GenericError]]: - """Reject a Logout Request - - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny - that logout request. - No body is required. - - The response is empty as the logout provider has to chose what action to perform next. - - Args: - logout_challenge (str): - json_body (RejectRequest): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -json_body=json_body, -logout_challenge=logout_challenge, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_authentication_session.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_authentication_session.py deleted file mode 100644 index 36bff65..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_authentication_session.py +++ /dev/null @@ -1,215 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - subject: str, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/sessions/login".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["subject"] = subject - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "delete", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - subject: str, - -) -> Response[Union[Any, GenericError]]: - """Invalidates All Login Sessions of a Certain User - Invalidates a Subject's Authentication Session - - This endpoint invalidates a subject's authentication session. After revoking the authentication - session, the subject - has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work - with OpenID Connect - Front- or Back-channel logout. - - Args: - subject (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -subject=subject, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - subject: str, - -) -> Optional[Union[Any, GenericError]]: - """Invalidates All Login Sessions of a Certain User - Invalidates a Subject's Authentication Session - - This endpoint invalidates a subject's authentication session. After revoking the authentication - session, the subject - has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work - with OpenID Connect - Front- or Back-channel logout. - - Args: - subject (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, -subject=subject, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - subject: str, - -) -> Response[Union[Any, GenericError]]: - """Invalidates All Login Sessions of a Certain User - Invalidates a Subject's Authentication Session - - This endpoint invalidates a subject's authentication session. After revoking the authentication - session, the subject - has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work - with OpenID Connect - Front- or Back-channel logout. - - Args: - subject (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -subject=subject, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - subject: str, - -) -> Optional[Union[Any, GenericError]]: - """Invalidates All Login Sessions of a Certain User - Invalidates a Subject's Authentication Session - - This endpoint invalidates a subject's authentication session. After revoking the authentication - session, the subject - has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work - with OpenID Connect - Front- or Back-channel logout. - - Args: - subject (str): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -subject=subject, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_consent_sessions.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_consent_sessions.py deleted file mode 100644 index 485ac64..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_consent_sessions.py +++ /dev/null @@ -1,238 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from typing import Dict -from typing import Union -from typing import cast -from ...types import UNSET, Unset -from ...models.generic_error import GenericError -from typing import Optional - - - -def _get_kwargs( - *, - _client: Client, - subject: str, - client: Union[Unset, None, str] = UNSET, - all_: Union[Unset, None, bool] = UNSET, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth/sessions/consent".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - params: Dict[str, Any] = {} - params["subject"] = subject - - - params["client"] = client - - - params["all"] = all_ - - - - params = {k: v for k, v in params.items() if v is not UNSET and v is not None} - - - - - - - return { - "method": "delete", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "params": params, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.NO_CONTENT: - response_204 = cast(Any, None) - return response_204 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - subject: str, - client: Union[Unset, None, str] = UNSET, - all_: Union[Unset, None, bool] = UNSET, - -) -> Response[Union[Any, GenericError]]: - """Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client - - This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and - invalidates all - associated OAuth 2.0 Access Tokens. - - Args: - subject (str): - client (Union[Unset, None, str]): - all_ (Union[Unset, None, bool]): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -subject=subject, -client=client, -all_=all_, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - subject: str, - client: Union[Unset, None, str] = UNSET, - all_: Union[Unset, None, bool] = UNSET, - -) -> Optional[Union[Any, GenericError]]: - """Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client - - This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and - invalidates all - associated OAuth 2.0 Access Tokens. - - Args: - subject (str): - client (Union[Unset, None, str]): - all_ (Union[Unset, None, bool]): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, -subject=subject, -client=client, -all_=all_, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - subject: str, - client: Union[Unset, None, str] = UNSET, - all_: Union[Unset, None, bool] = UNSET, - -) -> Response[Union[Any, GenericError]]: - """Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client - - This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and - invalidates all - associated OAuth 2.0 Access Tokens. - - Args: - subject (str): - client (Union[Unset, None, str]): - all_ (Union[Unset, None, bool]): - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, -subject=subject, -client=client, -all_=all_, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - subject: str, - client: Union[Unset, None, str] = UNSET, - all_: Union[Unset, None, bool] = UNSET, - -) -> Optional[Union[Any, GenericError]]: - """Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client - - This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and - invalidates all - associated OAuth 2.0 Access Tokens. - - Args: - subject (str): - client (Union[Unset, None, str]): - all_ (Union[Unset, None, bool]): - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, -subject=subject, -client=client, -all_=all_, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/update_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/admin/update_o_auth_2_client.py deleted file mode 100644 index 9df201f..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/update_o_auth_2_client.py +++ /dev/null @@ -1,224 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from ...models.o_auth_2_client import OAuth2Client -from typing import Dict - - - -def _get_kwargs( - id: str, - *, - _client: Client, - json_body: OAuth2Client, - -) -> Dict[str, Any]: - url = "{}/clients/{id}".format( - _client.base_url,id=id) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - json_json_body = json_body.to_dict() - - - - - - return { - "method": "put", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - "json": json_json_body, - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2Client]]: - if response.status_code == HTTPStatus.OK: - response_200 = OAuth2Client.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2Client]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - id: str, - *, - _client: Client, - json_body: OAuth2Client, - -) -> Response[Union[GenericError, OAuth2Client]]: - """Update an OAuth 2.0 Client - - Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and - returned via the API. This is the only time you will be able to retrieve the client secret, so write - it down and keep it safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - kwargs = _get_kwargs( - id=id, -_client=_client, -json_body=json_body, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - id: str, - *, - _client: Client, - json_body: OAuth2Client, - -) -> Optional[Union[GenericError, OAuth2Client]]: - """Update an OAuth 2.0 Client - - Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and - returned via the API. This is the only time you will be able to retrieve the client secret, so write - it down and keep it safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - return sync_detailed( - id=id, -_client=_client, -json_body=json_body, - - ).parsed - -async def asyncio_detailed( - id: str, - *, - _client: Client, - json_body: OAuth2Client, - -) -> Response[Union[GenericError, OAuth2Client]]: - """Update an OAuth 2.0 Client - - Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and - returned via the API. This is the only time you will be able to retrieve the client secret, so write - it down and keep it safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - kwargs = _get_kwargs( - id=id, -_client=_client, -json_body=json_body, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - id: str, - *, - _client: Client, - json_body: OAuth2Client, - -) -> Optional[Union[GenericError, OAuth2Client]]: - """Update an OAuth 2.0 Client - - Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and - returned via the API. This is the only time you will be able to retrieve the client secret, so write - it down and keep it safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients - are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. - To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well - protected and only callable by first-party components. - - Args: - id (str): - json_body (OAuth2Client): - - Returns: - Response[Union[GenericError, OAuth2Client]] - """ - - - return (await asyncio_detailed( - id=id, -_client=_client, -json_body=json_body, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/__init__.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/__init__.py similarity index 100% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/__init__.py rename to libs/ory-hydra-client/ory_hydra_client/api/jwk/__init__.py diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/create_json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/create_json_web_key_set.py similarity index 65% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/create_json_web_key_set.py rename to libs/ory-hydra-client/ory_hydra_client/api/jwk/create_json_web_key_set.py index 007d7b9..9cb68cd 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/create_json_web_key_set.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/create_json_web_key_set.py @@ -1,15 +1,16 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors -from typing import Dict from typing import cast -from ...models.generic_error import GenericError -from ...models.json_web_key_set import JSONWebKeySet -from ...models.json_web_key_set_generator_request import JsonWebKeySetGeneratorRequest +from typing import Dict +from ...models.json_web_key_set import JsonWebKeySet +from ...models.create_json_web_key_set import CreateJsonWebKeySet @@ -17,10 +18,10 @@ def _get_kwargs( set_: str, *, _client: Client, - json_body: JsonWebKeySetGeneratorRequest, + json_body: CreateJsonWebKeySet, ) -> Dict[str, Any]: - url = "{}/keys/{set}".format( + url = "{}/admin/keys/{set}".format( _client.base_url,set=set_) headers: Dict[str, str] = _client.get_headers() @@ -48,40 +49,25 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]: if response.status_code == HTTPStatus.CREATED: - response_201 = JSONWebKeySet.from_dict(response.json()) + response_201 = JsonWebKeySet.from_dict(response.json()) return response_201 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_401 - if response.status_code == HTTPStatus.FORBIDDEN: - response_403 = GenericError.from_dict(response.json()) - - - - return response_403 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) @@ -89,10 +75,10 @@ def sync_detailed( set_: str, *, _client: Client, - json_body: JsonWebKeySetGeneratorRequest, + json_body: CreateJsonWebKeySet, -) -> Response[Union[GenericError, JSONWebKeySet]]: - """Generate a New JSON Web Key +) -> Response[JsonWebKeySet]: + """Create JSON Web Key This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys @@ -106,10 +92,14 @@ def sync_detailed( Args: set_ (str): - json_body (JsonWebKeySetGeneratorRequest): + json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -125,16 +115,16 @@ json_body=json_body, **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( set_: str, *, _client: Client, - json_body: JsonWebKeySetGeneratorRequest, + json_body: CreateJsonWebKeySet, -) -> Optional[Union[GenericError, JSONWebKeySet]]: - """Generate a New JSON Web Key +) -> Optional[JsonWebKeySet]: + """Create JSON Web Key This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys @@ -148,10 +138,14 @@ def sync( Args: set_ (str): - json_body (JsonWebKeySetGeneratorRequest): + json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -166,10 +160,10 @@ async def asyncio_detailed( set_: str, *, _client: Client, - json_body: JsonWebKeySetGeneratorRequest, + json_body: CreateJsonWebKeySet, -) -> Response[Union[GenericError, JSONWebKeySet]]: - """Generate a New JSON Web Key +) -> Response[JsonWebKeySet]: + """Create JSON Web Key This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys @@ -183,10 +177,14 @@ async def asyncio_detailed( Args: set_ (str): - json_body (JsonWebKeySetGeneratorRequest): + json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -202,16 +200,16 @@ json_body=json_body, **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( set_: str, *, _client: Client, - json_body: JsonWebKeySetGeneratorRequest, + json_body: CreateJsonWebKeySet, -) -> Optional[Union[GenericError, JSONWebKeySet]]: - """Generate a New JSON Web Key +) -> Optional[JsonWebKeySet]: + """Create JSON Web Key This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys @@ -225,10 +223,14 @@ async def asyncio( Args: set_ (str): - json_body (JsonWebKeySetGeneratorRequest): + json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key.py new file mode 100644 index 0000000..067315d --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key.py @@ -0,0 +1,156 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + set_: str, + kid: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/keys/{set}/{kid}".format( + _client.base_url,set=set_,kid=kid) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + set_: str, + kid: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete JSON Web Key + + Use this endpoint to delete a single JSON Web Key. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a + cryptographic key. A + JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its + set and key id. ORY Hydra uses + this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID + Connect ID tokens), + and allows storing user-defined keys as well. + + Args: + set_ (str): + kid (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + set_=set_, +kid=kid, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + set_: str, + kid: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete JSON Web Key + + Use this endpoint to delete a single JSON Web Key. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a + cryptographic key. A + JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its + set and key id. ORY Hydra uses + this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID + Connect ID tokens), + and allows storing user-defined keys as well. + + Args: + set_ (str): + kid (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + set_=set_, +kid=kid, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key_set.py new file mode 100644 index 0000000..df6ae50 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key_set.py @@ -0,0 +1,145 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + set_: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/keys/{set}".format( + _client.base_url,set=set_) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + set_: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete JSON Web Key Set + + Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a + cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key + is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys + used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined + keys as well. + + Args: + set_ (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + set_=set_, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + set_: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete JSON Web Key Set + + Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a + cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key + is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys + used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined + keys as well. + + Args: + set_ (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + set_=set_, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key.py new file mode 100644 index 0000000..424032c --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key.py @@ -0,0 +1,211 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import cast +from typing import Dict +from ...models.json_web_key_set import JsonWebKeySet + + + +def _get_kwargs( + set_: str, + kid: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/keys/{set}/{kid}".format( + _client.base_url,set=set_,kid=kid) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]: + if response.status_code == HTTPStatus.OK: + response_200 = JsonWebKeySet.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + set_: str, + kid: str, + *, + _client: Client, + +) -> Response[JsonWebKeySet]: + """Get JSON Web Key + + This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and + the specific key ID (kid). + + Args: + set_ (str): + kid (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + kwargs = _get_kwargs( + set_=set_, +kid=kid, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + set_: str, + kid: str, + *, + _client: Client, + +) -> Optional[JsonWebKeySet]: + """Get JSON Web Key + + This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and + the specific key ID (kid). + + Args: + set_ (str): + kid (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + return sync_detailed( + set_=set_, +kid=kid, +_client=_client, + + ).parsed + +async def asyncio_detailed( + set_: str, + kid: str, + *, + _client: Client, + +) -> Response[JsonWebKeySet]: + """Get JSON Web Key + + This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and + the specific key ID (kid). + + Args: + set_ (str): + kid (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + kwargs = _get_kwargs( + set_=set_, +kid=kid, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + set_: str, + kid: str, + *, + _client: Client, + +) -> Optional[JsonWebKeySet]: + """Get JSON Web Key + + This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and + the specific key ID (kid). + + Args: + set_ (str): + kid (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + return (await asyncio_detailed( + set_=set_, +kid=kid, +_client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key_set.py similarity index 67% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key_set.py rename to libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key_set.py index c5af054..56bbfd3 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key_set.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key_set.py @@ -1,14 +1,15 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors -from ...models.generic_error import GenericError -from ...models.json_web_key_set import JSONWebKeySet from typing import cast from typing import Dict +from ...models.json_web_key_set import JsonWebKeySet @@ -18,7 +19,7 @@ def _get_kwargs( _client: Client, ) -> Dict[str, Any]: - url = "{}/keys/{set}".format( + url = "{}/admin/keys/{set}".format( _client.base_url,set=set_) headers: Dict[str, str] = _client.get_headers() @@ -43,40 +44,25 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]: if response.status_code == HTTPStatus.OK: - response_200 = JSONWebKeySet.from_dict(response.json()) + response_200 = JsonWebKeySet.from_dict(response.json()) return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_401 - if response.status_code == HTTPStatus.FORBIDDEN: - response_403 = GenericError.from_dict(response.json()) - - - - return response_403 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) @@ -85,7 +71,7 @@ def sync_detailed( *, _client: Client, -) -> Response[Union[GenericError, JSONWebKeySet]]: +) -> Response[JsonWebKeySet]: """Retrieve a JSON Web Key Set This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. @@ -99,8 +85,12 @@ def sync_detailed( Args: set_ (str): + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -115,14 +105,14 @@ _client=_client, **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( set_: str, *, _client: Client, -) -> Optional[Union[GenericError, JSONWebKeySet]]: +) -> Optional[JsonWebKeySet]: """Retrieve a JSON Web Key Set This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. @@ -136,8 +126,12 @@ def sync( Args: set_ (str): + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -152,7 +146,7 @@ async def asyncio_detailed( *, _client: Client, -) -> Response[Union[GenericError, JSONWebKeySet]]: +) -> Response[JsonWebKeySet]: """Retrieve a JSON Web Key Set This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. @@ -166,8 +160,12 @@ async def asyncio_detailed( Args: set_ (str): + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -182,14 +180,14 @@ _client=_client, **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( set_: str, *, _client: Client, -) -> Optional[Union[GenericError, JSONWebKeySet]]: +) -> Optional[JsonWebKeySet]: """Retrieve a JSON Web Key Set This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. @@ -203,8 +201,12 @@ async def asyncio( Args: set_ (str): + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key.py similarity index 63% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key.py rename to libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key.py index 439c039..911b386 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key.py @@ -1,14 +1,15 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors -from ...models.generic_error import GenericError -from typing import cast -from ...models.json_web_key import JSONWebKey from typing import Dict +from ...models.json_web_key import JsonWebKey +from typing import cast @@ -17,10 +18,10 @@ def _get_kwargs( kid: str, *, _client: Client, - json_body: JSONWebKey, + json_body: JsonWebKey, ) -> Dict[str, Any]: - url = "{}/keys/{set}/{kid}".format( + url = "{}/admin/keys/{set}/{kid}".format( _client.base_url,set=set_,kid=kid) headers: Dict[str, str] = _client.get_headers() @@ -48,40 +49,25 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKey]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKey]: if response.status_code == HTTPStatus.OK: - response_200 = JSONWebKey.from_dict(response.json()) + response_200 = JsonWebKey.from_dict(response.json()) return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_401 - if response.status_code == HTTPStatus.FORBIDDEN: - response_403 = GenericError.from_dict(response.json()) - - - - return response_403 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKey]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKey]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) @@ -90,10 +76,10 @@ def sync_detailed( kid: str, *, _client: Client, - json_body: JSONWebKey, + json_body: JsonWebKey, -) -> Response[Union[GenericError, JSONWebKey]]: - """Update a JSON Web Key +) -> Response[JsonWebKey]: + """Set JSON Web Key Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. @@ -107,12 +93,14 @@ def sync_detailed( Args: set_ (str): kid (str): - json_body (JSONWebKey): It is important that this model object is named JSONWebKey for - "swagger generate spec" to generate only on definition of a - JSONWebKey. + json_body (JsonWebKey): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKey]] + Response[JsonWebKey] """ @@ -129,17 +117,17 @@ json_body=json_body, **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( set_: str, kid: str, *, _client: Client, - json_body: JSONWebKey, + json_body: JsonWebKey, -) -> Optional[Union[GenericError, JSONWebKey]]: - """Update a JSON Web Key +) -> Optional[JsonWebKey]: + """Set JSON Web Key Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. @@ -153,12 +141,14 @@ def sync( Args: set_ (str): kid (str): - json_body (JSONWebKey): It is important that this model object is named JSONWebKey for - "swagger generate spec" to generate only on definition of a - JSONWebKey. + json_body (JsonWebKey): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKey]] + Response[JsonWebKey] """ @@ -175,10 +165,10 @@ async def asyncio_detailed( kid: str, *, _client: Client, - json_body: JSONWebKey, + json_body: JsonWebKey, -) -> Response[Union[GenericError, JSONWebKey]]: - """Update a JSON Web Key +) -> Response[JsonWebKey]: + """Set JSON Web Key Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. @@ -192,12 +182,14 @@ async def asyncio_detailed( Args: set_ (str): kid (str): - json_body (JSONWebKey): It is important that this model object is named JSONWebKey for - "swagger generate spec" to generate only on definition of a - JSONWebKey. + json_body (JsonWebKey): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKey]] + Response[JsonWebKey] """ @@ -214,17 +206,17 @@ json_body=json_body, **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( set_: str, kid: str, *, _client: Client, - json_body: JSONWebKey, + json_body: JsonWebKey, -) -> Optional[Union[GenericError, JSONWebKey]]: - """Update a JSON Web Key +) -> Optional[JsonWebKey]: + """Set JSON Web Key Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. @@ -238,12 +230,14 @@ async def asyncio( Args: set_ (str): kid (str): - json_body (JSONWebKey): It is important that this model object is named JSONWebKey for - "swagger generate spec" to generate only on definition of a - JSONWebKey. + json_body (JsonWebKey): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKey]] + Response[JsonWebKey] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key_set.py similarity index 57% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key_set.py rename to libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key_set.py index 303830e..6cd2df9 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key_set.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key_set.py @@ -1,14 +1,15 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors -from ...models.generic_error import GenericError -from typing import Dict from typing import cast -from ...models.json_web_key_set import JSONWebKeySet +from typing import Dict +from ...models.json_web_key_set import JsonWebKeySet @@ -16,10 +17,10 @@ def _get_kwargs( set_: str, *, _client: Client, - json_body: JSONWebKeySet, + json_body: JsonWebKeySet, ) -> Dict[str, Any]: - url = "{}/keys/{set}".format( + url = "{}/admin/keys/{set}".format( _client.base_url,set=set_) headers: Dict[str, str] = _client.get_headers() @@ -47,40 +48,25 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]: if response.status_code == HTTPStatus.OK: - response_200 = JSONWebKeySet.from_dict(response.json()) + response_200 = JsonWebKeySet.from_dict(response.json()) return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_401 - if response.status_code == HTTPStatus.FORBIDDEN: - response_403 = GenericError.from_dict(response.json()) - - - - return response_403 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) @@ -88,9 +74,9 @@ def sync_detailed( set_: str, *, _client: Client, - json_body: JSONWebKeySet, + json_body: JsonWebKeySet, -) -> Response[Union[GenericError, JSONWebKeySet]]: +) -> Response[JsonWebKeySet]: """Update a JSON Web Key Set Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your @@ -104,15 +90,14 @@ def sync_detailed( Args: set_ (str): - json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet - for - "swagger generate spec" to generate only on definition of a - JSONWebKeySet. Since one with the same name is previously defined as - client.Client.JSONWebKeys and this one is last, this one will be - effectively written in the swagger spec. + json_body (JsonWebKeySet): JSON Web Key Set + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -128,15 +113,15 @@ json_body=json_body, **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( set_: str, *, _client: Client, - json_body: JSONWebKeySet, + json_body: JsonWebKeySet, -) -> Optional[Union[GenericError, JSONWebKeySet]]: +) -> Optional[JsonWebKeySet]: """Update a JSON Web Key Set Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your @@ -150,15 +135,14 @@ def sync( Args: set_ (str): - json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet - for - "swagger generate spec" to generate only on definition of a - JSONWebKeySet. Since one with the same name is previously defined as - client.Client.JSONWebKeys and this one is last, this one will be - effectively written in the swagger spec. + json_body (JsonWebKeySet): JSON Web Key Set + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -173,9 +157,9 @@ async def asyncio_detailed( set_: str, *, _client: Client, - json_body: JSONWebKeySet, + json_body: JsonWebKeySet, -) -> Response[Union[GenericError, JSONWebKeySet]]: +) -> Response[JsonWebKeySet]: """Update a JSON Web Key Set Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your @@ -189,15 +173,14 @@ async def asyncio_detailed( Args: set_ (str): - json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet - for - "swagger generate spec" to generate only on definition of a - JSONWebKeySet. Since one with the same name is previously defined as - client.Client.JSONWebKeys and this one is last, this one will be - effectively written in the swagger spec. + json_body (JsonWebKeySet): JSON Web Key Set + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ @@ -213,15 +196,15 @@ json_body=json_body, **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( set_: str, *, _client: Client, - json_body: JSONWebKeySet, + json_body: JsonWebKeySet, -) -> Optional[Union[GenericError, JSONWebKeySet]]: +) -> Optional[JsonWebKeySet]: """Update a JSON Web Key Set Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your @@ -235,15 +218,14 @@ async def asyncio( Args: set_ (str): - json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet - for - "swagger generate spec" to generate only on definition of a - JSONWebKeySet. Since one with the same name is previously defined as - client.Client.JSONWebKeys and this one is last, this one will be - effectively written in the swagger spec. + json_body (JsonWebKeySet): JSON Web Key Set + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[GenericError, JSONWebKeySet]] + Response[JsonWebKeySet] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/__init__.py b/libs/ory-hydra-client/ory_hydra_client/api/metadata/__init__.py similarity index 100% rename from libs/ory-hydra-client/ory_hydra_client/api/public/__init__.py rename to libs/ory-hydra-client/ory_hydra_client/api/metadata/__init__.py diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/is_instance_ready.py b/libs/ory-hydra-client/ory_hydra_client/api/metadata/get_version.py similarity index 50% rename from libs/ory-hydra-client/ory_hydra_client/api/public/is_instance_ready.py rename to libs/ory-hydra-client/ory_hydra_client/api/metadata/get_version.py index 101ca06..b95b4bf 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/is_instance_ready.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/metadata/get_version.py @@ -1,14 +1,15 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors -from ...models.health_status import HealthStatus -from typing import cast -from ...models.health_not_ready_status import HealthNotReadyStatus +from ...models.get_version_response_200 import GetVersionResponse200 from typing import Dict +from typing import cast @@ -17,7 +18,7 @@ def _get_kwargs( _client: Client, ) -> Dict[str, Any]: - url = "{}/health/ready".format( + url = "{}/version".format( _client.base_url) headers: Dict[str, str] = _client.get_headers() @@ -42,28 +43,25 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[HealthNotReadyStatus, HealthStatus]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[GetVersionResponse200]: if response.status_code == HTTPStatus.OK: - response_200 = HealthStatus.from_dict(response.json()) + response_200 = GetVersionResponse200.from_dict(response.json()) return response_200 - if response.status_code == HTTPStatus.SERVICE_UNAVAILABLE: - response_503 = HealthNotReadyStatus.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_503 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[HealthNotReadyStatus, HealthStatus]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[GetVersionResponse200]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) @@ -71,21 +69,23 @@ def sync_detailed( *, _client: Client, -) -> Response[Union[HealthNotReadyStatus, HealthStatus]]: - """Check Readiness Status +) -> Response[GetVersionResponse200]: + """Return Running Software Version. - This endpoint returns a 200 status code when the HTTP server is up running and the environment - dependencies (e.g. - the database) are responsive as well. + This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. - Be aware that if you are running multiple nodes of this service, the health status will never + Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[HealthNotReadyStatus, HealthStatus]] + Response[GetVersionResponse200] """ @@ -99,27 +99,29 @@ def sync_detailed( **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( *, _client: Client, -) -> Optional[Union[HealthNotReadyStatus, HealthStatus]]: - """Check Readiness Status +) -> Optional[GetVersionResponse200]: + """Return Running Software Version. - This endpoint returns a 200 status code when the HTTP server is up running and the environment - dependencies (e.g. - the database) are responsive as well. + This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. - Be aware that if you are running multiple nodes of this service, the health status will never + Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[HealthNotReadyStatus, HealthStatus]] + Response[GetVersionResponse200] """ @@ -132,21 +134,23 @@ async def asyncio_detailed( *, _client: Client, -) -> Response[Union[HealthNotReadyStatus, HealthStatus]]: - """Check Readiness Status +) -> Response[GetVersionResponse200]: + """Return Running Software Version. - This endpoint returns a 200 status code when the HTTP server is up running and the environment - dependencies (e.g. - the database) are responsive as well. + This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. - Be aware that if you are running multiple nodes of this service, the health status will never + Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[HealthNotReadyStatus, HealthStatus]] + Response[GetVersionResponse200] """ @@ -160,27 +164,29 @@ async def asyncio_detailed( **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( *, _client: Client, -) -> Optional[Union[HealthNotReadyStatus, HealthStatus]]: - """Check Readiness Status +) -> Optional[GetVersionResponse200]: + """Return Running Software Version. - This endpoint returns a 200 status code when the HTTP server is up running and the environment - dependencies (e.g. - the database) are responsive as well. + This endpoint returns the version of Ory Hydra. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. - Be aware that if you are running multiple nodes of this service, the health status will never + Be aware that if you are running multiple nodes of this service, the version will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: - Response[Union[HealthNotReadyStatus, HealthStatus]] + Response[GetVersionResponse200] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/is_instance_alive.py b/libs/ory-hydra-client/ory_hydra_client/api/metadata/is_alive.py similarity index 58% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/is_instance_alive.py rename to libs/ory-hydra-client/ory_hydra_client/api/metadata/is_alive.py index 0060fdc..a613350 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/is_instance_alive.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/metadata/is_alive.py @@ -1,14 +1,16 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors from ...models.generic_error import GenericError from ...models.health_status import HealthStatus -from typing import cast from typing import Dict +from typing import cast @@ -42,7 +44,7 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, HealthStatus]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[GenericError, HealthStatus]]: if response.status_code == HTTPStatus.OK: response_200 = HealthStatus.from_dict(response.json()) @@ -55,15 +57,18 @@ def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, return response_500 - return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, HealthStatus]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[GenericError, HealthStatus]]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) @@ -72,10 +77,11 @@ def sync_detailed( _client: Client, ) -> Response[Union[GenericError, HealthStatus]]: - """Check Alive Status + """Check HTTP Server Status - This endpoint returns a 200 status code when the HTTP server is up running. - This status does currently not include checks whether the database connection is working. + This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming + HTTP requests. This status does currently not include checks whether the database connection is + working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. @@ -83,6 +89,10 @@ def sync_detailed( Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: Response[Union[GenericError, HealthStatus]] """ @@ -98,17 +108,18 @@ def sync_detailed( **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( *, _client: Client, ) -> Optional[Union[GenericError, HealthStatus]]: - """Check Alive Status + """Check HTTP Server Status - This endpoint returns a 200 status code when the HTTP server is up running. - This status does currently not include checks whether the database connection is working. + This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming + HTTP requests. This status does currently not include checks whether the database connection is + working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. @@ -116,6 +127,10 @@ def sync( Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: Response[Union[GenericError, HealthStatus]] """ @@ -131,10 +146,11 @@ async def asyncio_detailed( _client: Client, ) -> Response[Union[GenericError, HealthStatus]]: - """Check Alive Status + """Check HTTP Server Status - This endpoint returns a 200 status code when the HTTP server is up running. - This status does currently not include checks whether the database connection is working. + This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming + HTTP requests. This status does currently not include checks whether the database connection is + working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. @@ -142,6 +158,10 @@ async def asyncio_detailed( Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: Response[Union[GenericError, HealthStatus]] """ @@ -157,17 +177,18 @@ async def asyncio_detailed( **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( *, _client: Client, ) -> Optional[Union[GenericError, HealthStatus]]: - """Check Alive Status + """Check HTTP Server Status - This endpoint returns a 200 status code when the HTTP server is up running. - This status does currently not include checks whether the database connection is working. + This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming + HTTP requests. This status does currently not include checks whether the database connection is + working. If the service supports TLS Edge Termination, this endpoint does not require the `X-Forwarded-Proto` header to be set. @@ -175,6 +196,10 @@ async def asyncio( Be aware that if you are running multiple nodes of this service, the health status will never refer to the cluster state, only to a single instance. + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: Response[Union[GenericError, HealthStatus]] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/metadata/is_ready.py b/libs/ory-hydra-client/ory_hydra_client/api/metadata/is_ready.py new file mode 100644 index 0000000..c73d36e --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/metadata/is_ready.py @@ -0,0 +1,212 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import cast +from typing import Dict +from ...models.is_ready_response_200 import IsReadyResponse200 +from ...models.is_ready_response_503 import IsReadyResponse503 + + + +def _get_kwargs( + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/health/ready".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[IsReadyResponse200, IsReadyResponse503]]: + if response.status_code == HTTPStatus.OK: + response_200 = IsReadyResponse200.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.SERVICE_UNAVAILABLE: + response_503 = IsReadyResponse503.from_dict(response.json()) + + + + return response_503 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[IsReadyResponse200, IsReadyResponse503]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + +) -> Response[Union[IsReadyResponse200, IsReadyResponse503]]: + """Check HTTP Server and Database Status + + This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment + dependencies (e.g. + the database) are responsive as well. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of Ory Hydra, the health status will never + refer to the cluster state, only to a single instance. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[IsReadyResponse200, IsReadyResponse503]] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + +) -> Optional[Union[IsReadyResponse200, IsReadyResponse503]]: + """Check HTTP Server and Database Status + + This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment + dependencies (e.g. + the database) are responsive as well. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of Ory Hydra, the health status will never + refer to the cluster state, only to a single instance. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[IsReadyResponse200, IsReadyResponse503]] + """ + + + return sync_detailed( + _client=_client, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + +) -> Response[Union[IsReadyResponse200, IsReadyResponse503]]: + """Check HTTP Server and Database Status + + This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment + dependencies (e.g. + the database) are responsive as well. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of Ory Hydra, the health status will never + refer to the cluster state, only to a single instance. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[IsReadyResponse200, IsReadyResponse503]] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + +) -> Optional[Union[IsReadyResponse200, IsReadyResponse503]]: + """Check HTTP Server and Database Status + + This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment + dependencies (e.g. + the database) are responsive as well. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of Ory Hydra, the health status will never + refer to the cluster state, only to a single instance. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[IsReadyResponse200, IsReadyResponse503]] + """ + + + return (await asyncio_detailed( + _client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/__init__.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_consent_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_consent_request.py similarity index 50% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/accept_consent_request.py rename to libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_consent_request.py index 3462bb6..970c789 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/accept_consent_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_consent_request.py @@ -1,26 +1,27 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors -from typing import Dict +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from ...models.the_request_payload_used_to_accept_a_consent_request import TheRequestPayloadUsedToAcceptAConsentRequest from typing import cast -from ...models.completed_request import CompletedRequest -from ...models.generic_error import GenericError -from ...models.accept_consent_request import AcceptConsentRequest +from typing import Dict def _get_kwargs( *, _client: Client, - json_body: AcceptConsentRequest, + json_body: TheRequestPayloadUsedToAcceptAConsentRequest, consent_challenge: str, ) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/consent/accept".format( + url = "{}/admin/oauth2/auth/requests/consent/accept".format( _client.base_url) headers: Dict[str, str] = _client.get_headers() @@ -55,78 +56,72 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]: if response.status_code == HTTPStatus.OK: - response_200 = CompletedRequest.from_dict(response.json()) + response_200 = OAuth20RedirectBrowserTo.from_dict(response.json()) return response_200 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) def sync_detailed( *, _client: Client, - json_body: AcceptConsentRequest, + json_body: TheRequestPayloadUsedToAcceptAConsentRequest, consent_challenge: str, -) -> Response[Union[CompletedRequest, GenericError]]: - """Accept a Consent Request +) -> Response[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Consent Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted or rejected the request. - This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access - resources on his/her behalf. + This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on + his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + Args: consent_challenge (str): - json_body (AcceptConsentRequest): + json_body (TheRequestPayloadUsedToAcceptAConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ @@ -142,49 +137,52 @@ consent_challenge=consent_challenge, **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( *, _client: Client, - json_body: AcceptConsentRequest, + json_body: TheRequestPayloadUsedToAcceptAConsentRequest, consent_challenge: str, -) -> Optional[Union[CompletedRequest, GenericError]]: - """Accept a Consent Request +) -> Optional[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Consent Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted or rejected the request. - This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access - resources on his/her behalf. + This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on + his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + Args: consent_challenge (str): - json_body (AcceptConsentRequest): + json_body (TheRequestPayloadUsedToAcceptAConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ @@ -198,44 +196,47 @@ consent_challenge=consent_challenge, async def asyncio_detailed( *, _client: Client, - json_body: AcceptConsentRequest, + json_body: TheRequestPayloadUsedToAcceptAConsentRequest, consent_challenge: str, -) -> Response[Union[CompletedRequest, GenericError]]: - """Accept a Consent Request +) -> Response[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Consent Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted or rejected the request. - This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access - resources on his/her behalf. + This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on + his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + Args: consent_challenge (str): - json_body (AcceptConsentRequest): + json_body (TheRequestPayloadUsedToAcceptAConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ @@ -251,49 +252,52 @@ consent_challenge=consent_challenge, **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( *, _client: Client, - json_body: AcceptConsentRequest, + json_body: TheRequestPayloadUsedToAcceptAConsentRequest, consent_challenge: str, -) -> Optional[Union[CompletedRequest, GenericError]]: - """Accept a Consent Request +) -> Optional[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Consent Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, - he/she must now be asked if + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - The consent provider which handles this request and is a web app implemented and hosted by you. It - shows a subject interface which asks the subject to - grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write - access to all your private files\"). - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if - the subject accepted + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted or rejected the request. - This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access - resources on his/her behalf. + This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on + his/her behalf. The consent provider includes additional information, such as session data for access and ID tokens, and if the consent request should be used as basis for future requests. The response contains a redirect URL which the consent provider should redirect the user-agent to. + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + Args: consent_challenge (str): - json_body (AcceptConsentRequest): + json_body (TheRequestPayloadUsedToAcceptAConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_login_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_login_request.py new file mode 100644 index 0000000..dd79624 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_login_request.py @@ -0,0 +1,278 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from typing import Dict +from ...models.handled_login_request_is_the_request_payload_used_to_accept_a_login_request import HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest +from typing import cast + + + +def _get_kwargs( + *, + _client: Client, + json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest, + login_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/login/accept".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["login_challenge"] = login_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20RedirectBrowserTo.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest, + login_challenge: str, + +) -> Response[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + This endpoint tells Ory that the subject has successfully authenticated and includes additional + information such as + the subject's ID and if Ory should remember the subject's subject agent for future authentication + attempts by setting + a cookie. + + The response contains a redirect URL which the login provider should redirect the user-agent to. + + Args: + login_challenge (str): + json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, +login_challenge=login_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest, + login_challenge: str, + +) -> Optional[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + This endpoint tells Ory that the subject has successfully authenticated and includes additional + information such as + the subject's ID and if Ory should remember the subject's subject agent for future authentication + attempts by setting + a cookie. + + The response contains a redirect URL which the login provider should redirect the user-agent to. + + Args: + login_challenge (str): + json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + return sync_detailed( + _client=_client, +json_body=json_body, +login_challenge=login_challenge, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest, + login_challenge: str, + +) -> Response[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + This endpoint tells Ory that the subject has successfully authenticated and includes additional + information such as + the subject's ID and if Ory should remember the subject's subject agent for future authentication + attempts by setting + a cookie. + + The response contains a redirect URL which the login provider should redirect the user-agent to. + + Args: + login_challenge (str): + json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, +login_challenge=login_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest, + login_challenge: str, + +) -> Optional[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + This endpoint tells Ory that the subject has successfully authenticated and includes additional + information such as + the subject's ID and if Ory should remember the subject's subject agent for future authentication + attempts by setting + a cookie. + + The response contains a redirect URL which the login provider should redirect the user-agent to. + + Args: + login_challenge (str): + json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + return (await asyncio_detailed( + _client=_client, +json_body=json_body, +login_challenge=login_challenge, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_logout_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_logout_request.py new file mode 100644 index 0000000..22b2873 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_logout_request.py @@ -0,0 +1,213 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from typing import Dict +from typing import cast + + + +def _get_kwargs( + *, + _client: Client, + logout_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/logout/accept".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["logout_challenge"] = logout_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20RedirectBrowserTo.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + logout_challenge: str, + +) -> Response[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Session Logout Request + + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this + endpoint is used to confirm that logout request. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + kwargs = _get_kwargs( + _client=_client, +logout_challenge=logout_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + logout_challenge: str, + +) -> Optional[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Session Logout Request + + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this + endpoint is used to confirm that logout request. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + return sync_detailed( + _client=_client, +logout_challenge=logout_challenge, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + logout_challenge: str, + +) -> Response[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Session Logout Request + + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this + endpoint is used to confirm that logout request. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + kwargs = _get_kwargs( + _client=_client, +logout_challenge=logout_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + logout_challenge: str, + +) -> Optional[OAuth20RedirectBrowserTo]: + """Accept OAuth 2.0 Session Logout Request + + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this + endpoint is used to confirm that logout request. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + return (await asyncio_detailed( + _client=_client, +logout_challenge=logout_challenge, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/create_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/create_o_auth_2_client.py new file mode 100644 index 0000000..24e3a31 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/create_o_auth_2_client.py @@ -0,0 +1,220 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Dict[str, Any]: + url = "{}/admin/clients".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "post", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]: + if response.status_code == HTTPStatus.CREATED: + response_201 = OAuth20Client.from_dict(response.json()) + + + + return response_201 + if response.status_code == HTTPStatus.BAD_REQUEST: + response_400 = cast(Any, None) + return response_400 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Create OAuth 2.0 Client + + Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random + secret + is generated. The secret is echoed in the response. It is not possible to retrieve it later on. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Create OAuth 2.0 Client + + Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random + secret + is generated. The secret is echoed in the response. It is not possible to retrieve it later on. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return sync_detailed( + _client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Create OAuth 2.0 Client + + Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random + secret + is generated. The secret is echoed in the response. It is not possible to retrieve it later on. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Create OAuth 2.0 Client + + Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random + secret + is generated. The secret is echoed in the response. It is not possible to retrieve it later on. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return (await asyncio_detailed( + _client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_client.py new file mode 100644 index 0000000..7084c28 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_client.py @@ -0,0 +1,145 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + id: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/clients/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete OAuth 2.0 Client + + Delete an existing OAuth 2.0 Client by its ID. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Make sure that this endpoint is well protected and only callable by first-party components. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + id: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete OAuth 2.0 Client + + Delete an existing OAuth 2.0 Client by its ID. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Make sure that this endpoint is well protected and only callable by first-party components. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_token.py new file mode 100644 index 0000000..3bc8cb2 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_token.py @@ -0,0 +1,140 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + *, + _client: Client, + client_id: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/tokens".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["client_id"] = client_id + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + client_id: str, + +) -> Response[Any]: + """Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client + + This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. + + Args: + client_id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +client_id=client_id, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + client_id: str, + +) -> Response[Any]: + """Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client + + This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. + + Args: + client_id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +client_id=client_id, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_trusted_o_auth_2_jwt_grant_issuer.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_trusted_o_auth_2_jwt_grant_issuer.py new file mode 100644 index 0000000..4552ec3 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_trusted_o_auth_2_jwt_grant_issuer.py @@ -0,0 +1,145 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + id: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/trust/grants/jwt-bearer/issuers/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete Trusted OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when + you + created the trust relationship. + + Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) + Profile + for OAuth 2.0 Client Authentication and Authorization Grant. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + id: str, + *, + _client: Client, + +) -> Response[Any]: + """Delete Trusted OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when + you + created the trust relationship. + + Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) + Profile + for OAuth 2.0 Client Authentication and Authorization Grant. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_client.py new file mode 100644 index 0000000..fb665cf --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_client.py @@ -0,0 +1,210 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + id: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/clients/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20Client]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20Client.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20Client]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + +) -> Response[OAuth20Client]: + """Get an OAuth 2.0 Client + + Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: Client, + +) -> Optional[OAuth20Client]: + """Get an OAuth 2.0 Client + + Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + return sync_detailed( + id=id, +_client=_client, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: Client, + +) -> Response[OAuth20Client]: + """Get an OAuth 2.0 Client + + Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: Client, + +) -> Optional[OAuth20Client]: + """Get an OAuth 2.0 Client + + Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_consent_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_consent_request.py new file mode 100644 index 0000000..618bd39 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_consent_request.py @@ -0,0 +1,268 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from ...models.contains_information_on_an_ongoing_consent_request import ContainsInformationOnAnOngoingConsentRequest +from typing import cast +from typing import Dict + + + +def _get_kwargs( + *, + _client: Client, + consent_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/consent".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["consent_challenge"] = consent_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]: + if response.status_code == HTTPStatus.OK: + response_200 = ContainsInformationOnAnOngoingConsentRequest.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.GONE: + response_410 = OAuth20RedirectBrowserTo.from_dict(response.json()) + + + + return response_410 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + consent_challenge: str, + +) -> Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]] + """ + + + kwargs = _get_kwargs( + _client=_client, +consent_challenge=consent_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + consent_challenge: str, + +) -> Optional[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]] + """ + + + return sync_detailed( + _client=_client, +consent_challenge=consent_challenge, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + consent_challenge: str, + +) -> Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]] + """ + + + kwargs = _get_kwargs( + _client=_client, +consent_challenge=consent_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + consent_challenge: str, + +) -> Optional[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]] + """ + + + return (await asyncio_detailed( + _client=_client, +consent_challenge=consent_challenge, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_login_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_login_request.py new file mode 100644 index 0000000..c85376a --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_login_request.py @@ -0,0 +1,256 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.contains_information_on_an_ongoing_login_request import ContainsInformationOnAnOngoingLoginRequest +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from typing import Dict +from typing import cast + + + +def _get_kwargs( + *, + _client: Client, + login_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/login".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["login_challenge"] = login_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]: + if response.status_code == HTTPStatus.OK: + response_200 = ContainsInformationOnAnOngoingLoginRequest.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.GONE: + response_410 = OAuth20RedirectBrowserTo.from_dict(response.json()) + + + + return response_410 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + login_challenge: str, + +) -> Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + Per default, the login provider is Ory itself. You may use a different login provider which needs to + be a web-app + you write and host, and it must be able to authenticate (\"show the subject a login screen\") + a subject (in OAuth2 the proper name for subject is \"resource owner\"). + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + Args: + login_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]] + """ + + + kwargs = _get_kwargs( + _client=_client, +login_challenge=login_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + login_challenge: str, + +) -> Optional[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + Per default, the login provider is Ory itself. You may use a different login provider which needs to + be a web-app + you write and host, and it must be able to authenticate (\"show the subject a login screen\") + a subject (in OAuth2 the proper name for subject is \"resource owner\"). + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + Args: + login_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]] + """ + + + return sync_detailed( + _client=_client, +login_challenge=login_challenge, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + login_challenge: str, + +) -> Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + Per default, the login provider is Ory itself. You may use a different login provider which needs to + be a web-app + you write and host, and it must be able to authenticate (\"show the subject a login screen\") + a subject (in OAuth2 the proper name for subject is \"resource owner\"). + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + Args: + login_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]] + """ + + + kwargs = _get_kwargs( + _client=_client, +login_challenge=login_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + login_challenge: str, + +) -> Optional[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Login Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + Per default, the login provider is Ory itself. You may use a different login provider which needs to + be a web-app + you write and host, and it must be able to authenticate (\"show the subject a login screen\") + a subject (in OAuth2 the proper name for subject is \"resource owner\"). + + The authentication challenge is appended to the login provider URL to which the subject's user-agent + (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject + the requested authentication process. + + Args: + login_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]] + """ + + + return (await asyncio_detailed( + _client=_client, +login_challenge=login_challenge, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_logout_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_logout_request.py new file mode 100644 index 0000000..e476c18 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_logout_request.py @@ -0,0 +1,208 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import cast +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from typing import Dict +from ...models.contains_information_about_an_ongoing_logout_request import ContainsInformationAboutAnOngoingLogoutRequest + + + +def _get_kwargs( + *, + _client: Client, + logout_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/logout".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["logout_challenge"] = logout_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]: + if response.status_code == HTTPStatus.OK: + response_200 = ContainsInformationAboutAnOngoingLogoutRequest.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.GONE: + response_410 = OAuth20RedirectBrowserTo.from_dict(response.json()) + + + + return response_410 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + logout_challenge: str, + +) -> Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Session Logout Request + + Use this endpoint to fetch an Ory OAuth 2.0 logout request. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]] + """ + + + kwargs = _get_kwargs( + _client=_client, +logout_challenge=logout_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + logout_challenge: str, + +) -> Optional[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Session Logout Request + + Use this endpoint to fetch an Ory OAuth 2.0 logout request. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]] + """ + + + return sync_detailed( + _client=_client, +logout_challenge=logout_challenge, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + logout_challenge: str, + +) -> Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Session Logout Request + + Use this endpoint to fetch an Ory OAuth 2.0 logout request. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]] + """ + + + kwargs = _get_kwargs( + _client=_client, +logout_challenge=logout_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + logout_challenge: str, + +) -> Optional[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]: + """Get OAuth 2.0 Session Logout Request + + Use this endpoint to fetch an Ory OAuth 2.0 logout request. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]] + """ + + + return (await asyncio_detailed( + _client=_client, +logout_challenge=logout_challenge, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_trusted_o_auth_2_jwt_grant_issuer.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_trusted_o_auth_2_jwt_grant_issuer.py new file mode 100644 index 0000000..3252590 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_trusted_o_auth_2_jwt_grant_issuer.py @@ -0,0 +1,198 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer + + + +def _get_kwargs( + id: str, + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/admin/trust/grants/jwt-bearer/issuers/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[TrustedOAuth2JwtGrantIssuer]: + if response.status_code == HTTPStatus.OK: + response_200 = TrustedOAuth2JwtGrantIssuer.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[TrustedOAuth2JwtGrantIssuer]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + +) -> Response[TrustedOAuth2JwtGrantIssuer]: + """Get Trusted OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you + created the trust relationship. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: Client, + +) -> Optional[TrustedOAuth2JwtGrantIssuer]: + """Get Trusted OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you + created the trust relationship. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + return sync_detailed( + id=id, +_client=_client, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: Client, + +) -> Response[TrustedOAuth2JwtGrantIssuer]: + """Get Trusted OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you + created the trust relationship. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: Client, + +) -> Optional[TrustedOAuth2JwtGrantIssuer]: + """Get Trusted OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you + created the trust relationship. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/introspect_o_auth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/introspect_o_auth_2_token.py new file mode 100644 index 0000000..1d53e6d --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/introspect_o_auth_2_token.py @@ -0,0 +1,200 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.introspected_o_auth_2_token import IntrospectedOAuth2Token +from ...models.introspect_o_auth_2_token_data import IntrospectOAuth2TokenData +from typing import cast +from typing import Dict + + + +def _get_kwargs( + *, + _client: Client, + form_data: IntrospectOAuth2TokenData, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/introspect".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "post", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "data": form_data.to_dict(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[IntrospectedOAuth2Token]: + if response.status_code == HTTPStatus.OK: + response_200 = IntrospectedOAuth2Token.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[IntrospectedOAuth2Token]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + form_data: IntrospectOAuth2TokenData, + +) -> Response[IntrospectedOAuth2Token]: + """Introspect OAuth2 Access and Refresh Tokens + + The introspection endpoint allows to check if a token (both refresh and access) is active or not. An + active token + is neither expired nor revoked. If a token is active, additional information on the token will be + included. You can + set additional data for a token by setting `session.access_token` during the consent flow. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[IntrospectedOAuth2Token] + """ + + + kwargs = _get_kwargs( + _client=_client, +form_data=form_data, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + form_data: IntrospectOAuth2TokenData, + +) -> Optional[IntrospectedOAuth2Token]: + """Introspect OAuth2 Access and Refresh Tokens + + The introspection endpoint allows to check if a token (both refresh and access) is active or not. An + active token + is neither expired nor revoked. If a token is active, additional information on the token will be + included. You can + set additional data for a token by setting `session.access_token` during the consent flow. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[IntrospectedOAuth2Token] + """ + + + return sync_detailed( + _client=_client, +form_data=form_data, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + form_data: IntrospectOAuth2TokenData, + +) -> Response[IntrospectedOAuth2Token]: + """Introspect OAuth2 Access and Refresh Tokens + + The introspection endpoint allows to check if a token (both refresh and access) is active or not. An + active token + is neither expired nor revoked. If a token is active, additional information on the token will be + included. You can + set additional data for a token by setting `session.access_token` during the consent flow. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[IntrospectedOAuth2Token] + """ + + + kwargs = _get_kwargs( + _client=_client, +form_data=form_data, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + form_data: IntrospectOAuth2TokenData, + +) -> Optional[IntrospectedOAuth2Token]: + """Introspect OAuth2 Access and Refresh Tokens + + The introspection endpoint allows to check if a token (both refresh and access) is active or not. An + active token + is neither expired nor revoked. If a token is active, additional information on the token will be + included. You can + set additional data for a token by setting `session.access_token` during the consent flow. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[IntrospectedOAuth2Token] + """ + + + return (await asyncio_detailed( + _client=_client, +form_data=form_data, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_clients.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_clients.py new file mode 100644 index 0000000..b911d17 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_clients.py @@ -0,0 +1,175 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...types import UNSET, Unset +from typing import Optional +from typing import Union + + + +def _get_kwargs( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + client_name: Union[Unset, None, str] = UNSET, + owner: Union[Unset, None, str] = UNSET, + +) -> Dict[str, Any]: + url = "{}/admin/clients".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["page_size"] = page_size + + + params["page_token"] = page_token + + + params["client_name"] = client_name + + + params["owner"] = owner + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.OK: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + client_name: Union[Unset, None, str] = UNSET, + owner: Union[Unset, None, str] = UNSET, + +) -> Response[Any]: + """List OAuth 2.0 Clients + + This endpoint lists all clients in the database, and never returns client secrets. + As a default it lists the first 100 clients. + + Args: + page_size (Union[Unset, None, int]): Default: 250. + page_token (Union[Unset, None, str]): Default: '1'. + client_name (Union[Unset, None, str]): + owner (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +page_size=page_size, +page_token=page_token, +client_name=client_name, +owner=owner, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + client_name: Union[Unset, None, str] = UNSET, + owner: Union[Unset, None, str] = UNSET, + +) -> Response[Any]: + """List OAuth 2.0 Clients + + This endpoint lists all clients in the database, and never returns client secrets. + As a default it lists the first 100 clients. + + Args: + page_size (Union[Unset, None, int]): Default: 250. + page_token (Union[Unset, None, str]): Default: '1'. + client_name (Union[Unset, None, str]): + owner (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +page_size=page_size, +page_token=page_token, +client_name=client_name, +owner=owner, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_consent_sessions.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_consent_sessions.py new file mode 100644 index 0000000..3736d0a --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_consent_sessions.py @@ -0,0 +1,266 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...types import UNSET, Unset +from typing import Optional +from typing import Union +from typing import cast +from typing import Dict +from ...models.o_auth_20_consent_session import OAuth20ConsentSession +from typing import cast, List + + + +def _get_kwargs( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + subject: str, + login_session_id: Union[Unset, None, str] = UNSET, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/sessions/consent".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["page_size"] = page_size + + + params["page_token"] = page_token + + + params["subject"] = subject + + + params["login_session_id"] = login_session_id + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[List['OAuth20ConsentSession']]: + if response.status_code == HTTPStatus.OK: + response_200 = [] + _response_200 = response.json() + for componentsschemaso_auth_2_consent_sessions_item_data in (_response_200): + componentsschemaso_auth_2_consent_sessions_item = OAuth20ConsentSession.from_dict(componentsschemaso_auth_2_consent_sessions_item_data) + + + + response_200.append(componentsschemaso_auth_2_consent_sessions_item) + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[List['OAuth20ConsentSession']]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + subject: str, + login_session_id: Union[Unset, None, str] = UNSET, + +) -> Response[List['OAuth20ConsentSession']]: + """List OAuth 2.0 Consent Sessions of a Subject + + This endpoint lists all subject's granted consent sessions, including client and granted scope. + If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an + empty JSON array with status code 200 OK. + + Args: + page_size (Union[Unset, None, int]): Default: 250. + page_token (Union[Unset, None, str]): Default: '1'. + subject (str): + login_session_id (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['OAuth20ConsentSession']] + """ + + + kwargs = _get_kwargs( + _client=_client, +page_size=page_size, +page_token=page_token, +subject=subject, +login_session_id=login_session_id, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + subject: str, + login_session_id: Union[Unset, None, str] = UNSET, + +) -> Optional[List['OAuth20ConsentSession']]: + """List OAuth 2.0 Consent Sessions of a Subject + + This endpoint lists all subject's granted consent sessions, including client and granted scope. + If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an + empty JSON array with status code 200 OK. + + Args: + page_size (Union[Unset, None, int]): Default: 250. + page_token (Union[Unset, None, str]): Default: '1'. + subject (str): + login_session_id (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['OAuth20ConsentSession']] + """ + + + return sync_detailed( + _client=_client, +page_size=page_size, +page_token=page_token, +subject=subject, +login_session_id=login_session_id, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + subject: str, + login_session_id: Union[Unset, None, str] = UNSET, + +) -> Response[List['OAuth20ConsentSession']]: + """List OAuth 2.0 Consent Sessions of a Subject + + This endpoint lists all subject's granted consent sessions, including client and granted scope. + If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an + empty JSON array with status code 200 OK. + + Args: + page_size (Union[Unset, None, int]): Default: 250. + page_token (Union[Unset, None, str]): Default: '1'. + subject (str): + login_session_id (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['OAuth20ConsentSession']] + """ + + + kwargs = _get_kwargs( + _client=_client, +page_size=page_size, +page_token=page_token, +subject=subject, +login_session_id=login_session_id, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + page_size: Union[Unset, None, int] = 250, + page_token: Union[Unset, None, str] = '1', + subject: str, + login_session_id: Union[Unset, None, str] = UNSET, + +) -> Optional[List['OAuth20ConsentSession']]: + """List OAuth 2.0 Consent Sessions of a Subject + + This endpoint lists all subject's granted consent sessions, including client and granted scope. + If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an + empty JSON array with status code 200 OK. + + Args: + page_size (Union[Unset, None, int]): Default: 250. + page_token (Union[Unset, None, str]): Default: '1'. + subject (str): + login_session_id (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['OAuth20ConsentSession']] + """ + + + return (await asyncio_detailed( + _client=_client, +page_size=page_size, +page_token=page_token, +subject=subject, +login_session_id=login_session_id, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_trusted_o_auth_2_jwt_grant_issuers.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_trusted_o_auth_2_jwt_grant_issuers.py new file mode 100644 index 0000000..b92f2fd --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_trusted_o_auth_2_jwt_grant_issuers.py @@ -0,0 +1,242 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...types import UNSET, Unset +from typing import Optional +from typing import Union +from typing import cast +from typing import Dict +from typing import cast, List +from ...models.trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer + + + +def _get_kwargs( + *, + _client: Client, + max_items: Union[Unset, None, int] = UNSET, + default_items: Union[Unset, None, int] = UNSET, + issuer: Union[Unset, None, str] = UNSET, + +) -> Dict[str, Any]: + url = "{}/admin/trust/grants/jwt-bearer/issuers".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["MaxItems"] = max_items + + + params["DefaultItems"] = default_items + + + params["issuer"] = issuer + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[List['TrustedOAuth2JwtGrantIssuer']]: + if response.status_code == HTTPStatus.OK: + response_200 = [] + _response_200 = response.json() + for componentsschemastrusted_o_auth_2_jwt_grant_issuers_item_data in (_response_200): + componentsschemastrusted_o_auth_2_jwt_grant_issuers_item = TrustedOAuth2JwtGrantIssuer.from_dict(componentsschemastrusted_o_auth_2_jwt_grant_issuers_item_data) + + + + response_200.append(componentsschemastrusted_o_auth_2_jwt_grant_issuers_item) + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[List['TrustedOAuth2JwtGrantIssuer']]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + max_items: Union[Unset, None, int] = UNSET, + default_items: Union[Unset, None, int] = UNSET, + issuer: Union[Unset, None, str] = UNSET, + +) -> Response[List['TrustedOAuth2JwtGrantIssuer']]: + """List Trusted OAuth2 JWT Bearer Grant Type Issuers + + Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. + + Args: + max_items (Union[Unset, None, int]): + default_items (Union[Unset, None, int]): + issuer (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['TrustedOAuth2JwtGrantIssuer']] + """ + + + kwargs = _get_kwargs( + _client=_client, +max_items=max_items, +default_items=default_items, +issuer=issuer, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + max_items: Union[Unset, None, int] = UNSET, + default_items: Union[Unset, None, int] = UNSET, + issuer: Union[Unset, None, str] = UNSET, + +) -> Optional[List['TrustedOAuth2JwtGrantIssuer']]: + """List Trusted OAuth2 JWT Bearer Grant Type Issuers + + Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. + + Args: + max_items (Union[Unset, None, int]): + default_items (Union[Unset, None, int]): + issuer (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['TrustedOAuth2JwtGrantIssuer']] + """ + + + return sync_detailed( + _client=_client, +max_items=max_items, +default_items=default_items, +issuer=issuer, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + max_items: Union[Unset, None, int] = UNSET, + default_items: Union[Unset, None, int] = UNSET, + issuer: Union[Unset, None, str] = UNSET, + +) -> Response[List['TrustedOAuth2JwtGrantIssuer']]: + """List Trusted OAuth2 JWT Bearer Grant Type Issuers + + Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. + + Args: + max_items (Union[Unset, None, int]): + default_items (Union[Unset, None, int]): + issuer (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['TrustedOAuth2JwtGrantIssuer']] + """ + + + kwargs = _get_kwargs( + _client=_client, +max_items=max_items, +default_items=default_items, +issuer=issuer, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + max_items: Union[Unset, None, int] = UNSET, + default_items: Union[Unset, None, int] = UNSET, + issuer: Union[Unset, None, str] = UNSET, + +) -> Optional[List['TrustedOAuth2JwtGrantIssuer']]: + """List Trusted OAuth2 JWT Bearer Grant Type Issuers + + Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. + + Args: + max_items (Union[Unset, None, int]): + default_items (Union[Unset, None, int]): + issuer (Union[Unset, None, str]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[List['TrustedOAuth2JwtGrantIssuer']] + """ + + + return (await asyncio_detailed( + _client=_client, +max_items=max_items, +default_items=default_items, +issuer=issuer, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/o_auth_2_authorize.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/o_auth_2_authorize.py new file mode 100644 index 0000000..3245c2d --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/o_auth_2_authorize.py @@ -0,0 +1,128 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/oauth2/auth".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.FOUND: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + +) -> Response[Any]: + """OAuth 2.0 Authorize Endpoint + + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries at https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + +) -> Response[Any]: + """OAuth 2.0 Authorize Endpoint + + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries at https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/oauth_2_token_exchange.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/oauth_2_token_exchange.py new file mode 100644 index 0000000..9b8167c --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/oauth_2_token_exchange.py @@ -0,0 +1,200 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.o_auth_2_token_exchange import OAuth2TokenExchange +from typing import Dict +from typing import cast +from ...models.oauth_2_token_exchange_data import Oauth2TokenExchangeData + + + +def _get_kwargs( + *, + _client: AuthenticatedClient, + form_data: Oauth2TokenExchangeData, + +) -> Dict[str, Any]: + url = "{}/oauth2/token".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "post", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "data": form_data.to_dict(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth2TokenExchange]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth2TokenExchange.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth2TokenExchange]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: AuthenticatedClient, + form_data: Oauth2TokenExchangeData, + +) -> Response[OAuth2TokenExchange]: + """The OAuth 2.0 Token Endpoint + + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries here + https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth2TokenExchange] + """ + + + kwargs = _get_kwargs( + _client=_client, +form_data=form_data, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: AuthenticatedClient, + form_data: Oauth2TokenExchangeData, + +) -> Optional[OAuth2TokenExchange]: + """The OAuth 2.0 Token Endpoint + + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries here + https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth2TokenExchange] + """ + + + return sync_detailed( + _client=_client, +form_data=form_data, + + ).parsed + +async def asyncio_detailed( + *, + _client: AuthenticatedClient, + form_data: Oauth2TokenExchangeData, + +) -> Response[OAuth2TokenExchange]: + """The OAuth 2.0 Token Endpoint + + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries here + https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth2TokenExchange] + """ + + + kwargs = _get_kwargs( + _client=_client, +form_data=form_data, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: AuthenticatedClient, + form_data: Oauth2TokenExchangeData, + +) -> Optional[OAuth2TokenExchange]: + """The OAuth 2.0 Token Endpoint + + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries here + https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth2TokenExchange] + """ + + + return (await asyncio_detailed( + _client=_client, +form_data=form_data, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/patch_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/patch_o_auth_2_client.py new file mode 100644 index 0000000..21a418b --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/patch_o_auth_2_client.py @@ -0,0 +1,246 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import cast +from ...models.o_auth_20_client import OAuth20Client +from typing import Dict +from ...models.json_patch import JsonPatch +from typing import cast, List + + + +def _get_kwargs( + id: str, + *, + _client: Client, + json_body: List['JsonPatch'], + +) -> Dict[str, Any]: + url = "{}/admin/clients/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = [] + for componentsschemasjson_patch_document_item_data in json_body: + componentsschemasjson_patch_document_item = componentsschemasjson_patch_document_item_data.to_dict() + + json_json_body.append(componentsschemasjson_patch_document_item) + + + + + + + + + return { + "method": "patch", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20Client.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.NOT_FOUND: + response_404 = cast(Any, None) + return response_404 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + json_body: List['JsonPatch'], + +) -> Response[Union[Any, OAuth20Client]]: + """Patch OAuth 2.0 Client + + Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` + the secret will be updated and returned via the API. This is the + only time you will be able to retrieve the client secret, so write it down and keep it safe. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (List['JsonPatch']): A JSONPatchDocument request + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: Client, + json_body: List['JsonPatch'], + +) -> Optional[Union[Any, OAuth20Client]]: + """Patch OAuth 2.0 Client + + Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` + the secret will be updated and returned via the API. This is the + only time you will be able to retrieve the client secret, so write it down and keep it safe. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (List['JsonPatch']): A JSONPatchDocument request + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return sync_detailed( + id=id, +_client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: Client, + json_body: List['JsonPatch'], + +) -> Response[Union[Any, OAuth20Client]]: + """Patch OAuth 2.0 Client + + Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` + the secret will be updated and returned via the API. This is the + only time you will be able to retrieve the client secret, so write it down and keep it safe. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (List['JsonPatch']): A JSONPatchDocument request + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: Client, + json_body: List['JsonPatch'], + +) -> Optional[Union[Any, OAuth20Client]]: + """Patch OAuth 2.0 Client + + Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` + the secret will be updated and returned via the API. This is the + only time you will be able to retrieve the client secret, so write it down and keep it safe. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (List['JsonPatch']): A JSONPatchDocument request + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_consent_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_consent_request.py new file mode 100644 index 0000000..dcbd02c --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_consent_request.py @@ -0,0 +1,302 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from typing import Dict +from ...models.the_request_payload_used_to_accept_a_login_or_consent_request import TheRequestPayloadUsedToAcceptALoginOrConsentRequest +from typing import cast + + + +def _get_kwargs( + *, + _client: Client, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, + consent_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/consent/reject".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["consent_challenge"] = consent_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20RedirectBrowserTo.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, + consent_challenge: str, + +) -> Response[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources + on his/her behalf. + The consent provider must include a reason why the consent was not granted. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, +consent_challenge=consent_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, + consent_challenge: str, + +) -> Optional[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources + on his/her behalf. + The consent provider must include a reason why the consent was not granted. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + return sync_detailed( + _client=_client, +json_body=json_body, +consent_challenge=consent_challenge, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, + consent_challenge: str, + +) -> Response[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources + on his/her behalf. + The consent provider must include a reason why the consent was not granted. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, +consent_challenge=consent_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, + consent_challenge: str, + +) -> Optional[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Consent Request + + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she + must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the + subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent + (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the + subject accepted + or rejected the request. + + This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources + on his/her behalf. + The consent provider must include a reason why the consent was not granted. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + The default consent provider is available via the Ory Managed Account Experience. To customize the + consent provider, please + head over to the OAuth 2.0 documentation. + + Args: + consent_challenge (str): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20RedirectBrowserTo] + """ + + + return (await asyncio_detailed( + _client=_client, +json_body=json_body, +consent_challenge=consent_challenge, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_login_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_login_request.py similarity index 50% rename from libs/ory-hydra-client/ory_hydra_client/api/admin/reject_login_request.py rename to libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_login_request.py index 4857925..ac33f31 100644 --- a/libs/ory-hydra-client/ory_hydra_client/api/admin/reject_login_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_login_request.py @@ -1,26 +1,27 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors +from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo from typing import Dict +from ...models.the_request_payload_used_to_accept_a_login_or_consent_request import TheRequestPayloadUsedToAcceptALoginOrConsentRequest from typing import cast -from ...models.reject_request import RejectRequest -from ...models.completed_request import CompletedRequest -from ...models.generic_error import GenericError def _get_kwargs( *, _client: Client, - json_body: RejectRequest, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, login_challenge: str, ) -> Dict[str, Any]: - url = "{}/oauth2/auth/requests/login/reject".format( + url = "{}/admin/oauth2/auth/requests/login/reject".format( _client.base_url) headers: Dict[str, str] = _client.get_headers() @@ -55,83 +56,62 @@ def _get_kwargs( } -def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]: if response.status_code == HTTPStatus.OK: - response_200 = CompletedRequest.from_dict(response.json()) + response_200 = OAuth20RedirectBrowserTo.from_dict(response.json()) return response_200 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None - - return response_400 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.NOT_FOUND: - response_404 = GenericError.from_dict(response.json()) - - - - return response_404 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - parsed=_parse_response(response=response), + parsed=_parse_response(client=client, response=response), ) def sync_detailed( *, _client: Client, - json_body: RejectRequest, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, login_challenge: str, -) -> Response[Union[CompletedRequest, GenericError]]: - """Reject a Login Request +) -> Response[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Login Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the + This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication - was be denied. + was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. Args: login_challenge (str): - json_body (RejectRequest): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ @@ -147,42 +127,42 @@ login_challenge=login_challenge, **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) def sync( *, _client: Client, - json_body: RejectRequest, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, login_challenge: str, -) -> Optional[Union[CompletedRequest, GenericError]]: - """Reject a Login Request +) -> Optional[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Login Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the + This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication - was be denied. + was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. Args: login_challenge (str): - json_body (RejectRequest): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ @@ -196,37 +176,37 @@ login_challenge=login_challenge, async def asyncio_detailed( *, _client: Client, - json_body: RejectRequest, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, login_challenge: str, -) -> Response[Union[CompletedRequest, GenericError]]: - """Reject a Login Request +) -> Response[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Login Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the + This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication - was be denied. + was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. Args: login_challenge (str): - json_body (RejectRequest): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ @@ -242,42 +222,42 @@ login_challenge=login_challenge, **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) async def asyncio( *, _client: Client, - json_body: RejectRequest, + json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest, login_challenge: str, -) -> Optional[Union[CompletedRequest, GenericError]]: - """Reject a Login Request +) -> Optional[OAuth20RedirectBrowserTo]: + """Reject OAuth 2.0 Login Request - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the - login provider - (sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now - about it. The login - provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a - login screen\") - a subject (in OAuth2 the proper name for subject is \"resource owner\"). + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login + provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the + This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication - was be denied. + was denied. The response contains a redirect URL which the login provider should redirect the user-agent to. Args: login_challenge (str): - json_body (RejectRequest): + json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. Returns: - Response[Union[CompletedRequest, GenericError]] + Response[OAuth20RedirectBrowserTo] """ diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_logout_request.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_logout_request.py new file mode 100644 index 0000000..69317ee --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_logout_request.py @@ -0,0 +1,148 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + *, + _client: Client, + logout_challenge: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/requests/logout/reject".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["logout_challenge"] = logout_challenge + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + logout_challenge: str, + +) -> Response[Any]: + """Reject OAuth 2.0 Session Logout Request + + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this + endpoint is used to deny that logout request. + No HTTP request body is required. + + The response is empty as the logout provider has to chose what action to perform next. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +logout_challenge=logout_challenge, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + logout_challenge: str, + +) -> Response[Any]: + """Reject OAuth 2.0 Session Logout Request + + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this + endpoint is used to deny that logout request. + No HTTP request body is required. + + The response is empty as the logout provider has to chose what action to perform next. + + Args: + logout_challenge (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +logout_challenge=logout_challenge, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_consent_sessions.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_consent_sessions.py new file mode 100644 index 0000000..1ff6772 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_consent_sessions.py @@ -0,0 +1,167 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...types import UNSET, Unset +from typing import Optional +from typing import Union + + + +def _get_kwargs( + *, + _client: Client, + subject: str, + client: Union[Unset, None, str] = UNSET, + all_: Union[Unset, None, bool] = UNSET, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/sessions/consent".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["subject"] = subject + + + params["client"] = client + + + params["all"] = all_ + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + subject: str, + client: Union[Unset, None, str] = UNSET, + all_: Union[Unset, None, bool] = UNSET, + +) -> Response[Any]: + """Revoke OAuth 2.0 Consent Sessions of a Subject + + This endpoint revokes a subject's granted consent sessions and invalidates all + associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 + Client ID. + + Args: + subject (str): + client (Union[Unset, None, str]): + all_ (Union[Unset, None, bool]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +subject=subject, +client=client, +all_=all_, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + subject: str, + client: Union[Unset, None, str] = UNSET, + all_: Union[Unset, None, bool] = UNSET, + +) -> Response[Any]: + """Revoke OAuth 2.0 Consent Sessions of a Subject + + This endpoint revokes a subject's granted consent sessions and invalidates all + associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 + Client ID. + + Args: + subject (str): + client (Union[Unset, None, str]): + all_ (Union[Unset, None, bool]): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +subject=subject, +client=client, +all_=all_, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_login_sessions.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_login_sessions.py new file mode 100644 index 0000000..c9046c6 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_login_sessions.py @@ -0,0 +1,146 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + *, + _client: Client, + subject: str, + +) -> Dict[str, Any]: + url = "{}/admin/oauth2/auth/sessions/login".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + params: Dict[str, Any] = {} + params["subject"] = subject + + + + params = {k: v for k, v in params.items() if v is not UNSET and v is not None} + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "params": params, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + subject: str, + +) -> Response[Any]: + """Revokes All OAuth 2.0 Login Sessions of a Subject + + This endpoint invalidates a subject's authentication session. After revoking the authentication + session, the subject + has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and + does not work with OpenID Connect Front- or Back-channel logout. + + Args: + subject (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +subject=subject, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + subject: str, + +) -> Response[Any]: + """Revokes All OAuth 2.0 Login Sessions of a Subject + + This endpoint invalidates a subject's authentication session. After revoking the authentication + session, the subject + has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and + does not work with OpenID Connect Front- or Back-channel logout. + + Args: + subject (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +subject=subject, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_token.py new file mode 100644 index 0000000..2a93b6b --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_token.py @@ -0,0 +1,143 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.revoke_o_auth_2_token_data import RevokeOAuth2TokenData +from typing import Dict +from typing import cast + + + +def _get_kwargs( + *, + _client: AuthenticatedClient, + form_data: RevokeOAuth2TokenData, + +) -> Dict[str, Any]: + url = "{}/oauth2/revoke".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "post", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "data": form_data.to_dict(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.OK: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: AuthenticatedClient, + form_data: RevokeOAuth2TokenData, + +) -> Response[Any]: + """Revoke OAuth 2.0 Access or Refresh Token + + Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access + token can no + longer be used to make access requests, and a revoked refresh token can no longer be used to refresh + an access token. + Revoking a refresh token also invalidates the access token that was created with it. A token may + only be revoked by + the client the token was generated for. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +form_data=form_data, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: AuthenticatedClient, + form_data: RevokeOAuth2TokenData, + +) -> Response[Any]: + """Revoke OAuth 2.0 Access or Refresh Token + + Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access + token can no + longer be used to make access requests, and a revoked refresh token can no longer be used to refresh + an access token. + Revoking a refresh token also invalidates the access token that was created with it. A token may + only be revoked by + the client the token was generated for. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, +form_data=form_data, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client.py new file mode 100644 index 0000000..a739d1e --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client.py @@ -0,0 +1,260 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + id: str, + *, + _client: Client, + json_body: OAuth20Client, + +) -> Dict[str, Any]: + url = "{}/admin/clients/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20Client.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.BAD_REQUEST: + response_400 = cast(Any, None) + return response_400 + if response.status_code == HTTPStatus.NOT_FOUND: + response_404 = cast(Any, None) + return response_404 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Set OAuth 2.0 Client + + Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the + secret is used, + otherwise the existing secret is used. + + If set, the secret is echoed in the response. It is not possible to retrieve it later on. + + OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: Client, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Set OAuth 2.0 Client + + Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the + secret is used, + otherwise the existing secret is used. + + If set, the secret is echoed in the response. It is not possible to retrieve it later on. + + OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return sync_detailed( + id=id, +_client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: Client, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Set OAuth 2.0 Client + + Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the + secret is used, + otherwise the existing secret is used. + + If set, the secret is echoed in the response. It is not possible to retrieve it later on. + + OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: Client, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Set OAuth 2.0 Client + + Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the + secret is used, + otherwise the existing secret is used. + + If set, the secret is echoed in the response. It is not possible to retrieve it later on. + + OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client_lifespans.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client_lifespans.py new file mode 100644 index 0000000..3a8fb74 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client_lifespans.py @@ -0,0 +1,219 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from ...models.o_auth_20_client_token_lifespans import OAuth20ClientTokenLifespans +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + id: str, + *, + _client: Client, + json_body: OAuth20ClientTokenLifespans, + +) -> Dict[str, Any]: + url = "{}/admin/clients/{id}/lifespans".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20Client]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20Client.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20Client]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: Client, + json_body: OAuth20ClientTokenLifespans, + +) -> Response[OAuth20Client]: + """Set OAuth2 Client Token Lifespans + + Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other + fields. + + Args: + id (str): + json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for + this OAuth 2.0 Client. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: Client, + json_body: OAuth20ClientTokenLifespans, + +) -> Optional[OAuth20Client]: + """Set OAuth2 Client Token Lifespans + + Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other + fields. + + Args: + id (str): + json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for + this OAuth 2.0 Client. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + return sync_detailed( + id=id, +_client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: Client, + json_body: OAuth20ClientTokenLifespans, + +) -> Response[OAuth20Client]: + """Set OAuth2 Client Token Lifespans + + Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other + fields. + + Args: + id (str): + json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for + this OAuth 2.0 Client. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: Client, + json_body: OAuth20ClientTokenLifespans, + +) -> Optional[OAuth20Client]: + """Set OAuth2 Client Token Lifespans + + Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other + fields. + + Args: + id (str): + json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for + this OAuth 2.0 Client. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/trust_o_auth_2_jwt_grant_issuer.py b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/trust_o_auth_2_jwt_grant_issuer.py new file mode 100644 index 0000000..6a1d0e2 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/trust_o_auth_2_jwt_grant_issuer.py @@ -0,0 +1,210 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer +from typing import Dict +from typing import cast +from ...models.trust_o_auth_2_jwt_grant_issuer import TrustOAuth2JwtGrantIssuer + + + +def _get_kwargs( + *, + _client: Client, + json_body: TrustOAuth2JwtGrantIssuer, + +) -> Dict[str, Any]: + url = "{}/admin/trust/grants/jwt-bearer/issuers".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "post", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[TrustedOAuth2JwtGrantIssuer]: + if response.status_code == HTTPStatus.CREATED: + response_201 = TrustedOAuth2JwtGrantIssuer.from_dict(response.json()) + + + + return response_201 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[TrustedOAuth2JwtGrantIssuer]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + json_body: TrustOAuth2JwtGrantIssuer, + +) -> Response[TrustedOAuth2JwtGrantIssuer]: + """Trust OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to establish a trust relationship for a JWT issuer + to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication + and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). + + Args: + json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request + Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + json_body: TrustOAuth2JwtGrantIssuer, + +) -> Optional[TrustedOAuth2JwtGrantIssuer]: + """Trust OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to establish a trust relationship for a JWT issuer + to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication + and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). + + Args: + json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request + Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + return sync_detailed( + _client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + json_body: TrustOAuth2JwtGrantIssuer, + +) -> Response[TrustedOAuth2JwtGrantIssuer]: + """Trust OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to establish a trust relationship for a JWT issuer + to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication + and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). + + Args: + json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request + Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + json_body: TrustOAuth2JwtGrantIssuer, + +) -> Optional[TrustedOAuth2JwtGrantIssuer]: + """Trust OAuth2 JWT Bearer Grant Type Issuer + + Use this endpoint to establish a trust relationship for a JWT issuer + to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication + and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). + + Args: + json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request + Body + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[TrustedOAuth2JwtGrantIssuer] + """ + + + return (await asyncio_detailed( + _client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/__init__.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/create_oidc_dynamic_client.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/create_oidc_dynamic_client.py new file mode 100644 index 0000000..48eea42 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/create_oidc_dynamic_client.py @@ -0,0 +1,272 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Dict[str, Any]: + url = "{}/oauth2/register".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "post", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]: + if response.status_code == HTTPStatus.CREATED: + response_201 = OAuth20Client.from_dict(response.json()) + + + + return response_201 + if response.status_code == HTTPStatus.BAD_REQUEST: + response_400 = cast(Any, None) + return response_400 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Register OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This + endpoint + is disabled by default. It can be enabled by an administrator. + + Please note that using this endpoint you are not able to choose the `client_secret` nor the + `client_id` as those + values will be server generated when specifying `token_endpoint_auth_method` as + `client_secret_basic` or + `client_secret_post`. + + The `client_secret` will be returned in the response and you will not be able to retrieve it later + on. + Write the secret down and keep it somewhere safe. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Register OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This + endpoint + is disabled by default. It can be enabled by an administrator. + + Please note that using this endpoint you are not able to choose the `client_secret` nor the + `client_id` as those + values will be server generated when specifying `token_endpoint_auth_method` as + `client_secret_basic` or + `client_secret_post`. + + The `client_secret` will be returned in the response and you will not be able to retrieve it later + on. + Write the secret down and keep it somewhere safe. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return sync_detailed( + _client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Register OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This + endpoint + is disabled by default. It can be enabled by an administrator. + + Please note that using this endpoint you are not able to choose the `client_secret` nor the + `client_id` as those + values will be server generated when specifying `token_endpoint_auth_method` as + `client_secret_basic` or + `client_secret_post`. + + The `client_secret` will be returned in the response and you will not be able to retrieve it later + on. + Write the secret down and keep it somewhere safe. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + _client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Register OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This + endpoint + is disabled by default. It can be enabled by an administrator. + + Please note that using this endpoint you are not able to choose the `client_secret` nor the + `client_id` as those + values will be server generated when specifying `token_endpoint_auth_method` as + `client_secret_basic` or + `client_secret_post`. + + The `client_secret` will be returned in the response and you will not be able to retrieve it later + on. + Write the secret down and keep it somewhere safe. + + Args: + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return (await asyncio_detailed( + _client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/delete_oidc_dynamic_client.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/delete_oidc_dynamic_client.py new file mode 100644 index 0000000..c650663 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/delete_oidc_dynamic_client.py @@ -0,0 +1,165 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + id: str, + *, + _client: AuthenticatedClient, + +) -> Dict[str, Any]: + url = "{}/oauth2/register/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "delete", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.NO_CONTENT: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: AuthenticatedClient, + +) -> Response[Any]: + """Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol + + This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This + endpoint + is disabled by default. It can be enabled by an administrator. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + id: str, + *, + _client: AuthenticatedClient, + +) -> Response[Any]: + """Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol + + This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This + endpoint + is disabled by default. It can be enabled by an administrator. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/discover_oidc_configuration.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/discover_oidc_configuration.py new file mode 100644 index 0000000..fec4ebd --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/discover_oidc_configuration.py @@ -0,0 +1,193 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.open_id_connect_discovery_metadata import OpenIDConnectDiscoveryMetadata +from typing import cast +from typing import Dict + + + +def _get_kwargs( + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/.well-known/openid-configuration".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OpenIDConnectDiscoveryMetadata]: + if response.status_code == HTTPStatus.OK: + response_200 = OpenIDConnectDiscoveryMetadata.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OpenIDConnectDiscoveryMetadata]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + +) -> Response[OpenIDConnectDiscoveryMetadata]: + """OpenID Connect Discovery + + A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and + obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. + + Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), + and others. + For a full list of clients go here: https://openid.net/developers/certified/ + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OpenIDConnectDiscoveryMetadata] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + +) -> Optional[OpenIDConnectDiscoveryMetadata]: + """OpenID Connect Discovery + + A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and + obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. + + Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), + and others. + For a full list of clients go here: https://openid.net/developers/certified/ + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OpenIDConnectDiscoveryMetadata] + """ + + + return sync_detailed( + _client=_client, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + +) -> Response[OpenIDConnectDiscoveryMetadata]: + """OpenID Connect Discovery + + A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and + obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. + + Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), + and others. + For a full list of clients go here: https://openid.net/developers/certified/ + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OpenIDConnectDiscoveryMetadata] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + +) -> Optional[OpenIDConnectDiscoveryMetadata]: + """OpenID Connect Discovery + + A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and + obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. + + Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), + and others. + For a full list of clients go here: https://openid.net/developers/certified/ + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OpenIDConnectDiscoveryMetadata] + """ + + + return (await asyncio_detailed( + _client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_dynamic_client.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_dynamic_client.py new file mode 100644 index 0000000..bc0f475 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_dynamic_client.py @@ -0,0 +1,234 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + id: str, + *, + _client: AuthenticatedClient, + +) -> Dict[str, Any]: + url = "{}/oauth2/register/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20Client]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20Client.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20Client]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: AuthenticatedClient, + +) -> Response[OAuth20Client]: + """Get OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: AuthenticatedClient, + +) -> Optional[OAuth20Client]: + """Get OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + return sync_detailed( + id=id, +_client=_client, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: AuthenticatedClient, + +) -> Response[OAuth20Client]: + """Get OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: AuthenticatedClient, + +) -> Optional[OAuth20Client]: + """Get OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of + facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + Args: + id (str): + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OAuth20Client] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_user_info.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_user_info.py new file mode 100644 index 0000000..9baa610 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_user_info.py @@ -0,0 +1,197 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from ...models.oidc_user_info import OidcUserInfo +from typing import Dict +from typing import cast + + + +def _get_kwargs( + *, + _client: AuthenticatedClient, + +) -> Dict[str, Any]: + url = "{}/userinfo".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OidcUserInfo]: + if response.status_code == HTTPStatus.OK: + response_200 = OidcUserInfo.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[OidcUserInfo]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: AuthenticatedClient, + +) -> Response[OidcUserInfo]: + """OpenID Connect Userinfo + + This endpoint returns the payload of the ID Token, including `session.id_token` values, of + the provided OAuth 2.0 Access Token's consent request. + + In the case of authentication error, a WWW-Authenticate header might be set in the response + with more information about the error. See [the + spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) + for more details about header format. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OidcUserInfo] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: AuthenticatedClient, + +) -> Optional[OidcUserInfo]: + """OpenID Connect Userinfo + + This endpoint returns the payload of the ID Token, including `session.id_token` values, of + the provided OAuth 2.0 Access Token's consent request. + + In the case of authentication error, a WWW-Authenticate header might be set in the response + with more information about the error. See [the + spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) + for more details about header format. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OidcUserInfo] + """ + + + return sync_detailed( + _client=_client, + + ).parsed + +async def asyncio_detailed( + *, + _client: AuthenticatedClient, + +) -> Response[OidcUserInfo]: + """OpenID Connect Userinfo + + This endpoint returns the payload of the ID Token, including `session.id_token` values, of + the provided OAuth 2.0 Access Token's consent request. + + In the case of authentication error, a WWW-Authenticate header might be set in the response + with more information about the error. See [the + spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) + for more details about header format. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OidcUserInfo] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: AuthenticatedClient, + +) -> Optional[OidcUserInfo]: + """OpenID Connect Userinfo + + This endpoint returns the payload of the ID Token, including `session.id_token` values, of + the provided OAuth 2.0 Access Token's consent request. + + In the case of authentication error, a WWW-Authenticate header might be set in the response + with more information about the error. See [the + spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) + for more details about header format. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[OidcUserInfo] + """ + + + return (await asyncio_detailed( + _client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/revoke_oidc_session.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/revoke_oidc_session.py new file mode 100644 index 0000000..fadbf90 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/revoke_oidc_session.py @@ -0,0 +1,134 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + + + + +def _get_kwargs( + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/oauth2/sessions/logout".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]: + if response.status_code == HTTPStatus.FOUND: + return None + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + +) -> Response[Any]: + """OpenID Connect Front- and Back-channel Enabled Logout + + This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates + OpenID Connect Front- / Back-channel logout: + + https://openid.net/specs/openid-connect-frontchannel-1_0.html + https://openid.net/specs/openid-connect-backchannel-1_0.html + + Back-channel logout is performed asynchronously and does not affect logout flow. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + + +async def asyncio_detailed( + *, + _client: Client, + +) -> Response[Any]: + """OpenID Connect Front- and Back-channel Enabled Logout + + This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates + OpenID Connect Front- / Back-channel logout: + + https://openid.net/specs/openid-connect-frontchannel-1_0.html + https://openid.net/specs/openid-connect-backchannel-1_0.html + + Back-channel logout is performed asynchronously and does not affect logout flow. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Any] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/oidc/set_oidc_dynamic_client.py b/libs/ory-hydra-client/ory_hydra_client/api/oidc/set_oidc_dynamic_client.py new file mode 100644 index 0000000..766a637 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/oidc/set_oidc_dynamic_client.py @@ -0,0 +1,305 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import Dict +from typing import cast +from ...models.o_auth_20_client import OAuth20Client + + + +def _get_kwargs( + id: str, + *, + _client: AuthenticatedClient, + json_body: OAuth20Client, + +) -> Dict[str, Any]: + url = "{}/oauth2/register/{id}".format( + _client.base_url,id=id) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + json_json_body = json_body.to_dict() + + + + + + return { + "method": "put", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + "json": json_json_body, + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]: + if response.status_code == HTTPStatus.OK: + response_200 = OAuth20Client.from_dict(response.json()) + + + + return response_200 + if response.status_code == HTTPStatus.NOT_FOUND: + response_404 = cast(Any, None) + return response_404 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + id: str, + *, + _client: AuthenticatedClient, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Set OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of + facing the + public internet directly to be used by third parties. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + This feature is disabled per default. It can be enabled by a system administrator. + + If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the + secret is echoed in the response. + It is not possible to retrieve it later on. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + id: str, + *, + _client: AuthenticatedClient, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Set OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of + facing the + public internet directly to be used by third parties. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + This feature is disabled per default. It can be enabled by a system administrator. + + If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the + secret is echoed in the response. + It is not possible to retrieve it later on. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return sync_detailed( + id=id, +_client=_client, +json_body=json_body, + + ).parsed + +async def asyncio_detailed( + id: str, + *, + _client: AuthenticatedClient, + json_body: OAuth20Client, + +) -> Response[Union[Any, OAuth20Client]]: + """Set OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of + facing the + public internet directly to be used by third parties. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + This feature is disabled per default. It can be enabled by a system administrator. + + If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the + secret is echoed in the response. + It is not possible to retrieve it later on. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + kwargs = _get_kwargs( + id=id, +_client=_client, +json_body=json_body, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + id: str, + *, + _client: AuthenticatedClient, + json_body: OAuth20Client, + +) -> Optional[Union[Any, OAuth20Client]]: + """Set OAuth2 Client using OpenID Dynamic Client Registration + + This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of + facing the + public internet directly to be used by third parties. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + This feature is disabled per default. It can be enabled by a system administrator. + + If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the + secret is echoed in the response. + It is not possible to retrieve it later on. + + To use this endpoint, you will need to present the client's authentication credentials. If the + OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client + secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization + header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients + are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Args: + id (str): + json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID + Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect + capabilities. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[Union[Any, OAuth20Client]] + """ + + + return (await asyncio_detailed( + id=id, +_client=_client, +json_body=json_body, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/disconnect_user.py b/libs/ory-hydra-client/ory_hydra_client/api/public/disconnect_user.py deleted file mode 100644 index 0ac5083..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/disconnect_user.py +++ /dev/null @@ -1,113 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/oauth2/sessions/logout".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - - - -def _build_response(*, response: httpx.Response) -> Response[Any]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=None, - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Any]: - """OpenID Connect Front-Backchannel Enabled Logout - - This endpoint initiates and completes user logout at ORY Hydra and initiates OpenID Connect - Front-/Back-channel logout: - - https://openid.net/specs/openid-connect-frontchannel-1_0.html - https://openid.net/specs/openid-connect-backchannel-1_0.html - - Returns: - Response[Any] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Any]: - """OpenID Connect Front-Backchannel Enabled Logout - - This endpoint initiates and completes user logout at ORY Hydra and initiates OpenID Connect - Front-/Back-channel logout: - - https://openid.net/specs/openid-connect-frontchannel-1_0.html - https://openid.net/specs/openid-connect-backchannel-1_0.html - - Returns: - Response[Any] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/discover_open_id_configuration.py b/libs/ory-hydra-client/ory_hydra_client/api/public/discover_open_id_configuration.py deleted file mode 100644 index 0c521c4..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/discover_open_id_configuration.py +++ /dev/null @@ -1,197 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import Dict -from typing import cast -from ...models.well_known import WellKnown - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/.well-known/openid-configuration".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, WellKnown]]: - if response.status_code == HTTPStatus.OK: - response_200 = WellKnown.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, WellKnown]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Union[GenericError, WellKnown]]: - """OpenID Connect Discovery - - The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage - you to not roll - your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn - more on this - flow at https://openid.net/specs/openid-connect-discovery-1_0.html . - - Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), - and others. - For a full list of clients go here: https://openid.net/developers/certified/ - - Returns: - Response[Union[GenericError, WellKnown]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - -) -> Optional[Union[GenericError, WellKnown]]: - """OpenID Connect Discovery - - The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage - you to not roll - your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn - more on this - flow at https://openid.net/specs/openid-connect-discovery-1_0.html . - - Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), - and others. - For a full list of clients go here: https://openid.net/developers/certified/ - - Returns: - Response[Union[GenericError, WellKnown]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Union[GenericError, WellKnown]]: - """OpenID Connect Discovery - - The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage - you to not roll - your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn - more on this - flow at https://openid.net/specs/openid-connect-discovery-1_0.html . - - Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), - and others. - For a full list of clients go here: https://openid.net/developers/certified/ - - Returns: - Response[Union[GenericError, WellKnown]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - -) -> Optional[Union[GenericError, WellKnown]]: - """OpenID Connect Discovery - - The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage - you to not roll - your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn - more on this - flow at https://openid.net/specs/openid-connect-discovery-1_0.html . - - Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), - and others. - For a full list of clients go here: https://openid.net/developers/certified/ - - Returns: - Response[Union[GenericError, WellKnown]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/oauth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/public/oauth_2_token.py deleted file mode 100644 index e0a5a91..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/oauth_2_token.py +++ /dev/null @@ -1,208 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from typing import Dict -from ...models.oauth_2_token_response import Oauth2TokenResponse -from typing import cast -from ...models.oauth_2_token_data import Oauth2TokenData -from ...models.generic_error import GenericError - - - -def _get_kwargs( - *, - _client: AuthenticatedClient, - -) -> Dict[str, Any]: - url = "{}/oauth2/token".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "post", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, Oauth2TokenResponse]]: - if response.status_code == HTTPStatus.OK: - response_200 = Oauth2TokenResponse.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.BAD_REQUEST: - response_400 = GenericError.from_dict(response.json()) - - - - return response_400 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, Oauth2TokenResponse]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: AuthenticatedClient, - -) -> Response[Union[GenericError, Oauth2TokenResponse]]: - """The OAuth 2.0 Token Endpoint - - The client makes a request to the token endpoint by sending the - following parameters using the \"application/x-www-form-urlencoded\" HTTP - request entity-body. - - > Do not implement a client for this endpoint yourself. Use a library. There are many libraries - > available for any programming language. You can find a list of libraries here: - https://oauth.net/code/ - > - > Do note that Hydra SDK does not implement this endpoint properly. Use one of the libraries listed - above! - - Returns: - Response[Union[GenericError, Oauth2TokenResponse]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: AuthenticatedClient, - -) -> Optional[Union[GenericError, Oauth2TokenResponse]]: - """The OAuth 2.0 Token Endpoint - - The client makes a request to the token endpoint by sending the - following parameters using the \"application/x-www-form-urlencoded\" HTTP - request entity-body. - - > Do not implement a client for this endpoint yourself. Use a library. There are many libraries - > available for any programming language. You can find a list of libraries here: - https://oauth.net/code/ - > - > Do note that Hydra SDK does not implement this endpoint properly. Use one of the libraries listed - above! - - Returns: - Response[Union[GenericError, Oauth2TokenResponse]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: AuthenticatedClient, - -) -> Response[Union[GenericError, Oauth2TokenResponse]]: - """The OAuth 2.0 Token Endpoint - - The client makes a request to the token endpoint by sending the - following parameters using the \"application/x-www-form-urlencoded\" HTTP - request entity-body. - - > Do not implement a client for this endpoint yourself. Use a library. There are many libraries - > available for any programming language. You can find a list of libraries here: - https://oauth.net/code/ - > - > Do note that Hydra SDK does not implement this endpoint properly. Use one of the libraries listed - above! - - Returns: - Response[Union[GenericError, Oauth2TokenResponse]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: AuthenticatedClient, - -) -> Optional[Union[GenericError, Oauth2TokenResponse]]: - """The OAuth 2.0 Token Endpoint - - The client makes a request to the token endpoint by sending the - following parameters using the \"application/x-www-form-urlencoded\" HTTP - request entity-body. - - > Do not implement a client for this endpoint yourself. Use a library. There are many libraries - > available for any programming language. You can find a list of libraries here: - https://oauth.net/code/ - > - > Do note that Hydra SDK does not implement this endpoint properly. Use one of the libraries listed - above! - - Returns: - Response[Union[GenericError, Oauth2TokenResponse]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/oauth_auth.py b/libs/ory-hydra-client/ory_hydra_client/api/public/oauth_auth.py deleted file mode 100644 index fadd042..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/oauth_auth.py +++ /dev/null @@ -1,177 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/oauth2/auth".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.FOUND: - response_302 = cast(Any, None) - return response_302 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """The OAuth 2.0 Authorize Endpoint - - This endpoint is not documented here because you should never use your own implementation to perform - OAuth2 flows. - OAuth2 is a very popular protocol and a library for your programming language will exists. - - To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """The OAuth 2.0 Authorize Endpoint - - This endpoint is not documented here because you should never use your own implementation to perform - OAuth2 flows. - OAuth2 is a very popular protocol and a library for your programming language will exists. - - To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Union[Any, GenericError]]: - """The OAuth 2.0 Authorize Endpoint - - This endpoint is not documented here because you should never use your own implementation to perform - OAuth2 flows. - OAuth2 is a very popular protocol and a library for your programming language will exists. - - To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - -) -> Optional[Union[Any, GenericError]]: - """The OAuth 2.0 Authorize Endpoint - - This endpoint is not documented here because you should never use your own implementation to perform - OAuth2 flows. - OAuth2 is a very popular protocol and a library for your programming language will exists. - - To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/revoke_o_auth_2_token.py b/libs/ory-hydra-client/ory_hydra_client/api/public/revoke_o_auth_2_token.py deleted file mode 100644 index 9ba8363..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/revoke_o_auth_2_token.py +++ /dev/null @@ -1,186 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from ...models.revoke_o_auth_2_token_data import RevokeOAuth2TokenData -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: AuthenticatedClient, - -) -> Dict[str, Any]: - url = "{}/oauth2/revoke".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "post", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]: - if response.status_code == HTTPStatus.OK: - response_200 = cast(Any, None) - return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: AuthenticatedClient, - -) -> Response[Union[Any, GenericError]]: - """Revoke OAuth2 Tokens - - Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access - token can no - longer be used to make access requests, and a revoked refresh token can no longer be used to refresh - an access token. - Revoking a refresh token also invalidates the access token that was created with it. A token may - only be revoked by - the client the token was generated for. - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: AuthenticatedClient, - -) -> Optional[Union[Any, GenericError]]: - """Revoke OAuth2 Tokens - - Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access - token can no - longer be used to make access requests, and a revoked refresh token can no longer be used to refresh - an access token. - Revoking a refresh token also invalidates the access token that was created with it. A token may - only be revoked by - the client the token was generated for. - - Returns: - Response[Union[Any, GenericError]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: AuthenticatedClient, - -) -> Response[Union[Any, GenericError]]: - """Revoke OAuth2 Tokens - - Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access - token can no - longer be used to make access requests, and a revoked refresh token can no longer be used to refresh - an access token. - Revoking a refresh token also invalidates the access token that was created with it. A token may - only be revoked by - the client the token was generated for. - - Returns: - Response[Union[Any, GenericError]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: AuthenticatedClient, - -) -> Optional[Union[Any, GenericError]]: - """Revoke OAuth2 Tokens - - Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access - token can no - longer be used to make access requests, and a revoked refresh token can no longer be used to refresh - an access token. - Revoking a refresh token also invalidates the access token that was created with it. A token may - only be revoked by - the client the token was generated for. - - Returns: - Response[Union[Any, GenericError]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/userinfo.py b/libs/ory-hydra-client/ory_hydra_client/api/public/userinfo.py deleted file mode 100644 index 82d2ca4..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/userinfo.py +++ /dev/null @@ -1,181 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.userinfo_response import UserinfoResponse -from ...models.generic_error import GenericError -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: AuthenticatedClient, - -) -> Dict[str, Any]: - url = "{}/userinfo".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, UserinfoResponse]]: - if response.status_code == HTTPStatus.OK: - response_200 = UserinfoResponse.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.UNAUTHORIZED: - response_401 = GenericError.from_dict(response.json()) - - - - return response_401 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, UserinfoResponse]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: AuthenticatedClient, - -) -> Response[Union[GenericError, UserinfoResponse]]: - """OpenID Connect Userinfo - - This endpoint returns the payload of the ID Token, including the idTokenExtra values, of - the provided OAuth 2.0 Access Token. - - For more information please [refer to the spec](http://openid.net/specs/openid-connect- - core-1_0.html#UserInfo). - - Returns: - Response[Union[GenericError, UserinfoResponse]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: AuthenticatedClient, - -) -> Optional[Union[GenericError, UserinfoResponse]]: - """OpenID Connect Userinfo - - This endpoint returns the payload of the ID Token, including the idTokenExtra values, of - the provided OAuth 2.0 Access Token. - - For more information please [refer to the spec](http://openid.net/specs/openid-connect- - core-1_0.html#UserInfo). - - Returns: - Response[Union[GenericError, UserinfoResponse]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: AuthenticatedClient, - -) -> Response[Union[GenericError, UserinfoResponse]]: - """OpenID Connect Userinfo - - This endpoint returns the payload of the ID Token, including the idTokenExtra values, of - the provided OAuth 2.0 Access Token. - - For more information please [refer to the spec](http://openid.net/specs/openid-connect- - core-1_0.html#UserInfo). - - Returns: - Response[Union[GenericError, UserinfoResponse]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: AuthenticatedClient, - -) -> Optional[Union[GenericError, UserinfoResponse]]: - """OpenID Connect Userinfo - - This endpoint returns the payload of the ID Token, including the idTokenExtra values, of - the provided OAuth 2.0 Access Token. - - For more information please [refer to the spec](http://openid.net/specs/openid-connect- - core-1_0.html#UserInfo). - - Returns: - Response[Union[GenericError, UserinfoResponse]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/public/well_known.py b/libs/ory-hydra-client/ory_hydra_client/api/public/well_known.py deleted file mode 100644 index e559c30..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/api/public/well_known.py +++ /dev/null @@ -1,171 +0,0 @@ -from typing import Any, Dict, List, Optional, Union, cast - -import httpx - -from ...client import AuthenticatedClient, Client -from ...types import Response, UNSET - -from ...models.generic_error import GenericError -from ...models.json_web_key_set import JSONWebKeySet -from typing import cast -from typing import Dict - - - -def _get_kwargs( - *, - _client: Client, - -) -> Dict[str, Any]: - url = "{}/.well-known/jwks.json".format( - _client.base_url) - - headers: Dict[str, str] = _client.get_headers() - cookies: Dict[str, Any] = _client.get_cookies() - - - - - - - - - - - - return { - "method": "get", - "url": url, - "headers": headers, - "cookies": cookies, - "timeout": _client.get_timeout(), - } - - -def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: - if response.status_code == HTTPStatus.OK: - response_200 = JSONWebKeySet.from_dict(response.json()) - - - - return response_200 - if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR: - response_500 = GenericError.from_dict(response.json()) - - - - return response_500 - return None - - -def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]: - return Response( - status_code=response.status_code, - content=response.content, - headers=response.headers, - parsed=_parse_response(response=response), - ) - - -def sync_detailed( - *, - _client: Client, - -) -> Response[Union[GenericError, JSONWebKeySet]]: - """JSON Web Keys Discovery - - This endpoint returns JSON Web Keys to be used as public keys for verifying OpenID Connect ID Tokens - and, - if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like - [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - response = httpx.request( - verify=_client.verify_ssl, - **kwargs, - ) - - return _build_response(response=response) - -def sync( - *, - _client: Client, - -) -> Optional[Union[GenericError, JSONWebKeySet]]: - """JSON Web Keys Discovery - - This endpoint returns JSON Web Keys to be used as public keys for verifying OpenID Connect ID Tokens - and, - if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like - [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - return sync_detailed( - _client=_client, - - ).parsed - -async def asyncio_detailed( - *, - _client: Client, - -) -> Response[Union[GenericError, JSONWebKeySet]]: - """JSON Web Keys Discovery - - This endpoint returns JSON Web Keys to be used as public keys for verifying OpenID Connect ID Tokens - and, - if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like - [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - kwargs = _get_kwargs( - _client=_client, - - ) - - async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: - response = await __client.request( - **kwargs - ) - - return _build_response(response=response) - -async def asyncio( - *, - _client: Client, - -) -> Optional[Union[GenericError, JSONWebKeySet]]: - """JSON Web Keys Discovery - - This endpoint returns JSON Web Keys to be used as public keys for verifying OpenID Connect ID Tokens - and, - if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like - [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. - - Returns: - Response[Union[GenericError, JSONWebKeySet]] - """ - - - return (await asyncio_detailed( - _client=_client, - - )).parsed - diff --git a/libs/ory-hydra-client/ory_hydra_client/api/wellknown/__init__.py b/libs/ory-hydra-client/ory_hydra_client/api/wellknown/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/libs/ory-hydra-client/ory_hydra_client/api/wellknown/discover_json_web_keys.py b/libs/ory-hydra-client/ory_hydra_client/api/wellknown/discover_json_web_keys.py new file mode 100644 index 0000000..a13f1fb --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/api/wellknown/discover_json_web_keys.py @@ -0,0 +1,181 @@ +from http import HTTPStatus +from typing import Any, Dict, List, Optional, Union, cast + +import httpx + +from ...client import AuthenticatedClient, Client +from ...types import Response, UNSET +from ... import errors + +from typing import cast +from typing import Dict +from ...models.json_web_key_set import JsonWebKeySet + + + +def _get_kwargs( + *, + _client: Client, + +) -> Dict[str, Any]: + url = "{}/.well-known/jwks.json".format( + _client.base_url) + + headers: Dict[str, str] = _client.get_headers() + cookies: Dict[str, Any] = _client.get_cookies() + + + + + + + + + + + + return { + "method": "get", + "url": url, + "headers": headers, + "cookies": cookies, + "timeout": _client.get_timeout(), + } + + +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]: + if response.status_code == HTTPStatus.OK: + response_200 = JsonWebKeySet.from_dict(response.json()) + + + + return response_200 + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None + + +def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]: + return Response( + status_code=HTTPStatus(response.status_code), + content=response.content, + headers=response.headers, + parsed=_parse_response(client=client, response=response), + ) + + +def sync_detailed( + *, + _client: Client, + +) -> Response[JsonWebKeySet]: + """Discover Well-Known JSON Web Keys + + This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, + if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like + [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + response = httpx.request( + verify=_client.verify_ssl, + **kwargs, + ) + + return _build_response(client=_client, response=response) + +def sync( + *, + _client: Client, + +) -> Optional[JsonWebKeySet]: + """Discover Well-Known JSON Web Keys + + This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, + if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like + [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + return sync_detailed( + _client=_client, + + ).parsed + +async def asyncio_detailed( + *, + _client: Client, + +) -> Response[JsonWebKeySet]: + """Discover Well-Known JSON Web Keys + + This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, + if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like + [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + kwargs = _get_kwargs( + _client=_client, + + ) + + async with httpx.AsyncClient(verify=_client.verify_ssl) as __client: + response = await __client.request( + **kwargs + ) + + return _build_response(client=_client, response=response) + +async def asyncio( + *, + _client: Client, + +) -> Optional[JsonWebKeySet]: + """Discover Well-Known JSON Web Keys + + This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, + if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like + [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. + + Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + + Returns: + Response[JsonWebKeySet] + """ + + + return (await asyncio_detailed( + _client=_client, + + )).parsed + diff --git a/libs/ory-hydra-client/ory_hydra_client/client.py b/libs/ory-hydra-client/ory_hydra_client/client.py index 028a63a..3155f30 100644 --- a/libs/ory-hydra-client/ory_hydra_client/client.py +++ b/libs/ory-hydra-client/ory_hydra_client/client.py @@ -4,13 +4,26 @@ import attr @attr.s(auto_attribs=True) class Client: - """ A class for keeping track of data related to the API """ + """ A class for keeping track of data related to the API + + Attributes: + base_url: The base URL for the API, all requests are made to a relative path to this URL + cookies: A dictionary of cookies to be sent with every request + headers: A dictionary of headers to be sent with every request + timeout: The maximum amount of a time in seconds a request can take. API functions will raise + httpx.TimeoutException if this is exceeded. + verify_ssl: Whether or not to verify the SSL certificate of the API server. This should be True in production, + but can be set to False for testing purposes. + raise_on_unexpected_status: Whether or not to raise an errors.UnexpectedStatus if the API returns a + status code that was not documented in the source OpenAPI document. + """ base_url: str cookies: Dict[str, str] = attr.ib(factory=dict, kw_only=True) headers: Dict[str, str] = attr.ib(factory=dict, kw_only=True) timeout: float = attr.ib(5.0, kw_only=True) verify_ssl: Union[str, bool, ssl.SSLContext] = attr.ib(True, kw_only=True) + raise_on_unexpected_status: bool = attr.ib(False, kw_only=True) def get_headers(self) -> Dict[str, str]: """ Get headers to be used in all endpoints """ @@ -39,7 +52,10 @@ class AuthenticatedClient(Client): """ A Client which has been authenticated for use on secured endpoints """ token: str + prefix: str = "Bearer" + auth_header_name: str = "Authorization" def get_headers(self) -> Dict[str, str]: - """ Get headers to be used in authenticated endpoints """ - return {"Authorization": f"Bearer {self.token}", **self.headers} + """Get headers to be used in authenticated endpoints""" + auth_header_value = f"{self.prefix} {self.token}" if self.prefix else self.token + return {self.auth_header_name: auth_header_value, **self.headers} diff --git a/libs/ory-hydra-client/ory_hydra_client/models/__init__.py b/libs/ory-hydra-client/ory_hydra_client/models/__init__.py index ec45b90..71c0c20 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/__init__.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/__init__.py @@ -1,49 +1,95 @@ """ Contains all the data models used in inputs/outputs """ -from .accept_consent_request import AcceptConsentRequest -from .accept_login_request import AcceptLoginRequest -from .completed_request import CompletedRequest -from .consent_request import ConsentRequest -from .consent_request_session import ConsentRequestSession -from .consent_request_session_access_token import ConsentRequestSessionAccessToken -from .consent_request_session_id_token import ConsentRequestSessionIdToken -from .container_wait_ok_body_error import ContainerWaitOKBodyError -from .flush_inactive_o_auth_2_tokens_request import FlushInactiveOAuth2TokensRequest +from .contains_information_about_an_ongoing_logout_request import ContainsInformationAboutAnOngoingLogoutRequest +from .contains_information_on_an_ongoing_consent_request import ContainsInformationOnAnOngoingConsentRequest +from .contains_information_on_an_ongoing_login_request import ContainsInformationOnAnOngoingLoginRequest +from .contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest +from .contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims import ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims +from .create_json_web_key_set import CreateJsonWebKeySet +from .error_o_auth_2 import ErrorOAuth2 from .generic_error import GenericError +from .get_version_response_200 import GetVersionResponse200 +from .handled_login_request_is_the_request_payload_used_to_accept_a_login_request import HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest from .health_not_ready_status import HealthNotReadyStatus from .health_not_ready_status_errors import HealthNotReadyStatusErrors from .health_status import HealthStatus from .introspect_o_auth_2_token_data import IntrospectOAuth2TokenData -from .jose_json_web_key_set import JoseJSONWebKeySet -from .json_raw_message import JSONRawMessage -from .json_web_key import JSONWebKey -from .json_web_key_set import JSONWebKeySet -from .json_web_key_set_generator_request import JsonWebKeySetGeneratorRequest -from .login_request import LoginRequest -from .logout_request import LogoutRequest -from .o_auth_2_client import OAuth2Client -from .o_auth_2_token_introspection import OAuth2TokenIntrospection -from .o_auth_2_token_introspection_ext import OAuth2TokenIntrospectionExt -from .oauth_2_token_data import Oauth2TokenData -from .oauth_2_token_response import Oauth2TokenResponse -from .open_id_connect_context import OpenIDConnectContext -from .open_id_connect_context_id_token_hint_claims import OpenIDConnectContextIdTokenHintClaims -from .plugin_config import PluginConfig -from .plugin_config_args import PluginConfigArgs -from .plugin_config_interface import PluginConfigInterface -from .plugin_config_linux import PluginConfigLinux -from .plugin_config_network import PluginConfigNetwork -from .plugin_config_rootfs import PluginConfigRootfs -from .plugin_config_user import PluginConfigUser -from .plugin_device import PluginDevice -from .plugin_env import PluginEnv -from .plugin_interface_type import PluginInterfaceType -from .plugin_mount import PluginMount -from .plugin_settings import PluginSettings -from .previous_consent_session import PreviousConsentSession -from .reject_request import RejectRequest +from .introspected_o_auth_2_token import IntrospectedOAuth2Token +from .introspected_o_auth_2_token_ext import IntrospectedOAuth2TokenExt +from .is_ready_response_200 import IsReadyResponse200 +from .is_ready_response_503 import IsReadyResponse503 +from .is_ready_response_503_errors import IsReadyResponse503Errors +from .json_patch import JsonPatch +from .json_web_key import JsonWebKey +from .json_web_key_set import JsonWebKeySet +from .o_auth_20_client import OAuth20Client +from .o_auth_20_client_token_lifespans import OAuth20ClientTokenLifespans +from .o_auth_20_consent_session import OAuth20ConsentSession +from .o_auth_20_consent_session_expires_at import OAuth20ConsentSessionExpiresAt +from .o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo +from .o_auth_2_token_exchange import OAuth2TokenExchange +from .oauth_2_token_exchange_data import Oauth2TokenExchangeData +from .oidc_user_info import OidcUserInfo +from .open_id_connect_discovery_metadata import OpenIDConnectDiscoveryMetadata +from .pagination import Pagination +from .pagination_headers import PaginationHeaders +from .pagination_request_parameters import PaginationRequestParameters +from .pagination_response_header import PaginationResponseHeader +from .pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest from .revoke_o_auth_2_token_data import RevokeOAuth2TokenData -from .userinfo_response import UserinfoResponse +from .the_request_payload_used_to_accept_a_consent_request import TheRequestPayloadUsedToAcceptAConsentRequest +from .the_request_payload_used_to_accept_a_login_or_consent_request import TheRequestPayloadUsedToAcceptALoginOrConsentRequest +from .token_pagination import TokenPagination +from .token_pagination_headers import TokenPaginationHeaders +from .trust_o_auth_2_jwt_grant_issuer import TrustOAuth2JwtGrantIssuer +from .trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer +from .trusted_o_auth_2_jwt_grant_json_web_key import TrustedOAuth2JwtGrantJsonWebKey from .version import Version -from .volume_usage_data import VolumeUsageData -from .well_known import WellKnown + +__all__ = ( + "ContainsInformationAboutAnOngoingLogoutRequest", + "ContainsInformationOnAnOngoingConsentRequest", + "ContainsInformationOnAnOngoingLoginRequest", + "ContainsOptionalInformationAboutTheOpenIDConnectRequest", + "ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims", + "CreateJsonWebKeySet", + "ErrorOAuth2", + "GenericError", + "GetVersionResponse200", + "HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest", + "HealthNotReadyStatus", + "HealthNotReadyStatusErrors", + "HealthStatus", + "IntrospectedOAuth2Token", + "IntrospectedOAuth2TokenExt", + "IntrospectOAuth2TokenData", + "IsReadyResponse200", + "IsReadyResponse503", + "IsReadyResponse503Errors", + "JsonPatch", + "JsonWebKey", + "JsonWebKeySet", + "OAuth20Client", + "OAuth20ClientTokenLifespans", + "OAuth20ConsentSession", + "OAuth20ConsentSessionExpiresAt", + "OAuth20RedirectBrowserTo", + "OAuth2TokenExchange", + "Oauth2TokenExchangeData", + "OidcUserInfo", + "OpenIDConnectDiscoveryMetadata", + "Pagination", + "PaginationHeaders", + "PaginationRequestParameters", + "PaginationResponseHeader", + "PassSessionDataToAConsentRequest", + "RevokeOAuth2TokenData", + "TheRequestPayloadUsedToAcceptAConsentRequest", + "TheRequestPayloadUsedToAcceptALoginOrConsentRequest", + "TokenPagination", + "TokenPaginationHeaders", + "TrustedOAuth2JwtGrantIssuer", + "TrustedOAuth2JwtGrantJsonWebKey", + "TrustOAuth2JwtGrantIssuer", + "Version", +) diff --git a/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session_access_token.py b/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session_access_token.py deleted file mode 100644 index 4721130..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session_access_token.py +++ /dev/null @@ -1,62 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - - - - - -T = TypeVar("T", bound="ConsentRequestSessionAccessToken") - -@attr.s(auto_attribs=True) -class ConsentRequestSessionAccessToken: - """AccessToken sets session data for the access and refresh token, as well as any future tokens issued by the -refresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection. -If only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties -can access that endpoint as well, sensitive data from the session might be exposed to them. Use with care! - - """ - - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - consent_request_session_access_token = cls( - ) - - consent_request_session_access_token.additional_properties = _d - return consent_request_session_access_token - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session_id_token.py b/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session_id_token.py deleted file mode 100644 index 02cf91f..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session_id_token.py +++ /dev/null @@ -1,60 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - - - - - -T = TypeVar("T", bound="ConsentRequestSessionIdToken") - -@attr.s(auto_attribs=True) -class ConsentRequestSessionIdToken: - """IDToken sets session data for the OpenID Connect ID token. Keep in mind that the session'id payloads are readable -by anyone that has access to the ID Challenge. Use with care! - - """ - - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - consent_request_session_id_token = cls( - ) - - consent_request_session_id_token.additional_properties = _d - return consent_request_session_id_token - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/logout_request.py b/libs/ory-hydra-client/ory_hydra_client/models/contains_information_about_an_ongoing_logout_request.py similarity index 58% rename from libs/ory-hydra-client/ory_hydra_client/models/logout_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/contains_information_about_an_ongoing_logout_request.py index 0f8c094..32accf6 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/logout_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/contains_information_about_an_ongoing_logout_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,18 +7,29 @@ import attr from ..types import UNSET, Unset +from typing import cast from ..types import UNSET, Unset +from typing import Dict from typing import Union +if TYPE_CHECKING: + from ..models.o_auth_20_client import OAuth20Client -T = TypeVar("T", bound="LogoutRequest") + +T = TypeVar("T", bound="ContainsInformationAboutAnOngoingLogoutRequest") @attr.s(auto_attribs=True) -class LogoutRequest: +class ContainsInformationAboutAnOngoingLogoutRequest: """ Attributes: + challenge (Union[Unset, str]): Challenge is the identifier ("logout challenge") of the logout authentication + request. It is used to + identify the session. + client (Union[Unset, OAuth20Client]): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. + Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. request_url (Union[Unset, str]): RequestURL is the original Logout URL requested. rp_initiated (Union[Unset, bool]): RPInitiated is set to true if the request was initiated by a Relying Party (RP), also known as an OAuth 2.0 Client. @@ -26,6 +37,8 @@ class LogoutRequest: subject (Union[Unset, str]): Subject is the user for whom the logout was request. """ + challenge: Union[Unset, str] = UNSET + client: Union[Unset, 'OAuth20Client'] = UNSET request_url: Union[Unset, str] = UNSET rp_initiated: Union[Unset, bool] = UNSET sid: Union[Unset, str] = UNSET @@ -34,6 +47,12 @@ class LogoutRequest: def to_dict(self) -> Dict[str, Any]: + from ..models.o_auth_20_client import OAuth20Client + challenge = self.challenge + client: Union[Unset, Dict[str, Any]] = UNSET + if not isinstance(self.client, Unset): + client = self.client.to_dict() + request_url = self.request_url rp_initiated = self.rp_initiated sid = self.sid @@ -43,6 +62,10 @@ class LogoutRequest: field_dict.update(self.additional_properties) field_dict.update({ }) + if challenge is not UNSET: + field_dict["challenge"] = challenge + if client is not UNSET: + field_dict["client"] = client if request_url is not UNSET: field_dict["request_url"] = request_url if rp_initiated is not UNSET: @@ -58,7 +81,20 @@ class LogoutRequest: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.o_auth_20_client import OAuth20Client _d = src_dict.copy() + challenge = _d.pop("challenge", UNSET) + + _client = _d.pop("client", UNSET) + client: Union[Unset, OAuth20Client] + if isinstance(_client, Unset): + client = UNSET + else: + client = OAuth20Client.from_dict(_client) + + + + request_url = _d.pop("request_url", UNSET) rp_initiated = _d.pop("rp_initiated", UNSET) @@ -67,15 +103,17 @@ class LogoutRequest: subject = _d.pop("subject", UNSET) - logout_request = cls( + contains_information_about_an_ongoing_logout_request = cls( + challenge=challenge, + client=client, request_url=request_url, rp_initiated=rp_initiated, sid=sid, subject=subject, ) - logout_request.additional_properties = _d - return logout_request + contains_information_about_an_ongoing_logout_request.additional_properties = _d + return contains_information_about_an_ongoing_logout_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/consent_request.py b/libs/ory-hydra-client/ory_hydra_client/models/contains_information_on_an_ongoing_consent_request.py similarity index 75% rename from libs/ory-hydra-client/ory_hydra_client/models/consent_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/contains_information_on_an_ongoing_consent_request.py index d536a00..c976187 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/consent_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/contains_information_on_an_ongoing_consent_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,19 +7,23 @@ import attr from ..types import UNSET, Unset +from ..types import UNSET, Unset +from typing import cast from typing import Union from typing import Dict -from typing import cast -from ..types import UNSET, Unset from typing import cast, List +if TYPE_CHECKING: + from ..models.contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest + from ..models.o_auth_20_client import OAuth20Client -T = TypeVar("T", bound="ConsentRequest") + +T = TypeVar("T", bound="ContainsInformationOnAnOngoingConsentRequest") @attr.s(auto_attribs=True) -class ConsentRequest: +class ContainsInformationOnAnOngoingConsentRequest: """ Attributes: challenge (str): ID is the identifier ("authorization challenge") of the consent authorization request. It is @@ -28,8 +32,11 @@ class ConsentRequest: acr (Union[Unset, str]): ACR represents the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication. - client (Union[Unset, OAuth2Client]): - context (Union[Unset, JSONRawMessage]): + amr (Union[Unset, List[str]]): + client (Union[Unset, OAuth20Client]): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. + Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + context (Union[Unset, Any]): login_challenge (Union[Unset, str]): LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate a login and consent request in the login & consent app. @@ -40,7 +47,7 @@ class ConsentRequest: this will be a new random value. This value is used as the "sid" parameter in the ID Token and in OIDC Front-/Back- channel logout. It's value can generally be used to associate consecutive login requests by a certain user. - oidc_context (Union[Unset, OpenIDConnectContext]): + oidc_context (Union[Unset, ContainsOptionalInformationAboutTheOpenIDConnectRequest]): request_url (Union[Unset, str]): RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but @@ -58,11 +65,12 @@ class ConsentRequest: challenge: str acr: Union[Unset, str] = UNSET - client: Union[Unset, 'OAuth2Client'] = UNSET - context: Union[Unset, 'JSONRawMessage'] = UNSET + amr: Union[Unset, List[str]] = UNSET + client: Union[Unset, 'OAuth20Client'] = UNSET + context: Union[Unset, Any] = UNSET login_challenge: Union[Unset, str] = UNSET login_session_id: Union[Unset, str] = UNSET - oidc_context: Union[Unset, 'OpenIDConnectContext'] = UNSET + oidc_context: Union[Unset, 'ContainsOptionalInformationAboutTheOpenIDConnectRequest'] = UNSET request_url: Union[Unset, str] = UNSET requested_access_token_audience: Union[Unset, List[str]] = UNSET requested_scope: Union[Unset, List[str]] = UNSET @@ -72,16 +80,22 @@ class ConsentRequest: def to_dict(self) -> Dict[str, Any]: + from ..models.contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest + from ..models.o_auth_20_client import OAuth20Client challenge = self.challenge acr = self.acr + amr: Union[Unset, List[str]] = UNSET + if not isinstance(self.amr, Unset): + amr = self.amr + + + + client: Union[Unset, Dict[str, Any]] = UNSET if not isinstance(self.client, Unset): client = self.client.to_dict() - context: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.context, Unset): - context = self.context.to_dict() - + context = self.context login_challenge = self.login_challenge login_session_id = self.login_session_id oidc_context: Union[Unset, Dict[str, Any]] = UNSET @@ -113,6 +127,8 @@ class ConsentRequest: }) if acr is not UNSET: field_dict["acr"] = acr + if amr is not UNSET: + field_dict["amr"] = amr if client is not UNSET: field_dict["client"] = client if context is not UNSET: @@ -140,41 +156,38 @@ class ConsentRequest: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest + from ..models.o_auth_20_client import OAuth20Client _d = src_dict.copy() challenge = _d.pop("challenge") acr = _d.pop("acr", UNSET) + amr = cast(List[str], _d.pop("amr", UNSET)) + + _client = _d.pop("client", UNSET) - client: Union[Unset, OAuth2Client] + client: Union[Unset, OAuth20Client] if isinstance(_client, Unset): client = UNSET else: - client = OAuth2Client.from_dict(_client) + client = OAuth20Client.from_dict(_client) - _context = _d.pop("context", UNSET) - context: Union[Unset, JSONRawMessage] - if isinstance(_context, Unset): - context = UNSET - else: - context = JSONRawMessage.from_dict(_context) - - - + context = _d.pop("context", UNSET) login_challenge = _d.pop("login_challenge", UNSET) login_session_id = _d.pop("login_session_id", UNSET) _oidc_context = _d.pop("oidc_context", UNSET) - oidc_context: Union[Unset, OpenIDConnectContext] + oidc_context: Union[Unset, ContainsOptionalInformationAboutTheOpenIDConnectRequest] if isinstance(_oidc_context, Unset): oidc_context = UNSET else: - oidc_context = OpenIDConnectContext.from_dict(_oidc_context) + oidc_context = ContainsOptionalInformationAboutTheOpenIDConnectRequest.from_dict(_oidc_context) @@ -191,9 +204,10 @@ class ConsentRequest: subject = _d.pop("subject", UNSET) - consent_request = cls( + contains_information_on_an_ongoing_consent_request = cls( challenge=challenge, acr=acr, + amr=amr, client=client, context=context, login_challenge=login_challenge, @@ -206,8 +220,8 @@ class ConsentRequest: subject=subject, ) - consent_request.additional_properties = _d - return consent_request + contains_information_on_an_ongoing_consent_request.additional_properties = _d + return contains_information_on_an_ongoing_consent_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/login_request.py b/libs/ory-hydra-client/ory_hydra_client/models/contains_information_on_an_ongoing_login_request.py similarity index 74% rename from libs/ory-hydra-client/ory_hydra_client/models/login_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/contains_information_on_an_ongoing_login_request.py index bfefd13..4cf1e12 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/login_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/contains_information_on_an_ongoing_login_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,24 +7,30 @@ import attr from ..types import UNSET, Unset -from typing import Union -from typing import Dict -from typing import cast from ..types import UNSET, Unset +from typing import Union +from typing import cast +from typing import Dict from typing import cast, List +if TYPE_CHECKING: + from ..models.contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest + from ..models.o_auth_20_client import OAuth20Client -T = TypeVar("T", bound="LoginRequest") + +T = TypeVar("T", bound="ContainsInformationOnAnOngoingLoginRequest") @attr.s(auto_attribs=True) -class LoginRequest: +class ContainsInformationOnAnOngoingLoginRequest: """ Attributes: challenge (str): ID is the identifier ("login challenge") of the login request. It is used to identify the session. - client (OAuth2Client): + client (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth + 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. request_url (str): RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but @@ -40,7 +46,7 @@ class LoginRequest: deny the scope requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type when accepting the login request, or the request will fail. - oidc_context (Union[Unset, OpenIDConnectContext]): + oidc_context (Union[Unset, ContainsOptionalInformationAboutTheOpenIDConnectRequest]): session_id (Union[Unset, str]): SessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember @@ -51,18 +57,20 @@ class LoginRequest: """ challenge: str - client: 'OAuth2Client' + client: 'OAuth20Client' request_url: str requested_access_token_audience: List[str] requested_scope: List[str] skip: bool subject: str - oidc_context: Union[Unset, 'OpenIDConnectContext'] = UNSET + oidc_context: Union[Unset, 'ContainsOptionalInformationAboutTheOpenIDConnectRequest'] = UNSET session_id: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: + from ..models.contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest + from ..models.o_auth_20_client import OAuth20Client challenge = self.challenge client = self.client.to_dict() @@ -107,10 +115,12 @@ class LoginRequest: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.contains_optional_information_about_the_open_id_connect_request import ContainsOptionalInformationAboutTheOpenIDConnectRequest + from ..models.o_auth_20_client import OAuth20Client _d = src_dict.copy() challenge = _d.pop("challenge") - client = OAuth2Client.from_dict(_d.pop("client")) + client = OAuth20Client.from_dict(_d.pop("client")) @@ -128,18 +138,18 @@ class LoginRequest: subject = _d.pop("subject") _oidc_context = _d.pop("oidc_context", UNSET) - oidc_context: Union[Unset, OpenIDConnectContext] + oidc_context: Union[Unset, ContainsOptionalInformationAboutTheOpenIDConnectRequest] if isinstance(_oidc_context, Unset): oidc_context = UNSET else: - oidc_context = OpenIDConnectContext.from_dict(_oidc_context) + oidc_context = ContainsOptionalInformationAboutTheOpenIDConnectRequest.from_dict(_oidc_context) session_id = _d.pop("session_id", UNSET) - login_request = cls( + contains_information_on_an_ongoing_login_request = cls( challenge=challenge, client=client, request_url=request_url, @@ -151,8 +161,8 @@ class LoginRequest: session_id=session_id, ) - login_request.additional_properties = _d - return login_request + contains_information_on_an_ongoing_login_request.additional_properties = _d + return contains_information_on_an_ongoing_login_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_context.py b/libs/ory-hydra-client/ory_hydra_client/models/contains_optional_information_about_the_open_id_connect_request.py similarity index 79% rename from libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_context.py rename to libs/ory-hydra-client/ory_hydra_client/models/contains_optional_information_about_the_open_id_connect_request.py index 8c059b8..88adaf5 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_context.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/contains_optional_information_about_the_open_id_connect_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,19 +7,22 @@ import attr from ..types import UNSET, Unset +from ..types import UNSET, Unset +from typing import cast from typing import Union from typing import Dict -from typing import cast -from ..types import UNSET, Unset from typing import cast, List +if TYPE_CHECKING: + from ..models.contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims import ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims -T = TypeVar("T", bound="OpenIDConnectContext") + +T = TypeVar("T", bound="ContainsOptionalInformationAboutTheOpenIDConnectRequest") @attr.s(auto_attribs=True) -class OpenIDConnectContext: +class ContainsOptionalInformationAboutTheOpenIDConnectRequest: """ Attributes: acr_values (Union[Unset, List[str]]): ACRValues is the Authentication AuthorizationContext Class Reference @@ -49,8 +52,9 @@ class OpenIDConnectContext: The Authorization Server MAY also attempt to detect the capabilities of the User Agent and present an appropriate display. - id_token_hint_claims (Union[Unset, OpenIDConnectContextIdTokenHintClaims]): IDTokenHintClaims are the claims of - the ID Token previously issued by the Authorization Server being passed as a hint about the + id_token_hint_claims (Union[Unset, ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims]): + IDTokenHintClaims are the claims of the ID Token previously issued by the Authorization Server being passed as a + hint about the End-User's current or past authenticated session with the Client. login_hint (Union[Unset, str]): LoginHint hints about the login identifier the End-User might use to log in (if necessary). @@ -68,13 +72,14 @@ class OpenIDConnectContext: acr_values: Union[Unset, List[str]] = UNSET display: Union[Unset, str] = UNSET - id_token_hint_claims: Union[Unset, 'OpenIDConnectContextIdTokenHintClaims'] = UNSET + id_token_hint_claims: Union[Unset, 'ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims'] = UNSET login_hint: Union[Unset, str] = UNSET ui_locales: Union[Unset, List[str]] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: + from ..models.contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims import ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims acr_values: Union[Unset, List[str]] = UNSET if not isinstance(self.acr_values, Unset): acr_values = self.acr_values @@ -117,6 +122,7 @@ class OpenIDConnectContext: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims import ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims _d = src_dict.copy() acr_values = cast(List[str], _d.pop("acr_values", UNSET)) @@ -124,11 +130,11 @@ class OpenIDConnectContext: display = _d.pop("display", UNSET) _id_token_hint_claims = _d.pop("id_token_hint_claims", UNSET) - id_token_hint_claims: Union[Unset, OpenIDConnectContextIdTokenHintClaims] + id_token_hint_claims: Union[Unset, ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims] if isinstance(_id_token_hint_claims, Unset): id_token_hint_claims = UNSET else: - id_token_hint_claims = OpenIDConnectContextIdTokenHintClaims.from_dict(_id_token_hint_claims) + id_token_hint_claims = ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims.from_dict(_id_token_hint_claims) @@ -138,7 +144,7 @@ class OpenIDConnectContext: ui_locales = cast(List[str], _d.pop("ui_locales", UNSET)) - open_id_connect_context = cls( + contains_optional_information_about_the_open_id_connect_request = cls( acr_values=acr_values, display=display, id_token_hint_claims=id_token_hint_claims, @@ -146,8 +152,8 @@ class OpenIDConnectContext: ui_locales=ui_locales, ) - open_id_connect_context.additional_properties = _d - return open_id_connect_context + contains_optional_information_about_the_open_id_connect_request.additional_properties = _d + return contains_optional_information_about_the_open_id_connect_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_context_id_token_hint_claims.py b/libs/ory-hydra-client/ory_hydra_client/models/contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims.py similarity index 70% rename from libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_context_id_token_hint_claims.py rename to libs/ory-hydra-client/ory_hydra_client/models/contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims.py index cf21cf6..46c3923 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_context_id_token_hint_claims.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -11,10 +11,11 @@ from ..types import UNSET, Unset -T = TypeVar("T", bound="OpenIDConnectContextIdTokenHintClaims") + +T = TypeVar("T", bound="ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims") @attr.s(auto_attribs=True) -class OpenIDConnectContextIdTokenHintClaims: +class ContainsOptionalInformationAboutTheOpenIDConnectRequestIdTokenHintClaims: """IDTokenHintClaims are the claims of the ID Token previously issued by the Authorization Server being passed as a hint about the End-User's current or past authenticated session with the Client. @@ -38,11 +39,11 @@ End-User's current or past authenticated session with the Client. @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - open_id_connect_context_id_token_hint_claims = cls( + contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims = cls( ) - open_id_connect_context_id_token_hint_claims.additional_properties = _d - return open_id_connect_context_id_token_hint_claims + contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims.additional_properties = _d + return contains_optional_information_about_the_open_id_connect_request_id_token_hint_claims @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set_generator_request.py b/libs/ory-hydra-client/ory_hydra_client/models/create_json_web_key_set.py similarity index 71% rename from libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set_generator_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/create_json_web_key_set.py index 6f8b3a5..b88deb2 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set_generator_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/create_json_web_key_set.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -11,15 +11,23 @@ from ..types import UNSET, Unset -T = TypeVar("T", bound="JsonWebKeySetGeneratorRequest") + +T = TypeVar("T", bound="CreateJsonWebKeySet") @attr.s(auto_attribs=True) -class JsonWebKeySetGeneratorRequest: - """ +class CreateJsonWebKeySet: + """Create JSON Web Key Set Request Body + Attributes: - alg (str): The algorithm to be used for creating the key. Supports "RS256", "ES512", "HS512", and "HS256" - kid (str): The kid of the key to be created - use (str): The "use" (public key use) parameter identifies the intended use of + alg (str): JSON Web Key Algorithm + + The algorithm to be used for creating the key. Supports `RS256`, `ES256`, `ES512`, `HS512`, and `HS256`. + kid (str): JSON Web Key ID + + The Key ID of the key to be created. + use (str): JSON Web Key Use + + The "use" (public key use) parameter identifies the intended use of the public key. The "use" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Valid values are "enc" and "sig". @@ -57,14 +65,14 @@ class JsonWebKeySetGeneratorRequest: use = _d.pop("use") - json_web_key_set_generator_request = cls( + create_json_web_key_set = cls( alg=alg, kid=kid, use=use, ) - json_web_key_set_generator_request.additional_properties = _d - return json_web_key_set_generator_request + create_json_web_key_set.additional_properties = _d + return create_json_web_key_set @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/error_o_auth_2.py b/libs/ory-hydra-client/ory_hydra_client/models/error_o_auth_2.py new file mode 100644 index 0000000..0ba125d --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/error_o_auth_2.py @@ -0,0 +1,107 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="ErrorOAuth2") + +@attr.s(auto_attribs=True) +class ErrorOAuth2: + """Error + + Attributes: + error (Union[Unset, str]): Error + error_debug (Union[Unset, str]): Error Debug Information + + Only available in dev mode. + error_description (Union[Unset, str]): Error Description + error_hint (Union[Unset, str]): Error Hint + + Helps the user identify the error cause. Example: The redirect URL is not allowed.. + status_code (Union[Unset, int]): HTTP Status Code Example: 401. + """ + + error: Union[Unset, str] = UNSET + error_debug: Union[Unset, str] = UNSET + error_description: Union[Unset, str] = UNSET + error_hint: Union[Unset, str] = UNSET + status_code: Union[Unset, int] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + error = self.error + error_debug = self.error_debug + error_description = self.error_description + error_hint = self.error_hint + status_code = self.status_code + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if error is not UNSET: + field_dict["error"] = error + if error_debug is not UNSET: + field_dict["error_debug"] = error_debug + if error_description is not UNSET: + field_dict["error_description"] = error_description + if error_hint is not UNSET: + field_dict["error_hint"] = error_hint + if status_code is not UNSET: + field_dict["status_code"] = status_code + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + error = _d.pop("error", UNSET) + + error_debug = _d.pop("error_debug", UNSET) + + error_description = _d.pop("error_description", UNSET) + + error_hint = _d.pop("error_hint", UNSET) + + status_code = _d.pop("status_code", UNSET) + + error_o_auth_2 = cls( + error=error, + error_debug=error_debug, + error_description=error_description, + error_hint=error_hint, + status_code=status_code, + ) + + error_o_auth_2.additional_properties = _d + return error_o_auth_2 + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/generic_error.py b/libs/ory-hydra-client/ory_hydra_client/models/generic_error.py index d6227a5..19b6a67 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/generic_error.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/generic_error.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,45 +13,73 @@ from typing import Union + T = TypeVar("T", bound="GenericError") @attr.s(auto_attribs=True) class GenericError: - """Error responses are sent when an error (e.g. unauthorized, bad request, ...) occurred. - + """ Attributes: - error (str): Name is the error name. Example: The requested resource could not be found. - debug (Union[Unset, str]): Debug contains debug information. This is usually not available and has to be - enabled. Example: The database adapter was unable to find the element. - error_description (Union[Unset, str]): Description contains further information on the nature of the error. - Example: Object with ID 12345 does not exist. - status_code (Union[Unset, int]): Code represents the error status code (404, 403, 401, ...). Example: 404. + message (str): Error message + + The error's message. Example: The resource could not be found. + code (Union[Unset, int]): The status code Example: 404. + debug (Union[Unset, str]): Debug information + + This field is often not exposed to protect against leaking + sensitive information. Example: SQL field "foo" is not a bool.. + details (Union[Unset, Any]): Further error details + id (Union[Unset, str]): The error ID + + Useful when trying to identify various errors in application logic. + reason (Union[Unset, str]): A human-readable reason for the error Example: User with ID 1234 does not exist.. + request (Union[Unset, str]): The request ID + + The request ID is often exposed internally in order to trace + errors across service architectures. This is often a UUID. Example: d7ef54b1-ec15-46e6-bccb-524b82c035e6. + status (Union[Unset, str]): The status description Example: Not Found. """ - error: str + message: str + code: Union[Unset, int] = UNSET debug: Union[Unset, str] = UNSET - error_description: Union[Unset, str] = UNSET - status_code: Union[Unset, int] = UNSET + details: Union[Unset, Any] = UNSET + id: Union[Unset, str] = UNSET + reason: Union[Unset, str] = UNSET + request: Union[Unset, str] = UNSET + status: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - error = self.error + message = self.message + code = self.code debug = self.debug - error_description = self.error_description - status_code = self.status_code + details = self.details + id = self.id + reason = self.reason + request = self.request + status = self.status field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ - "error": error, + "message": message, }) + if code is not UNSET: + field_dict["code"] = code if debug is not UNSET: field_dict["debug"] = debug - if error_description is not UNSET: - field_dict["error_description"] = error_description - if status_code is not UNSET: - field_dict["status_code"] = status_code + if details is not UNSET: + field_dict["details"] = details + if id is not UNSET: + field_dict["id"] = id + if reason is not UNSET: + field_dict["reason"] = reason + if request is not UNSET: + field_dict["request"] = request + if status is not UNSET: + field_dict["status"] = status return field_dict @@ -60,19 +88,31 @@ class GenericError: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - error = _d.pop("error") + message = _d.pop("message") + + code = _d.pop("code", UNSET) debug = _d.pop("debug", UNSET) - error_description = _d.pop("error_description", UNSET) + details = _d.pop("details", UNSET) - status_code = _d.pop("status_code", UNSET) + id = _d.pop("id", UNSET) + + reason = _d.pop("reason", UNSET) + + request = _d.pop("request", UNSET) + + status = _d.pop("status", UNSET) generic_error = cls( - error=error, + message=message, + code=code, debug=debug, - error_description=error_description, - status_code=status_code, + details=details, + id=id, + reason=reason, + request=request, + status=status, ) generic_error.additional_properties = _d diff --git a/libs/ory-hydra-client/ory_hydra_client/models/container_wait_ok_body_error.py b/libs/ory-hydra-client/ory_hydra_client/models/get_version_response_200.py similarity index 66% rename from libs/ory-hydra-client/ory_hydra_client/models/container_wait_ok_body_error.py rename to libs/ory-hydra-client/ory_hydra_client/models/get_version_response_200.py index 9aec23c..41a34b7 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/container_wait_ok_body_error.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/get_version_response_200.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,29 +13,29 @@ from typing import Union -T = TypeVar("T", bound="ContainerWaitOKBodyError") + +T = TypeVar("T", bound="GetVersionResponse200") @attr.s(auto_attribs=True) -class ContainerWaitOKBodyError: - """ContainerWaitOKBodyError container waiting error, if any - +class GetVersionResponse200: + """ Attributes: - message (Union[Unset, str]): Details of an error + version (Union[Unset, str]): The version of Ory Hydra. """ - message: Union[Unset, str] = UNSET + version: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - message = self.message + version = self.version field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ }) - if message is not UNSET: - field_dict["Message"] = message + if version is not UNSET: + field_dict["version"] = version return field_dict @@ -44,14 +44,14 @@ class ContainerWaitOKBodyError: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - message = _d.pop("Message", UNSET) + version = _d.pop("version", UNSET) - container_wait_ok_body_error = cls( - message=message, + get_version_response_200 = cls( + version=version, ) - container_wait_ok_body_error.additional_properties = _d - return container_wait_ok_body_error + get_version_response_200.additional_properties = _d + return get_version_response_200 @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/accept_login_request.py b/libs/ory-hydra-client/ory_hydra_client/models/handled_login_request_is_the_request_payload_used_to_accept_a_login_request.py similarity index 83% rename from libs/ory-hydra-client/ory_hydra_client/models/accept_login_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/handled_login_request_is_the_request_payload_used_to_accept_a_login_request.py index 39890f8..5dc327e 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/accept_login_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/handled_login_request_is_the_request_payload_used_to_accept_a_login_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,25 +7,26 @@ import attr from ..types import UNSET, Unset -from typing import Union -from typing import cast +from typing import cast, List from ..types import UNSET, Unset -from typing import Dict +from typing import Union -T = TypeVar("T", bound="AcceptLoginRequest") + +T = TypeVar("T", bound="HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest") @attr.s(auto_attribs=True) -class AcceptLoginRequest: +class HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest: """ Attributes: subject (str): Subject is the user ID of the end-user that authenticated. acr (Union[Unset, str]): ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication. - context (Union[Unset, JSONRawMessage]): + amr (Union[Unset, List[str]]): + context (Union[Unset, Any]): force_subject_identifier (Union[Unset, str]): ForceSubjectIdentifier forces the "pairwise" user ID of the end- user that authenticated. The "pairwise" user ID refers to the (Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID @@ -58,7 +59,8 @@ class AcceptLoginRequest: subject: str acr: Union[Unset, str] = UNSET - context: Union[Unset, 'JSONRawMessage'] = UNSET + amr: Union[Unset, List[str]] = UNSET + context: Union[Unset, Any] = UNSET force_subject_identifier: Union[Unset, str] = UNSET remember: Union[Unset, bool] = UNSET remember_for: Union[Unset, int] = UNSET @@ -68,10 +70,14 @@ class AcceptLoginRequest: def to_dict(self) -> Dict[str, Any]: subject = self.subject acr = self.acr - context: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.context, Unset): - context = self.context.to_dict() + amr: Union[Unset, List[str]] = UNSET + if not isinstance(self.amr, Unset): + amr = self.amr + + + + context = self.context force_subject_identifier = self.force_subject_identifier remember = self.remember remember_for = self.remember_for @@ -83,6 +89,8 @@ class AcceptLoginRequest: }) if acr is not UNSET: field_dict["acr"] = acr + if amr is not UNSET: + field_dict["amr"] = amr if context is not UNSET: field_dict["context"] = context if force_subject_identifier is not UNSET: @@ -103,15 +111,10 @@ class AcceptLoginRequest: acr = _d.pop("acr", UNSET) - _context = _d.pop("context", UNSET) - context: Union[Unset, JSONRawMessage] - if isinstance(_context, Unset): - context = UNSET - else: - context = JSONRawMessage.from_dict(_context) - + amr = cast(List[str], _d.pop("amr", UNSET)) + context = _d.pop("context", UNSET) force_subject_identifier = _d.pop("force_subject_identifier", UNSET) @@ -119,17 +122,18 @@ class AcceptLoginRequest: remember_for = _d.pop("remember_for", UNSET) - accept_login_request = cls( + handled_login_request_is_the_request_payload_used_to_accept_a_login_request = cls( subject=subject, acr=acr, + amr=amr, context=context, force_subject_identifier=force_subject_identifier, remember=remember, remember_for=remember_for, ) - accept_login_request.additional_properties = _d - return accept_login_request + handled_login_request_is_the_request_payload_used_to_accept_a_login_request.additional_properties = _d + return handled_login_request_is_the_request_payload_used_to_accept_a_login_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status.py b/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status.py index 3baba59..2b3fcf3 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,10 +7,13 @@ import attr from ..types import UNSET, Unset -from typing import Union -from typing import cast from ..types import UNSET, Unset from typing import Dict +from typing import Union +from typing import cast + +if TYPE_CHECKING: + from ..models.health_not_ready_status_errors import HealthNotReadyStatusErrors @@ -30,6 +33,7 @@ class HealthNotReadyStatus: def to_dict(self) -> Dict[str, Any]: + from ..models.health_not_ready_status_errors import HealthNotReadyStatusErrors errors: Union[Unset, Dict[str, Any]] = UNSET if not isinstance(self.errors, Unset): errors = self.errors.to_dict() @@ -48,6 +52,7 @@ class HealthNotReadyStatus: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.health_not_ready_status_errors import HealthNotReadyStatusErrors _d = src_dict.copy() _errors = _d.pop("errors", UNSET) errors: Union[Unset, HealthNotReadyStatusErrors] diff --git a/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status_errors.py b/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status_errors.py index a4f33c4..7225eb3 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status_errors.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/health_not_ready_status_errors.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -11,6 +11,7 @@ from ..types import UNSET, Unset + T = TypeVar("T", bound="HealthNotReadyStatusErrors") @attr.s(auto_attribs=True) @@ -39,6 +40,7 @@ class HealthNotReadyStatusErrors: health_not_ready_status_errors = cls( ) + health_not_ready_status_errors.additional_properties = _d return health_not_ready_status_errors diff --git a/libs/ory-hydra-client/ory_hydra_client/models/health_status.py b/libs/ory-hydra-client/ory_hydra_client/models/health_status.py index e66dd4e..eef6de6 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/health_status.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/health_status.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,6 +13,7 @@ from typing import Union + T = TypeVar("T", bound="HealthStatus") @attr.s(auto_attribs=True) diff --git a/libs/ory-hydra-client/ory_hydra_client/models/introspect_o_auth_2_token_data.py b/libs/ory-hydra-client/ory_hydra_client/models/introspect_o_auth_2_token_data.py index ad9bd1a..f3a32f2 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/introspect_o_auth_2_token_data.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/introspect_o_auth_2_token_data.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,6 +13,7 @@ from typing import Union + T = TypeVar("T", bound="IntrospectOAuth2TokenData") @attr.s(auto_attribs=True) diff --git a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_introspection.py b/libs/ory-hydra-client/ory_hydra_client/models/introspected_o_auth_2_token.py similarity index 88% rename from libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_introspection.py rename to libs/ory-hydra-client/ory_hydra_client/models/introspected_o_auth_2_token.py index 7d931e9..76adf35 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_introspection.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/introspected_o_auth_2_token.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,20 +7,24 @@ import attr from ..types import UNSET, Unset +from ..types import UNSET, Unset +from typing import cast from typing import Union from typing import Dict -from typing import cast -from ..types import UNSET, Unset from typing import cast, List +if TYPE_CHECKING: + from ..models.introspected_o_auth_2_token_ext import IntrospectedOAuth2TokenExt -T = TypeVar("T", bound="OAuth2TokenIntrospection") + +T = TypeVar("T", bound="IntrospectedOAuth2Token") @attr.s(auto_attribs=True) -class OAuth2TokenIntrospection: - """https://tools.ietf.org/html/rfc7662 +class IntrospectedOAuth2Token: + """Introspection contains an access token's session data as specified by +[IETF RFC 7662](https://tools.ietf.org/html/rfc7662) Attributes: active (bool): Active is a boolean indicator of whether or not the presented token @@ -37,7 +41,7 @@ class OAuth2TokenIntrospection: requested this token. exp (Union[Unset, int]): Expires at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token will expire. - ext (Union[Unset, OAuth2TokenIntrospectionExt]): Extra is arbitrary data set by the session. + ext (Union[Unset, IntrospectedOAuth2TokenExt]): Extra is arbitrary data set by the session. iat (Union[Unset, int]): Issued at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token was originally issued. @@ -64,7 +68,7 @@ class OAuth2TokenIntrospection: aud: Union[Unset, List[str]] = UNSET client_id: Union[Unset, str] = UNSET exp: Union[Unset, int] = UNSET - ext: Union[Unset, 'OAuth2TokenIntrospectionExt'] = UNSET + ext: Union[Unset, 'IntrospectedOAuth2TokenExt'] = UNSET iat: Union[Unset, int] = UNSET iss: Union[Unset, str] = UNSET nbf: Union[Unset, int] = UNSET @@ -78,6 +82,7 @@ class OAuth2TokenIntrospection: def to_dict(self) -> Dict[str, Any]: + from ..models.introspected_o_auth_2_token_ext import IntrospectedOAuth2TokenExt active = self.active aud: Union[Unset, List[str]] = UNSET if not isinstance(self.aud, Unset): @@ -140,6 +145,7 @@ class OAuth2TokenIntrospection: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.introspected_o_auth_2_token_ext import IntrospectedOAuth2TokenExt _d = src_dict.copy() active = _d.pop("active") @@ -151,11 +157,11 @@ class OAuth2TokenIntrospection: exp = _d.pop("exp", UNSET) _ext = _d.pop("ext", UNSET) - ext: Union[Unset, OAuth2TokenIntrospectionExt] + ext: Union[Unset, IntrospectedOAuth2TokenExt] if isinstance(_ext, Unset): ext = UNSET else: - ext = OAuth2TokenIntrospectionExt.from_dict(_ext) + ext = IntrospectedOAuth2TokenExt.from_dict(_ext) @@ -178,7 +184,7 @@ class OAuth2TokenIntrospection: username = _d.pop("username", UNSET) - o_auth_2_token_introspection = cls( + introspected_o_auth_2_token = cls( active=active, aud=aud, client_id=client_id, @@ -195,8 +201,8 @@ class OAuth2TokenIntrospection: username=username, ) - o_auth_2_token_introspection.additional_properties = _d - return o_auth_2_token_introspection + introspected_o_auth_2_token.additional_properties = _d + return introspected_o_auth_2_token @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_introspection_ext.py b/libs/ory-hydra-client/ory_hydra_client/models/introspected_o_auth_2_token_ext.py similarity index 80% rename from libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_introspection_ext.py rename to libs/ory-hydra-client/ory_hydra_client/models/introspected_o_auth_2_token_ext.py index 95c3031..146ae33 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_introspection_ext.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/introspected_o_auth_2_token_ext.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -11,10 +11,11 @@ from ..types import UNSET, Unset -T = TypeVar("T", bound="OAuth2TokenIntrospectionExt") + +T = TypeVar("T", bound="IntrospectedOAuth2TokenExt") @attr.s(auto_attribs=True) -class OAuth2TokenIntrospectionExt: +class IntrospectedOAuth2TokenExt: """Extra is arbitrary data set by the session. """ @@ -36,11 +37,11 @@ class OAuth2TokenIntrospectionExt: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - o_auth_2_token_introspection_ext = cls( + introspected_o_auth_2_token_ext = cls( ) - o_auth_2_token_introspection_ext.additional_properties = _d - return o_auth_2_token_introspection_ext + introspected_o_auth_2_token_ext.additional_properties = _d + return introspected_o_auth_2_token_ext @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_network.py b/libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_200.py similarity index 66% rename from libs/ory-hydra-client/ory_hydra_client/models/plugin_config_network.py rename to libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_200.py index 9d96b79..b89996c 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_network.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_200.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,32 +7,35 @@ import attr from ..types import UNSET, Unset +from ..types import UNSET, Unset +from typing import Union -T = TypeVar("T", bound="PluginConfigNetwork") + +T = TypeVar("T", bound="IsReadyResponse200") @attr.s(auto_attribs=True) -class PluginConfigNetwork: - """PluginConfigNetwork plugin config network - +class IsReadyResponse200: + """ Attributes: - type (str): type + status (Union[Unset, str]): Always "ok". """ - type: str + status: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - type = self.type + status = self.status field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ - "Type": type, }) + if status is not UNSET: + field_dict["status"] = status return field_dict @@ -41,14 +44,14 @@ class PluginConfigNetwork: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - type = _d.pop("Type") + status = _d.pop("status", UNSET) - plugin_config_network = cls( - type=type, + is_ready_response_200 = cls( + status=status, ) - plugin_config_network.additional_properties = _d - return plugin_config_network + is_ready_response_200.additional_properties = _d + return is_ready_response_200 @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/flush_inactive_o_auth_2_tokens_request.py b/libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_503.py similarity index 50% rename from libs/ory-hydra-client/ory_hydra_client/models/flush_inactive_o_auth_2_tokens_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_503.py index 7bf988d..e277928 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/flush_inactive_o_auth_2_tokens_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_503.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,42 +7,44 @@ import attr from ..types import UNSET, Unset -from dateutil.parser import isoparse +from ..types import UNSET, Unset +from typing import Dict from typing import Union from typing import cast -from ..types import UNSET, Unset -import datetime + +if TYPE_CHECKING: + from ..models.is_ready_response_503_errors import IsReadyResponse503Errors -T = TypeVar("T", bound="FlushInactiveOAuth2TokensRequest") +T = TypeVar("T", bound="IsReadyResponse503") @attr.s(auto_attribs=True) -class FlushInactiveOAuth2TokensRequest: +class IsReadyResponse503: """ Attributes: - not_after (Union[Unset, datetime.datetime]): NotAfter sets after which point tokens should not be flushed. This - is useful when you want to keep a history - of recently issued tokens for auditing. + errors (Union[Unset, IsReadyResponse503Errors]): Errors contains a list of errors that caused the not ready + status. """ - not_after: Union[Unset, datetime.datetime] = UNSET + errors: Union[Unset, 'IsReadyResponse503Errors'] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - not_after: Union[Unset, str] = UNSET - if not isinstance(self.not_after, Unset): - not_after = self.not_after.isoformat() + from ..models.is_ready_response_503_errors import IsReadyResponse503Errors + errors: Union[Unset, Dict[str, Any]] = UNSET + if not isinstance(self.errors, Unset): + errors = self.errors.to_dict() field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ }) - if not_after is not UNSET: - field_dict["notAfter"] = not_after + if errors is not UNSET: + field_dict["errors"] = errors return field_dict @@ -50,23 +52,24 @@ class FlushInactiveOAuth2TokensRequest: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.is_ready_response_503_errors import IsReadyResponse503Errors _d = src_dict.copy() - _not_after = _d.pop("notAfter", UNSET) - not_after: Union[Unset, datetime.datetime] - if isinstance(_not_after, Unset): - not_after = UNSET + _errors = _d.pop("errors", UNSET) + errors: Union[Unset, IsReadyResponse503Errors] + if isinstance(_errors, Unset): + errors = UNSET else: - not_after = isoparse(_not_after) + errors = IsReadyResponse503Errors.from_dict(_errors) - flush_inactive_o_auth_2_tokens_request = cls( - not_after=not_after, + is_ready_response_503 = cls( + errors=errors, ) - flush_inactive_o_auth_2_tokens_request.additional_properties = _d - return flush_inactive_o_auth_2_tokens_request + is_ready_response_503.additional_properties = _d + return is_ready_response_503 @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/json_raw_message.py b/libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_503_errors.py similarity index 64% rename from libs/ory-hydra-client/ory_hydra_client/models/json_raw_message.py rename to libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_503_errors.py index 14c408e..65fa9e7 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/json_raw_message.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/is_ready_response_503_errors.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -11,14 +11,16 @@ from ..types import UNSET, Unset -T = TypeVar("T", bound="JSONRawMessage") + +T = TypeVar("T", bound="IsReadyResponse503Errors") @attr.s(auto_attribs=True) -class JSONRawMessage: - """ +class IsReadyResponse503Errors: + """Errors contains a list of errors that caused the not ready status. + """ - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + additional_properties: Dict[str, str] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: @@ -35,20 +37,21 @@ class JSONRawMessage: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - json_raw_message = cls( + is_ready_response_503_errors = cls( ) - json_raw_message.additional_properties = _d - return json_raw_message + + is_ready_response_503_errors.additional_properties = _d + return is_ready_response_503_errors @property def additional_keys(self) -> List[str]: return list(self.additional_properties.keys()) - def __getitem__(self, key: str) -> Any: + def __getitem__(self, key: str) -> str: return self.additional_properties[key] - def __setitem__(self, key: str, value: Any) -> None: + def __setitem__(self, key: str, value: str) -> None: self.additional_properties[key] = value def __delitem__(self, key: str) -> None: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/jose_json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/models/jose_json_web_key_set.py deleted file mode 100644 index 5123ff2..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/jose_json_web_key_set.py +++ /dev/null @@ -1,58 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - - - - - -T = TypeVar("T", bound="JoseJSONWebKeySet") - -@attr.s(auto_attribs=True) -class JoseJSONWebKeySet: - """ - """ - - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - jose_json_web_key_set = cls( - ) - - jose_json_web_key_set.additional_properties = _d - return jose_json_web_key_set - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/json_patch.py b/libs/ory-hydra-client/ory_hydra_client/models/json_patch.py new file mode 100644 index 0000000..b4b61b7 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/json_patch.py @@ -0,0 +1,100 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="JsonPatch") + +@attr.s(auto_attribs=True) +class JsonPatch: + """A JSONPatch document as defined by RFC 6902 + + Attributes: + op (str): The operation to be performed. One of "add", "remove", "replace", "move", "copy", or "test". Example: + replace. + path (str): The path to the target path. Uses JSON pointer notation. + + Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). Example: /name. + from_ (Union[Unset, str]): This field is used together with operation "move" and uses JSON Pointer notation. + + Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). Example: /name. + value (Union[Unset, Any]): The value to be used within the operations. + + Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). Example: foobar. + """ + + op: str + path: str + from_: Union[Unset, str] = UNSET + value: Union[Unset, Any] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + op = self.op + path = self.path + from_ = self.from_ + value = self.value + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + "op": op, + "path": path, + }) + if from_ is not UNSET: + field_dict["from"] = from_ + if value is not UNSET: + field_dict["value"] = value + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + op = _d.pop("op") + + path = _d.pop("path") + + from_ = _d.pop("from", UNSET) + + value = _d.pop("value", UNSET) + + json_patch = cls( + op=op, + path=path, + from_=from_, + value=value, + ) + + json_patch.additional_properties = _d + return json_patch + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/models/json_web_key.py index 673b98e..7645256 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/json_web_key.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/json_web_key.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -14,14 +14,12 @@ from typing import Union -T = TypeVar("T", bound="JSONWebKey") + +T = TypeVar("T", bound="JsonWebKey") @attr.s(auto_attribs=True) -class JSONWebKey: - """It is important that this model object is named JSONWebKey for -"swagger generate spec" to generate only on definition of a -JSONWebKey. - +class JsonWebKey: + """ Attributes: alg (str): The "alg" (algorithm) parameter identifies the algorithm intended for use with the key. The values used should either be registered in the diff --git a/libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set.py b/libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set.py index 16e67da..6e687fa 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/json_web_key_set.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,38 +7,40 @@ import attr from ..types import UNSET, Unset -from typing import Union -from typing import Dict -from typing import cast from ..types import UNSET, Unset +from typing import Union +from typing import cast +from typing import Dict from typing import cast, List +if TYPE_CHECKING: + from ..models.json_web_key import JsonWebKey -T = TypeVar("T", bound="JSONWebKeySet") + +T = TypeVar("T", bound="JsonWebKeySet") @attr.s(auto_attribs=True) -class JSONWebKeySet: - """It is important that this model object is named JSONWebKeySet for -"swagger generate spec" to generate only on definition of a -JSONWebKeySet. Since one with the same name is previously defined as -client.Client.JSONWebKeys and this one is last, this one will be -effectively written in the swagger spec. +class JsonWebKeySet: + """JSON Web Key Set Attributes: - keys (Union[Unset, List['JSONWebKey']]): The value of the "keys" parameter is an array of JWK values. By - default, the order of the JWK values within the array does not imply - an order of preference among them, although applications of JWK Sets - can choose to assign a meaning to the order for their purposes, if - desired. + keys (Union[Unset, List['JsonWebKey']]): List of JSON Web Keys + + The value of the "keys" parameter is an array of JSON Web Key (JWK) + values. By default, the order of the JWK values within the array does + not imply an order of preference among them, although applications + of JWK Sets can choose to assign a meaning to the order for their + purposes, if desired. """ - keys: Union[Unset, List['JSONWebKey']] = UNSET + keys: Union[Unset, List['JsonWebKey']] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: + from ..models.json_web_key import JsonWebKey keys: Union[Unset, List[Dict[str, Any]]] = UNSET if not isinstance(self.keys, Unset): keys = [] @@ -64,11 +66,12 @@ effectively written in the swagger spec. @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.json_web_key import JsonWebKey _d = src_dict.copy() keys = [] _keys = _d.pop("keys", UNSET) for keys_item_data in (_keys or []): - keys_item = JSONWebKey.from_dict(keys_item_data) + keys_item = JsonWebKey.from_dict(keys_item_data) diff --git a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_client.py b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_client.py similarity index 52% rename from libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_client.py rename to libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_client.py index 0e178e0..bf01980 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_client.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_client.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,63 +7,95 @@ import attr from ..types import UNSET, Unset -from dateutil.parser import isoparse -from typing import Dict -from typing import Union -from typing import cast from ..types import UNSET, Unset -from typing import cast, List +from typing import cast +from typing import Union +from dateutil.parser import isoparse import datetime +from typing import cast, List -T = TypeVar("T", bound="OAuth2Client") + +T = TypeVar("T", bound="OAuth20Client") @attr.s(auto_attribs=True) -class OAuth2Client: - """ +class OAuth20Client: + """OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are +generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + Attributes: allowed_cors_origins (Union[Unset, List[str]]): audience (Union[Unset, List[str]]): - backchannel_logout_session_required (Union[Unset, bool]): Boolean value specifying whether the RP requires that - a sid (session ID) Claim be included in the Logout + authorization_code_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + authorization_code_grant_id_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + authorization_code_grant_refresh_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + backchannel_logout_session_required (Union[Unset, bool]): OpenID Connect Back-Channel Logout Session Required + + Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false. - backchannel_logout_uri (Union[Unset, str]): RP URL that will cause the RP to log itself out when sent a Logout - Token by the OP. - client_id (Union[Unset, str]): ID is the id for this client. - client_name (Union[Unset, str]): Name is the human-readable string name of the client to be presented to the - end-user during authorization. - client_secret (Union[Unset, str]): Secret is the client's secret. The secret will be included in the create - request as cleartext, and then - never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users - that they need to write the secret down as it will not be made available again. - client_secret_expires_at (Union[Unset, int]): SecretExpiresAt is an integer holding the time at which the client - secret will expire or 0 if it will not expire. The time is - represented as the number of seconds from 1970-01-01T00:00:00Z as - measured in UTC until the date/time of expiration. + backchannel_logout_uri (Union[Unset, str]): OpenID Connect Back-Channel Logout URI - This feature is currently not supported and it's value will always - be set to 0. - client_uri (Union[Unset, str]): ClientURI is an URL string of a web page providing information about the client. + RP URL that will cause the RP to log itself out when sent a Logout Token by the OP. + client_credentials_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + client_id (Union[Unset, str]): OAuth 2.0 Client ID + + The ID is autogenerated and immutable. + client_name (Union[Unset, str]): OAuth 2.0 Client Name + + The human-readable name of the client to be presented to the + end-user during authorization. + client_secret (Union[Unset, str]): OAuth 2.0 Client Secret + + The secret will be included in the create request as cleartext, and then + never again. The secret is kept in hashed format and is not recoverable once lost. + client_secret_expires_at (Union[Unset, int]): OAuth 2.0 Client Secret Expires At + + The field is currently not supported and its value is always 0. + client_uri (Union[Unset, str]): OAuth 2.0 Client URI + + ClientURI is a URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion. contacts (Union[Unset, List[str]]): - created_at (Union[Unset, datetime.datetime]): CreatedAt returns the timestamp of the client's creation. - frontchannel_logout_session_required (Union[Unset, bool]): Boolean value specifying whether the RP requires that - iss (issuer) and sid (session ID) query parameters be + created_at (Union[Unset, datetime.datetime]): OAuth 2.0 Client Creation Date + + CreatedAt returns the timestamp of the client's creation. + frontchannel_logout_session_required (Union[Unset, bool]): OpenID Connect Front-Channel Logout Session Required + + Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be included to identify the RP session with the OP when the frontchannel_logout_uri is used. If omitted, the default value is false. - frontchannel_logout_uri (Union[Unset, str]): RP URL that will cause the RP to log itself out when rendered in an - iframe by the OP. An iss (issuer) query + frontchannel_logout_uri (Union[Unset, str]): OpenID Connect Front-Channel Logout URI + + RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the request and to determine which of the potentially multiple sessions is to be logged out; if either is included, both MUST be. grant_types (Union[Unset, List[str]]): - jwks (Union[Unset, JoseJSONWebKeySet]): - jwks_uri (Union[Unset, str]): URL for the Client's JSON Web Key Set [JWK] document. If the Client signs requests - to the Server, it contains + implicit_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + implicit_grant_id_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, minutes, + hours. + jwks (Union[Unset, Any]): OAuth 2.0 Client JSON Web Key Set + + Client's JSON Web Key Set [JWK] document, passed by value. The semantics of the jwks parameter are the same as + the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter + is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for + instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client + can use jwks_uri, it MUST NOT use jwks. One significant downside of jwks is that it does not enable key rotation + (which jwks_uri does, as described in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). The jwks_uri and + jwks + parameters MUST NOT be used together. + jwks_uri (Union[Unset, str]): OAuth 2.0 Client JSON Web Key Set URL + + URL for the Client's JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the Client's encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the @@ -72,41 +104,80 @@ class OAuth2Client: signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. - logo_uri (Union[Unset, str]): LogoURI is an URL string that references a logo for the client. - metadata (Union[Unset, JSONRawMessage]): - owner (Union[Unset, str]): Owner is a string identifying the owner of the OAuth 2.0 Client. - policy_uri (Union[Unset, str]): PolicyURI is a URL string that points to a human-readable privacy policy - document + jwt_bearer_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + logo_uri (Union[Unset, str]): OAuth 2.0 Client Logo URI + + A URL string referencing the client's logo. + metadata (Union[Unset, Any]): + owner (Union[Unset, str]): OAuth 2.0 Client Owner + + Owner is a string identifying the owner of the OAuth 2.0 Client. + policy_uri (Union[Unset, str]): OAuth 2.0 Client Policy URI + + PolicyURI is a URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data. post_logout_redirect_uris (Union[Unset, List[str]]): redirect_uris (Union[Unset, List[str]]): - request_object_signing_alg (Union[Unset, str]): JWS [JWS] alg algorithm [JWA] that MUST be used for signing - Request Objects sent to the OP. All Request Objects + refresh_token_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + refresh_token_grant_id_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + refresh_token_grant_refresh_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + registration_access_token (Union[Unset, str]): OpenID Connect Dynamic Client Registration Access Token + + RegistrationAccessToken can be used to update, get, or delete the OAuth2 Client. It is sent when creating a + client + using Dynamic Client Registration. + registration_client_uri (Union[Unset, str]): OpenID Connect Dynamic Client Registration URL + + RegistrationClientURI is the URL used to update, get, or delete the OAuth2 Client. + request_object_signing_alg (Union[Unset, str]): OpenID Connect Request Object Signing Algorithm + + JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects from this Client MUST be rejected, if not signed with this algorithm. request_uris (Union[Unset, List[str]]): response_types (Union[Unset, List[str]]): - scope (Union[Unset, str]): Scope is a string containing a space-separated list of scope values (as + scope (Union[Unset, str]): OAuth 2.0 Client Scope + + Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client - can use when requesting access tokens. - sector_identifier_uri (Union[Unset, str]): URL using the https scheme to be used in calculating Pseudonymous - Identifiers by the OP. The URL references a + can use when requesting access tokens. Example: scope1 scope-2 scope.3 scope:4. + sector_identifier_uri (Union[Unset, str]): OpenID Connect Sector Identifier URI + + URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values. - subject_type (Union[Unset, str]): SubjectType requested for responses to this Client. The - subject_types_supported Discovery parameter contains a + subject_type (Union[Unset, str]): OpenID Connect Subject Type + + The `subject_types_supported` Discovery parameter contains a list of the supported subject_type values for this server. Valid types include `pairwise` and `public`. - token_endpoint_auth_method (Union[Unset, str]): Requested Client Authentication method for the Token Endpoint. - The options are client_secret_post, - client_secret_basic, private_key_jwt, and none. - token_endpoint_auth_signing_alg (Union[Unset, str]): Requested Client Authentication signing algorithm for the - Token Endpoint. - tos_uri (Union[Unset, str]): TermsOfServiceURI is a URL string that points to a human-readable terms of service + token_endpoint_auth_method (Union[Unset, str]): OAuth 2.0 Token Endpoint Authentication Method + + Requested Client Authentication method for the Token Endpoint. The options are: + + `client_secret_post`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in + the HTTP body. + `client_secret_basic`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in + the HTTP Authorization header. + `private_key_jwt`: Use JSON Web Tokens to authenticate the client. + `none`: Used for public clients (native apps, mobile apps) which can not have secrets. + token_endpoint_auth_signing_alg (Union[Unset, str]): OAuth 2.0 Token Endpoint Signing Algorithm + + Requested Client Authentication signing algorithm for the Token Endpoint. + tos_uri (Union[Unset, str]): OAuth 2.0 Client Terms of Service URI + + A URL string pointing to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client. - updated_at (Union[Unset, datetime.datetime]): UpdatedAt returns the timestamp of the last update. - userinfo_signed_response_alg (Union[Unset, str]): JWS alg algorithm [JWA] REQUIRED for signing UserInfo - Responses. If this is specified, the response will be JWT + updated_at (Union[Unset, datetime.datetime]): OAuth 2.0 Client Last Update Date + + UpdatedAt returns the timestamp of the last update. + userinfo_signed_response_alg (Union[Unset, str]): OpenID Connect Request Userinfo Signed Response Algorithm + + JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims as a UTF-8 encoded JSON object using the application/json content-type. @@ -114,8 +185,12 @@ class OAuth2Client: allowed_cors_origins: Union[Unset, List[str]] = UNSET audience: Union[Unset, List[str]] = UNSET + authorization_code_grant_access_token_lifespan: Union[Unset, str] = UNSET + authorization_code_grant_id_token_lifespan: Union[Unset, str] = UNSET + authorization_code_grant_refresh_token_lifespan: Union[Unset, str] = UNSET backchannel_logout_session_required: Union[Unset, bool] = UNSET backchannel_logout_uri: Union[Unset, str] = UNSET + client_credentials_grant_access_token_lifespan: Union[Unset, str] = UNSET client_id: Union[Unset, str] = UNSET client_name: Union[Unset, str] = UNSET client_secret: Union[Unset, str] = UNSET @@ -126,14 +201,22 @@ class OAuth2Client: frontchannel_logout_session_required: Union[Unset, bool] = UNSET frontchannel_logout_uri: Union[Unset, str] = UNSET grant_types: Union[Unset, List[str]] = UNSET - jwks: Union[Unset, 'JoseJSONWebKeySet'] = UNSET + implicit_grant_access_token_lifespan: Union[Unset, str] = UNSET + implicit_grant_id_token_lifespan: Union[Unset, str] = UNSET + jwks: Union[Unset, Any] = UNSET jwks_uri: Union[Unset, str] = UNSET + jwt_bearer_grant_access_token_lifespan: Union[Unset, str] = UNSET logo_uri: Union[Unset, str] = UNSET - metadata: Union[Unset, 'JSONRawMessage'] = UNSET + metadata: Union[Unset, Any] = UNSET owner: Union[Unset, str] = UNSET policy_uri: Union[Unset, str] = UNSET post_logout_redirect_uris: Union[Unset, List[str]] = UNSET redirect_uris: Union[Unset, List[str]] = UNSET + refresh_token_grant_access_token_lifespan: Union[Unset, str] = UNSET + refresh_token_grant_id_token_lifespan: Union[Unset, str] = UNSET + refresh_token_grant_refresh_token_lifespan: Union[Unset, str] = UNSET + registration_access_token: Union[Unset, str] = UNSET + registration_client_uri: Union[Unset, str] = UNSET request_object_signing_alg: Union[Unset, str] = UNSET request_uris: Union[Unset, List[str]] = UNSET response_types: Union[Unset, List[str]] = UNSET @@ -163,8 +246,12 @@ class OAuth2Client: + authorization_code_grant_access_token_lifespan = self.authorization_code_grant_access_token_lifespan + authorization_code_grant_id_token_lifespan = self.authorization_code_grant_id_token_lifespan + authorization_code_grant_refresh_token_lifespan = self.authorization_code_grant_refresh_token_lifespan backchannel_logout_session_required = self.backchannel_logout_session_required backchannel_logout_uri = self.backchannel_logout_uri + client_credentials_grant_access_token_lifespan = self.client_credentials_grant_access_token_lifespan client_id = self.client_id client_name = self.client_name client_secret = self.client_secret @@ -190,16 +277,13 @@ class OAuth2Client: - jwks: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.jwks, Unset): - jwks = self.jwks.to_dict() - + implicit_grant_access_token_lifespan = self.implicit_grant_access_token_lifespan + implicit_grant_id_token_lifespan = self.implicit_grant_id_token_lifespan + jwks = self.jwks jwks_uri = self.jwks_uri + jwt_bearer_grant_access_token_lifespan = self.jwt_bearer_grant_access_token_lifespan logo_uri = self.logo_uri - metadata: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.metadata, Unset): - metadata = self.metadata.to_dict() - + metadata = self.metadata owner = self.owner policy_uri = self.policy_uri post_logout_redirect_uris: Union[Unset, List[str]] = UNSET @@ -216,6 +300,11 @@ class OAuth2Client: + refresh_token_grant_access_token_lifespan = self.refresh_token_grant_access_token_lifespan + refresh_token_grant_id_token_lifespan = self.refresh_token_grant_id_token_lifespan + refresh_token_grant_refresh_token_lifespan = self.refresh_token_grant_refresh_token_lifespan + registration_access_token = self.registration_access_token + registration_client_uri = self.registration_client_uri request_object_signing_alg = self.request_object_signing_alg request_uris: Union[Unset, List[str]] = UNSET if not isinstance(self.request_uris, Unset): @@ -251,10 +340,18 @@ class OAuth2Client: field_dict["allowed_cors_origins"] = allowed_cors_origins if audience is not UNSET: field_dict["audience"] = audience + if authorization_code_grant_access_token_lifespan is not UNSET: + field_dict["authorization_code_grant_access_token_lifespan"] = authorization_code_grant_access_token_lifespan + if authorization_code_grant_id_token_lifespan is not UNSET: + field_dict["authorization_code_grant_id_token_lifespan"] = authorization_code_grant_id_token_lifespan + if authorization_code_grant_refresh_token_lifespan is not UNSET: + field_dict["authorization_code_grant_refresh_token_lifespan"] = authorization_code_grant_refresh_token_lifespan if backchannel_logout_session_required is not UNSET: field_dict["backchannel_logout_session_required"] = backchannel_logout_session_required if backchannel_logout_uri is not UNSET: field_dict["backchannel_logout_uri"] = backchannel_logout_uri + if client_credentials_grant_access_token_lifespan is not UNSET: + field_dict["client_credentials_grant_access_token_lifespan"] = client_credentials_grant_access_token_lifespan if client_id is not UNSET: field_dict["client_id"] = client_id if client_name is not UNSET: @@ -275,10 +372,16 @@ class OAuth2Client: field_dict["frontchannel_logout_uri"] = frontchannel_logout_uri if grant_types is not UNSET: field_dict["grant_types"] = grant_types + if implicit_grant_access_token_lifespan is not UNSET: + field_dict["implicit_grant_access_token_lifespan"] = implicit_grant_access_token_lifespan + if implicit_grant_id_token_lifespan is not UNSET: + field_dict["implicit_grant_id_token_lifespan"] = implicit_grant_id_token_lifespan if jwks is not UNSET: field_dict["jwks"] = jwks if jwks_uri is not UNSET: field_dict["jwks_uri"] = jwks_uri + if jwt_bearer_grant_access_token_lifespan is not UNSET: + field_dict["jwt_bearer_grant_access_token_lifespan"] = jwt_bearer_grant_access_token_lifespan if logo_uri is not UNSET: field_dict["logo_uri"] = logo_uri if metadata is not UNSET: @@ -291,6 +394,16 @@ class OAuth2Client: field_dict["post_logout_redirect_uris"] = post_logout_redirect_uris if redirect_uris is not UNSET: field_dict["redirect_uris"] = redirect_uris + if refresh_token_grant_access_token_lifespan is not UNSET: + field_dict["refresh_token_grant_access_token_lifespan"] = refresh_token_grant_access_token_lifespan + if refresh_token_grant_id_token_lifespan is not UNSET: + field_dict["refresh_token_grant_id_token_lifespan"] = refresh_token_grant_id_token_lifespan + if refresh_token_grant_refresh_token_lifespan is not UNSET: + field_dict["refresh_token_grant_refresh_token_lifespan"] = refresh_token_grant_refresh_token_lifespan + if registration_access_token is not UNSET: + field_dict["registration_access_token"] = registration_access_token + if registration_client_uri is not UNSET: + field_dict["registration_client_uri"] = registration_client_uri if request_object_signing_alg is not UNSET: field_dict["request_object_signing_alg"] = request_object_signing_alg if request_uris is not UNSET: @@ -327,10 +440,18 @@ class OAuth2Client: audience = cast(List[str], _d.pop("audience", UNSET)) + authorization_code_grant_access_token_lifespan = _d.pop("authorization_code_grant_access_token_lifespan", UNSET) + + authorization_code_grant_id_token_lifespan = _d.pop("authorization_code_grant_id_token_lifespan", UNSET) + + authorization_code_grant_refresh_token_lifespan = _d.pop("authorization_code_grant_refresh_token_lifespan", UNSET) + backchannel_logout_session_required = _d.pop("backchannel_logout_session_required", UNSET) backchannel_logout_uri = _d.pop("backchannel_logout_uri", UNSET) + client_credentials_grant_access_token_lifespan = _d.pop("client_credentials_grant_access_token_lifespan", UNSET) + client_id = _d.pop("client_id", UNSET) client_name = _d.pop("client_name", UNSET) @@ -361,29 +482,19 @@ class OAuth2Client: grant_types = cast(List[str], _d.pop("grant_types", UNSET)) - _jwks = _d.pop("jwks", UNSET) - jwks: Union[Unset, JoseJSONWebKeySet] - if isinstance(_jwks, Unset): - jwks = UNSET - else: - jwks = JoseJSONWebKeySet.from_dict(_jwks) - + implicit_grant_access_token_lifespan = _d.pop("implicit_grant_access_token_lifespan", UNSET) + implicit_grant_id_token_lifespan = _d.pop("implicit_grant_id_token_lifespan", UNSET) + jwks = _d.pop("jwks", UNSET) jwks_uri = _d.pop("jwks_uri", UNSET) + jwt_bearer_grant_access_token_lifespan = _d.pop("jwt_bearer_grant_access_token_lifespan", UNSET) + logo_uri = _d.pop("logo_uri", UNSET) - _metadata = _d.pop("metadata", UNSET) - metadata: Union[Unset, JSONRawMessage] - if isinstance(_metadata, Unset): - metadata = UNSET - else: - metadata = JSONRawMessage.from_dict(_metadata) - - - + metadata = _d.pop("metadata", UNSET) owner = _d.pop("owner", UNSET) @@ -395,6 +506,16 @@ class OAuth2Client: redirect_uris = cast(List[str], _d.pop("redirect_uris", UNSET)) + refresh_token_grant_access_token_lifespan = _d.pop("refresh_token_grant_access_token_lifespan", UNSET) + + refresh_token_grant_id_token_lifespan = _d.pop("refresh_token_grant_id_token_lifespan", UNSET) + + refresh_token_grant_refresh_token_lifespan = _d.pop("refresh_token_grant_refresh_token_lifespan", UNSET) + + registration_access_token = _d.pop("registration_access_token", UNSET) + + registration_client_uri = _d.pop("registration_client_uri", UNSET) + request_object_signing_alg = _d.pop("request_object_signing_alg", UNSET) request_uris = cast(List[str], _d.pop("request_uris", UNSET)) @@ -427,11 +548,15 @@ class OAuth2Client: userinfo_signed_response_alg = _d.pop("userinfo_signed_response_alg", UNSET) - o_auth_2_client = cls( + o_auth_20_client = cls( allowed_cors_origins=allowed_cors_origins, audience=audience, + authorization_code_grant_access_token_lifespan=authorization_code_grant_access_token_lifespan, + authorization_code_grant_id_token_lifespan=authorization_code_grant_id_token_lifespan, + authorization_code_grant_refresh_token_lifespan=authorization_code_grant_refresh_token_lifespan, backchannel_logout_session_required=backchannel_logout_session_required, backchannel_logout_uri=backchannel_logout_uri, + client_credentials_grant_access_token_lifespan=client_credentials_grant_access_token_lifespan, client_id=client_id, client_name=client_name, client_secret=client_secret, @@ -442,14 +567,22 @@ class OAuth2Client: frontchannel_logout_session_required=frontchannel_logout_session_required, frontchannel_logout_uri=frontchannel_logout_uri, grant_types=grant_types, + implicit_grant_access_token_lifespan=implicit_grant_access_token_lifespan, + implicit_grant_id_token_lifespan=implicit_grant_id_token_lifespan, jwks=jwks, jwks_uri=jwks_uri, + jwt_bearer_grant_access_token_lifespan=jwt_bearer_grant_access_token_lifespan, logo_uri=logo_uri, metadata=metadata, owner=owner, policy_uri=policy_uri, post_logout_redirect_uris=post_logout_redirect_uris, redirect_uris=redirect_uris, + refresh_token_grant_access_token_lifespan=refresh_token_grant_access_token_lifespan, + refresh_token_grant_id_token_lifespan=refresh_token_grant_id_token_lifespan, + refresh_token_grant_refresh_token_lifespan=refresh_token_grant_refresh_token_lifespan, + registration_access_token=registration_access_token, + registration_client_uri=registration_client_uri, request_object_signing_alg=request_object_signing_alg, request_uris=request_uris, response_types=response_types, @@ -463,8 +596,8 @@ class OAuth2Client: userinfo_signed_response_alg=userinfo_signed_response_alg, ) - o_auth_2_client.additional_properties = _d - return o_auth_2_client + o_auth_20_client.additional_properties = _d + return o_auth_20_client @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_client_token_lifespans.py b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_client_token_lifespans.py new file mode 100644 index 0000000..8a60b63 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_client_token_lifespans.py @@ -0,0 +1,153 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="OAuth20ClientTokenLifespans") + +@attr.s(auto_attribs=True) +class OAuth20ClientTokenLifespans: + """Lifespans of different token types issued for this OAuth 2.0 Client. + + Attributes: + authorization_code_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + authorization_code_grant_id_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + authorization_code_grant_refresh_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + client_credentials_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + implicit_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + implicit_grant_id_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, minutes, + hours. + jwt_bearer_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + refresh_token_grant_access_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + refresh_token_grant_id_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, seconds, + minutes, hours. + refresh_token_grant_refresh_token_lifespan (Union[Unset, str]): Specify a time duration in milliseconds, + seconds, minutes, hours. + """ + + authorization_code_grant_access_token_lifespan: Union[Unset, str] = UNSET + authorization_code_grant_id_token_lifespan: Union[Unset, str] = UNSET + authorization_code_grant_refresh_token_lifespan: Union[Unset, str] = UNSET + client_credentials_grant_access_token_lifespan: Union[Unset, str] = UNSET + implicit_grant_access_token_lifespan: Union[Unset, str] = UNSET + implicit_grant_id_token_lifespan: Union[Unset, str] = UNSET + jwt_bearer_grant_access_token_lifespan: Union[Unset, str] = UNSET + refresh_token_grant_access_token_lifespan: Union[Unset, str] = UNSET + refresh_token_grant_id_token_lifespan: Union[Unset, str] = UNSET + refresh_token_grant_refresh_token_lifespan: Union[Unset, str] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + authorization_code_grant_access_token_lifespan = self.authorization_code_grant_access_token_lifespan + authorization_code_grant_id_token_lifespan = self.authorization_code_grant_id_token_lifespan + authorization_code_grant_refresh_token_lifespan = self.authorization_code_grant_refresh_token_lifespan + client_credentials_grant_access_token_lifespan = self.client_credentials_grant_access_token_lifespan + implicit_grant_access_token_lifespan = self.implicit_grant_access_token_lifespan + implicit_grant_id_token_lifespan = self.implicit_grant_id_token_lifespan + jwt_bearer_grant_access_token_lifespan = self.jwt_bearer_grant_access_token_lifespan + refresh_token_grant_access_token_lifespan = self.refresh_token_grant_access_token_lifespan + refresh_token_grant_id_token_lifespan = self.refresh_token_grant_id_token_lifespan + refresh_token_grant_refresh_token_lifespan = self.refresh_token_grant_refresh_token_lifespan + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if authorization_code_grant_access_token_lifespan is not UNSET: + field_dict["authorization_code_grant_access_token_lifespan"] = authorization_code_grant_access_token_lifespan + if authorization_code_grant_id_token_lifespan is not UNSET: + field_dict["authorization_code_grant_id_token_lifespan"] = authorization_code_grant_id_token_lifespan + if authorization_code_grant_refresh_token_lifespan is not UNSET: + field_dict["authorization_code_grant_refresh_token_lifespan"] = authorization_code_grant_refresh_token_lifespan + if client_credentials_grant_access_token_lifespan is not UNSET: + field_dict["client_credentials_grant_access_token_lifespan"] = client_credentials_grant_access_token_lifespan + if implicit_grant_access_token_lifespan is not UNSET: + field_dict["implicit_grant_access_token_lifespan"] = implicit_grant_access_token_lifespan + if implicit_grant_id_token_lifespan is not UNSET: + field_dict["implicit_grant_id_token_lifespan"] = implicit_grant_id_token_lifespan + if jwt_bearer_grant_access_token_lifespan is not UNSET: + field_dict["jwt_bearer_grant_access_token_lifespan"] = jwt_bearer_grant_access_token_lifespan + if refresh_token_grant_access_token_lifespan is not UNSET: + field_dict["refresh_token_grant_access_token_lifespan"] = refresh_token_grant_access_token_lifespan + if refresh_token_grant_id_token_lifespan is not UNSET: + field_dict["refresh_token_grant_id_token_lifespan"] = refresh_token_grant_id_token_lifespan + if refresh_token_grant_refresh_token_lifespan is not UNSET: + field_dict["refresh_token_grant_refresh_token_lifespan"] = refresh_token_grant_refresh_token_lifespan + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + authorization_code_grant_access_token_lifespan = _d.pop("authorization_code_grant_access_token_lifespan", UNSET) + + authorization_code_grant_id_token_lifespan = _d.pop("authorization_code_grant_id_token_lifespan", UNSET) + + authorization_code_grant_refresh_token_lifespan = _d.pop("authorization_code_grant_refresh_token_lifespan", UNSET) + + client_credentials_grant_access_token_lifespan = _d.pop("client_credentials_grant_access_token_lifespan", UNSET) + + implicit_grant_access_token_lifespan = _d.pop("implicit_grant_access_token_lifespan", UNSET) + + implicit_grant_id_token_lifespan = _d.pop("implicit_grant_id_token_lifespan", UNSET) + + jwt_bearer_grant_access_token_lifespan = _d.pop("jwt_bearer_grant_access_token_lifespan", UNSET) + + refresh_token_grant_access_token_lifespan = _d.pop("refresh_token_grant_access_token_lifespan", UNSET) + + refresh_token_grant_id_token_lifespan = _d.pop("refresh_token_grant_id_token_lifespan", UNSET) + + refresh_token_grant_refresh_token_lifespan = _d.pop("refresh_token_grant_refresh_token_lifespan", UNSET) + + o_auth_20_client_token_lifespans = cls( + authorization_code_grant_access_token_lifespan=authorization_code_grant_access_token_lifespan, + authorization_code_grant_id_token_lifespan=authorization_code_grant_id_token_lifespan, + authorization_code_grant_refresh_token_lifespan=authorization_code_grant_refresh_token_lifespan, + client_credentials_grant_access_token_lifespan=client_credentials_grant_access_token_lifespan, + implicit_grant_access_token_lifespan=implicit_grant_access_token_lifespan, + implicit_grant_id_token_lifespan=implicit_grant_id_token_lifespan, + jwt_bearer_grant_access_token_lifespan=jwt_bearer_grant_access_token_lifespan, + refresh_token_grant_access_token_lifespan=refresh_token_grant_access_token_lifespan, + refresh_token_grant_id_token_lifespan=refresh_token_grant_id_token_lifespan, + refresh_token_grant_refresh_token_lifespan=refresh_token_grant_refresh_token_lifespan, + ) + + o_auth_20_client_token_lifespans.additional_properties = _d + return o_auth_20_client_token_lifespans + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/previous_consent_session.py b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_consent_session.py similarity index 60% rename from libs/ory-hydra-client/ory_hydra_client/models/previous_consent_session.py rename to libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_consent_session.py index 5eac95c..5698395 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/previous_consent_session.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_consent_session.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,53 +7,68 @@ import attr from ..types import UNSET, Unset -from dateutil.parser import isoparse -from typing import Union -from typing import Dict -from typing import cast from ..types import UNSET, Unset -from typing import cast, List +from typing import Union +from typing import cast +from typing import Dict +from dateutil.parser import isoparse import datetime +from typing import cast, List + +if TYPE_CHECKING: + from ..models.pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest + from ..models.o_auth_20_consent_session_expires_at import OAuth20ConsentSessionExpiresAt + from ..models.contains_information_on_an_ongoing_consent_request import ContainsInformationOnAnOngoingConsentRequest -T = TypeVar("T", bound="PreviousConsentSession") +T = TypeVar("T", bound="OAuth20ConsentSession") @attr.s(auto_attribs=True) -class PreviousConsentSession: - """The response used to return used consent requests -same as HandledLoginRequest, just with consent_request exposed as json +class OAuth20ConsentSession: + """A completed OAuth 2.0 Consent Session. Attributes: - consent_request (Union[Unset, ConsentRequest]): + consent_request (Union[Unset, ContainsInformationOnAnOngoingConsentRequest]): + expires_at (Union[Unset, OAuth20ConsentSessionExpiresAt]): grant_access_token_audience (Union[Unset, List[str]]): grant_scope (Union[Unset, List[str]]): handled_at (Union[Unset, datetime.datetime]): - remember (Union[Unset, bool]): Remember, if set to true, tells ORY Hydra to remember this consent authorization - and reuse it if the same + remember (Union[Unset, bool]): Remember Consent + + Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same client asks the same user for the same, or a subset of, scope. - remember_for (Union[Unset, int]): RememberFor sets how long the consent authorization should be remembered for - in seconds. If set to `0`, the + remember_for (Union[Unset, int]): Remember Consent For + + RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the authorization will be remembered indefinitely. - session (Union[Unset, ConsentRequestSession]): + session (Union[Unset, PassSessionDataToAConsentRequest]): """ - consent_request: Union[Unset, 'ConsentRequest'] = UNSET + consent_request: Union[Unset, 'ContainsInformationOnAnOngoingConsentRequest'] = UNSET + expires_at: Union[Unset, 'OAuth20ConsentSessionExpiresAt'] = UNSET grant_access_token_audience: Union[Unset, List[str]] = UNSET grant_scope: Union[Unset, List[str]] = UNSET handled_at: Union[Unset, datetime.datetime] = UNSET remember: Union[Unset, bool] = UNSET remember_for: Union[Unset, int] = UNSET - session: Union[Unset, 'ConsentRequestSession'] = UNSET + session: Union[Unset, 'PassSessionDataToAConsentRequest'] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: + from ..models.pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest + from ..models.o_auth_20_consent_session_expires_at import OAuth20ConsentSessionExpiresAt + from ..models.contains_information_on_an_ongoing_consent_request import ContainsInformationOnAnOngoingConsentRequest consent_request: Union[Unset, Dict[str, Any]] = UNSET if not isinstance(self.consent_request, Unset): consent_request = self.consent_request.to_dict() + expires_at: Union[Unset, Dict[str, Any]] = UNSET + if not isinstance(self.expires_at, Unset): + expires_at = self.expires_at.to_dict() + grant_access_token_audience: Union[Unset, List[str]] = UNSET if not isinstance(self.grant_access_token_audience, Unset): grant_access_token_audience = self.grant_access_token_audience @@ -85,6 +100,8 @@ same as HandledLoginRequest, just with consent_request exposed as json }) if consent_request is not UNSET: field_dict["consent_request"] = consent_request + if expires_at is not UNSET: + field_dict["expires_at"] = expires_at if grant_access_token_audience is not UNSET: field_dict["grant_access_token_audience"] = grant_access_token_audience if grant_scope is not UNSET: @@ -104,13 +121,26 @@ same as HandledLoginRequest, just with consent_request exposed as json @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest + from ..models.o_auth_20_consent_session_expires_at import OAuth20ConsentSessionExpiresAt + from ..models.contains_information_on_an_ongoing_consent_request import ContainsInformationOnAnOngoingConsentRequest _d = src_dict.copy() _consent_request = _d.pop("consent_request", UNSET) - consent_request: Union[Unset, ConsentRequest] + consent_request: Union[Unset, ContainsInformationOnAnOngoingConsentRequest] if isinstance(_consent_request, Unset): consent_request = UNSET else: - consent_request = ConsentRequest.from_dict(_consent_request) + consent_request = ContainsInformationOnAnOngoingConsentRequest.from_dict(_consent_request) + + + + + _expires_at = _d.pop("expires_at", UNSET) + expires_at: Union[Unset, OAuth20ConsentSessionExpiresAt] + if isinstance(_expires_at, Unset): + expires_at = UNSET + else: + expires_at = OAuth20ConsentSessionExpiresAt.from_dict(_expires_at) @@ -136,17 +166,18 @@ same as HandledLoginRequest, just with consent_request exposed as json remember_for = _d.pop("remember_for", UNSET) _session = _d.pop("session", UNSET) - session: Union[Unset, ConsentRequestSession] + session: Union[Unset, PassSessionDataToAConsentRequest] if isinstance(_session, Unset): session = UNSET else: - session = ConsentRequestSession.from_dict(_session) + session = PassSessionDataToAConsentRequest.from_dict(_session) - previous_consent_session = cls( + o_auth_20_consent_session = cls( consent_request=consent_request, + expires_at=expires_at, grant_access_token_audience=grant_access_token_audience, grant_scope=grant_scope, handled_at=handled_at, @@ -155,8 +186,8 @@ same as HandledLoginRequest, just with consent_request exposed as json session=session, ) - previous_consent_session.additional_properties = _d - return previous_consent_session + o_auth_20_consent_session.additional_properties = _d + return o_auth_20_consent_session @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_consent_session_expires_at.py b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_consent_session_expires_at.py new file mode 100644 index 0000000..67f74fe --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_consent_session_expires_at.py @@ -0,0 +1,160 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import cast +from typing import Union +from dateutil.parser import isoparse +import datetime + + + + + +T = TypeVar("T", bound="OAuth20ConsentSessionExpiresAt") + +@attr.s(auto_attribs=True) +class OAuth20ConsentSessionExpiresAt: + """ + Attributes: + access_token (Union[Unset, datetime.datetime]): + authorize_code (Union[Unset, datetime.datetime]): + id_token (Union[Unset, datetime.datetime]): + par_context (Union[Unset, datetime.datetime]): + refresh_token (Union[Unset, datetime.datetime]): + """ + + access_token: Union[Unset, datetime.datetime] = UNSET + authorize_code: Union[Unset, datetime.datetime] = UNSET + id_token: Union[Unset, datetime.datetime] = UNSET + par_context: Union[Unset, datetime.datetime] = UNSET + refresh_token: Union[Unset, datetime.datetime] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + access_token: Union[Unset, str] = UNSET + if not isinstance(self.access_token, Unset): + access_token = self.access_token.isoformat() + + authorize_code: Union[Unset, str] = UNSET + if not isinstance(self.authorize_code, Unset): + authorize_code = self.authorize_code.isoformat() + + id_token: Union[Unset, str] = UNSET + if not isinstance(self.id_token, Unset): + id_token = self.id_token.isoformat() + + par_context: Union[Unset, str] = UNSET + if not isinstance(self.par_context, Unset): + par_context = self.par_context.isoformat() + + refresh_token: Union[Unset, str] = UNSET + if not isinstance(self.refresh_token, Unset): + refresh_token = self.refresh_token.isoformat() + + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if access_token is not UNSET: + field_dict["access_token"] = access_token + if authorize_code is not UNSET: + field_dict["authorize_code"] = authorize_code + if id_token is not UNSET: + field_dict["id_token"] = id_token + if par_context is not UNSET: + field_dict["par_context"] = par_context + if refresh_token is not UNSET: + field_dict["refresh_token"] = refresh_token + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + _access_token = _d.pop("access_token", UNSET) + access_token: Union[Unset, datetime.datetime] + if isinstance(_access_token, Unset): + access_token = UNSET + else: + access_token = isoparse(_access_token) + + + + + _authorize_code = _d.pop("authorize_code", UNSET) + authorize_code: Union[Unset, datetime.datetime] + if isinstance(_authorize_code, Unset): + authorize_code = UNSET + else: + authorize_code = isoparse(_authorize_code) + + + + + _id_token = _d.pop("id_token", UNSET) + id_token: Union[Unset, datetime.datetime] + if isinstance(_id_token, Unset): + id_token = UNSET + else: + id_token = isoparse(_id_token) + + + + + _par_context = _d.pop("par_context", UNSET) + par_context: Union[Unset, datetime.datetime] + if isinstance(_par_context, Unset): + par_context = UNSET + else: + par_context = isoparse(_par_context) + + + + + _refresh_token = _d.pop("refresh_token", UNSET) + refresh_token: Union[Unset, datetime.datetime] + if isinstance(_refresh_token, Unset): + refresh_token = UNSET + else: + refresh_token = isoparse(_refresh_token) + + + + + o_auth_20_consent_session_expires_at = cls( + access_token=access_token, + authorize_code=authorize_code, + id_token=id_token, + par_context=par_context, + refresh_token=refresh_token, + ) + + o_auth_20_consent_session_expires_at.additional_properties = _d + return o_auth_20_consent_session_expires_at + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/completed_request.py b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_redirect_browser_to.py similarity index 75% rename from libs/ory-hydra-client/ory_hydra_client/models/completed_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_redirect_browser_to.py index d41ba39..8af4524 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/completed_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_20_redirect_browser_to.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -11,14 +11,16 @@ from ..types import UNSET, Unset -T = TypeVar("T", bound="CompletedRequest") + +T = TypeVar("T", bound="OAuth20RedirectBrowserTo") @attr.s(auto_attribs=True) -class CompletedRequest: - """ +class OAuth20RedirectBrowserTo: + """Contains a redirect URL used to complete a login, consent, or logout request. + Attributes: - redirect_to (str): RedirectURL is the URL which you should redirect the user to once the authentication process - is completed. + redirect_to (str): RedirectURL is the URL which you should redirect the user's browser to once the + authentication process is completed. """ redirect_to: str @@ -43,12 +45,12 @@ class CompletedRequest: _d = src_dict.copy() redirect_to = _d.pop("redirect_to") - completed_request = cls( + o_auth_20_redirect_browser_to = cls( redirect_to=redirect_to, ) - completed_request.additional_properties = _d - return completed_request + o_auth_20_redirect_browser_to.additional_properties = _d + return o_auth_20_redirect_browser_to @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_response.py b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_exchange.py similarity index 70% rename from libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_response.py rename to libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_exchange.py index 1d5e8d0..a120457 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_response.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/o_auth_2_token_exchange.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,24 +13,28 @@ from typing import Union -T = TypeVar("T", bound="Oauth2TokenResponse") + +T = TypeVar("T", bound="OAuth2TokenExchange") @attr.s(auto_attribs=True) -class Oauth2TokenResponse: - """The Access Token Response +class OAuth2TokenExchange: + """OAuth2 Token Exchange Result Attributes: - access_token (Union[Unset, str]): - expires_in (Union[Unset, int]): - id_token (Union[Unset, str]): - refresh_token (Union[Unset, str]): - scope (Union[Unset, str]): - token_type (Union[Unset, str]): + access_token (Union[Unset, str]): The access token issued by the authorization server. + expires_in (Union[Unset, int]): The lifetime in seconds of the access token. For + example, the value "3600" denotes that the access token will + expire in one hour from the time the response was generated. + id_token (Union[Unset, int]): To retrieve a refresh token request the id_token scope. + refresh_token (Union[Unset, str]): The refresh token, which can be used to obtain new + access tokens. To retrieve it add the scope "offline" to your access token request. + scope (Union[Unset, str]): The scope of the access token + token_type (Union[Unset, str]): The type of the token issued """ access_token: Union[Unset, str] = UNSET expires_in: Union[Unset, int] = UNSET - id_token: Union[Unset, str] = UNSET + id_token: Union[Unset, int] = UNSET refresh_token: Union[Unset, str] = UNSET scope: Union[Unset, str] = UNSET token_type: Union[Unset, str] = UNSET @@ -81,7 +85,7 @@ class Oauth2TokenResponse: token_type = _d.pop("token_type", UNSET) - oauth_2_token_response = cls( + o_auth_2_token_exchange = cls( access_token=access_token, expires_in=expires_in, id_token=id_token, @@ -90,8 +94,8 @@ class Oauth2TokenResponse: token_type=token_type, ) - oauth_2_token_response.additional_properties = _d - return oauth_2_token_response + o_auth_2_token_exchange.additional_properties = _d + return o_auth_2_token_exchange @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_data.py b/libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_exchange_data.py similarity index 90% rename from libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_data.py rename to libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_exchange_data.py index 3212aba..b8a94b0 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_data.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/oauth_2_token_exchange_data.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,47 +13,48 @@ from typing import Union -T = TypeVar("T", bound="Oauth2TokenData") + +T = TypeVar("T", bound="Oauth2TokenExchangeData") @attr.s(auto_attribs=True) -class Oauth2TokenData: +class Oauth2TokenExchangeData: """ Attributes: grant_type (str): - code (Union[Unset, str]): - refresh_token (Union[Unset, str]): - redirect_uri (Union[Unset, str]): client_id (Union[Unset, str]): + code (Union[Unset, str]): + redirect_uri (Union[Unset, str]): + refresh_token (Union[Unset, str]): """ grant_type: str - code: Union[Unset, str] = UNSET - refresh_token: Union[Unset, str] = UNSET - redirect_uri: Union[Unset, str] = UNSET client_id: Union[Unset, str] = UNSET + code: Union[Unset, str] = UNSET + redirect_uri: Union[Unset, str] = UNSET + refresh_token: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: grant_type = self.grant_type - code = self.code - refresh_token = self.refresh_token - redirect_uri = self.redirect_uri client_id = self.client_id + code = self.code + redirect_uri = self.redirect_uri + refresh_token = self.refresh_token field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ "grant_type": grant_type, }) - if code is not UNSET: - field_dict["code"] = code - if refresh_token is not UNSET: - field_dict["refresh_token"] = refresh_token - if redirect_uri is not UNSET: - field_dict["redirect_uri"] = redirect_uri if client_id is not UNSET: field_dict["client_id"] = client_id + if code is not UNSET: + field_dict["code"] = code + if redirect_uri is not UNSET: + field_dict["redirect_uri"] = redirect_uri + if refresh_token is not UNSET: + field_dict["refresh_token"] = refresh_token return field_dict @@ -64,24 +65,24 @@ class Oauth2TokenData: _d = src_dict.copy() grant_type = _d.pop("grant_type") - code = _d.pop("code", UNSET) + client_id = _d.pop("client_id", UNSET) - refresh_token = _d.pop("refresh_token", UNSET) + code = _d.pop("code", UNSET) redirect_uri = _d.pop("redirect_uri", UNSET) - client_id = _d.pop("client_id", UNSET) + refresh_token = _d.pop("refresh_token", UNSET) - oauth_2_token_data = cls( + oauth_2_token_exchange_data = cls( grant_type=grant_type, - code=code, - refresh_token=refresh_token, - redirect_uri=redirect_uri, client_id=client_id, + code=code, + redirect_uri=redirect_uri, + refresh_token=refresh_token, ) - oauth_2_token_data.additional_properties = _d - return oauth_2_token_data + oauth_2_token_exchange_data.additional_properties = _d + return oauth_2_token_exchange_data @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/userinfo_response.py b/libs/ory-hydra-client/ory_hydra_client/models/oidc_user_info.py similarity index 98% rename from libs/ory-hydra-client/ory_hydra_client/models/userinfo_response.py rename to libs/ory-hydra-client/ory_hydra_client/models/oidc_user_info.py index b812020..65a8356 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/userinfo_response.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/oidc_user_info.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,11 +13,12 @@ from typing import Union -T = TypeVar("T", bound="UserinfoResponse") + +T = TypeVar("T", bound="OidcUserInfo") @attr.s(auto_attribs=True) -class UserinfoResponse: - """The userinfo response +class OidcUserInfo: + """OpenID Connect Userinfo Attributes: birthdate (Union[Unset, str]): End-User's birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD @@ -209,7 +210,7 @@ class UserinfoResponse: zoneinfo = _d.pop("zoneinfo", UNSET) - userinfo_response = cls( + oidc_user_info = cls( birthdate=birthdate, email=email, email_verified=email_verified, @@ -231,8 +232,8 @@ class UserinfoResponse: zoneinfo=zoneinfo, ) - userinfo_response.additional_properties = _d - return userinfo_response + oidc_user_info.additional_properties = _d + return oidc_user_info @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/well_known.py b/libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_discovery_metadata.py similarity index 66% rename from libs/ory-hydra-client/ory_hydra_client/models/well_known.py rename to libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_discovery_metadata.py index c92d07b..03b63d3 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/well_known.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/open_id_connect_discovery_metadata.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -14,103 +14,147 @@ from typing import Union -T = TypeVar("T", bound="WellKnown") + +T = TypeVar("T", bound="OpenIDConnectDiscoveryMetadata") @attr.s(auto_attribs=True) -class WellKnown: - """It includes links to several endpoints (e.g. /oauth2/token) and exposes information on supported signature +class OpenIDConnectDiscoveryMetadata: + """Includes links to several endpoints (for example `/oauth2/token`) and exposes information on supported signature algorithms among others. Attributes: - authorization_endpoint (str): URL of the OP's OAuth 2.0 Authorization Endpoint. Example: - https://playground.ory.sh/ory-hydra/public/oauth2/auth. - id_token_signing_alg_values_supported (List[str]): JSON array containing a list of the JWS signing algorithms - (alg values) supported by the OP for the ID Token + authorization_endpoint (str): OAuth 2.0 Authorization Endpoint URL Example: https://playground.ory.sh/ory- + hydra/public/oauth2/auth. + id_token_signed_response_alg (List[str]): OpenID Connect Default ID Token Signing Algorithms + + Algorithm used to sign OpenID Connect ID Tokens. + id_token_signing_alg_values_supported (List[str]): OpenID Connect Supported ID Token Signing Algorithms + + JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT. - issuer (str): URL using the https scheme with no query or fragment component that the OP asserts as its - IssuerURL Identifier. + issuer (str): OpenID Connect Issuer URL + + An URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL + Identifier. If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL. Example: https://playground.ory.sh/ory-hydra/public/. - jwks_uri (str): URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to - validate + jwks_uri (str): OpenID Connect Well-Known JSON Web Keys URL + + URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set MAY also contain the Server's encryption key(s), which are used by RPs to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. - Example: https://playground.ory.sh/ory-hydra/public/.well-known/jwks.json. - response_types_supported (List[str]): JSON array containing a list of the OAuth 2.0 response_type values that - this OP supports. Dynamic OpenID + Example: https://{slug}.projects.oryapis.com/.well-known/jwks.json. + response_types_supported (List[str]): OAuth 2.0 Supported Response Types + + JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values. - subject_types_supported (List[str]): JSON array containing a list of the Subject Identifier types that this OP - supports. Valid types include + subject_types_supported (List[str]): OpenID Connect Supported Subject Types + + JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public. - token_endpoint (str): URL of the OP's OAuth 2.0 Token Endpoint Example: https://playground.ory.sh/ory- + token_endpoint (str): OAuth 2.0 Token Endpoint URL Example: https://playground.ory.sh/ory- hydra/public/oauth2/token. - backchannel_logout_session_supported (Union[Unset, bool]): Boolean value specifying whether the OP can pass a - sid (session ID) Claim in the Logout Token to identify the RP + userinfo_signed_response_alg (List[str]): OpenID Connect User Userinfo Signing Algorithm + + Algorithm used to sign OpenID Connect Userinfo Responses. + backchannel_logout_session_supported (Union[Unset, bool]): OpenID Connect Back-Channel Logout Session Required + + Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to identify the RP session with the OP. If supported, the sid Claim is also included in ID Tokens issued by the OP - backchannel_logout_supported (Union[Unset, bool]): Boolean value specifying whether the OP supports back-channel - logout, with true indicating support. - claims_parameter_supported (Union[Unset, bool]): Boolean value specifying whether the OP supports use of the - claims parameter, with true indicating support. - claims_supported (Union[Unset, List[str]]): JSON array containing a list of the Claim Names of the Claims that - the OpenID Provider MAY be able to supply + backchannel_logout_supported (Union[Unset, bool]): OpenID Connect Back-Channel Logout Supported + + Boolean value specifying whether the OP supports back-channel logout, with true indicating support. + claims_parameter_supported (Union[Unset, bool]): OpenID Connect Claims Parameter Parameter Supported + + Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. + claims_supported (Union[Unset, List[str]]): OpenID Connect Supported Claims + + JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list. - end_session_endpoint (Union[Unset, str]): URL at the OP to which an RP can perform a redirect to request that - the End-User be logged out at the OP. - frontchannel_logout_session_supported (Union[Unset, bool]): Boolean value specifying whether the OP can pass iss - (issuer) and sid (session ID) query parameters to identify + code_challenge_methods_supported (Union[Unset, List[str]]): OAuth 2.0 PKCE Supported Code Challenge Methods + + JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported + by this authorization server. + end_session_endpoint (Union[Unset, str]): OpenID Connect End-Session Endpoint + + URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP. + frontchannel_logout_session_supported (Union[Unset, bool]): OpenID Connect Front-Channel Logout Session Required + + Boolean value specifying whether the OP can pass iss (issuer) and sid (session ID) query parameters to identify the RP session with the OP when the frontchannel_logout_uri is used. If supported, the sid Claim is also included in ID Tokens issued by the OP. - frontchannel_logout_supported (Union[Unset, bool]): Boolean value specifying whether the OP supports HTTP-based - logout, with true indicating support. - grant_types_supported (Union[Unset, List[str]]): JSON array containing a list of the OAuth 2.0 Grant Type values - that this OP supports. - registration_endpoint (Union[Unset, str]): URL of the OP's Dynamic Client Registration Endpoint. Example: + frontchannel_logout_supported (Union[Unset, bool]): OpenID Connect Front-Channel Logout Supported + + Boolean value specifying whether the OP supports HTTP-based logout, with true indicating support. + grant_types_supported (Union[Unset, List[str]]): OAuth 2.0 Supported Grant Types + + JSON array containing a list of the OAuth 2.0 Grant Type values that this OP supports. + registration_endpoint (Union[Unset, str]): OpenID Connect Dynamic Client Registration Endpoint URL Example: https://playground.ory.sh/ory-hydra/admin/client. - request_object_signing_alg_values_supported (Union[Unset, List[str]]): JSON array containing a list of the JWS - signing algorithms (alg values) supported by the OP for Request Objects, + request_object_signing_alg_values_supported (Union[Unset, List[str]]): OpenID Connect Supported Request Object + Signing Algorithms + + JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, which are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. These algorithms are used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). - request_parameter_supported (Union[Unset, bool]): Boolean value specifying whether the OP supports use of the - request parameter, with true indicating support. - request_uri_parameter_supported (Union[Unset, bool]): Boolean value specifying whether the OP supports use of - the request_uri parameter, with true indicating support. - require_request_uri_registration (Union[Unset, bool]): Boolean value specifying whether the OP requires any - request_uri values used to be pre-registered + request_parameter_supported (Union[Unset, bool]): OpenID Connect Request Parameter Supported + + Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. + request_uri_parameter_supported (Union[Unset, bool]): OpenID Connect Request URI Parameter Supported + + Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. + require_request_uri_registration (Union[Unset, bool]): OpenID Connect Requires Request URI Registration + + Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter. - response_modes_supported (Union[Unset, List[str]]): JSON array containing a list of the OAuth 2.0 response_mode - values that this OP supports. - revocation_endpoint (Union[Unset, str]): URL of the authorization server's OAuth 2.0 revocation endpoint. - scopes_supported (Union[Unset, List[str]]): SON array containing a list of the OAuth 2.0 [RFC6749] scope values - that this server supports. The server MUST + response_modes_supported (Union[Unset, List[str]]): OAuth 2.0 Supported Response Modes + + JSON array containing a list of the OAuth 2.0 response_mode values that this OP supports. + revocation_endpoint (Union[Unset, str]): OAuth 2.0 Token Revocation URL + + URL of the authorization server's OAuth 2.0 revocation endpoint. + scopes_supported (Union[Unset, List[str]]): OAuth 2.0 Supported Scope Values + + JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. Servers MAY choose not to advertise some supported scope values even when this parameter is used - token_endpoint_auth_methods_supported (Union[Unset, List[str]]): JSON array containing a list of Client - Authentication methods supported by this Token Endpoint. The options are + token_endpoint_auth_methods_supported (Union[Unset, List[str]]): OAuth 2.0 Supported Client Authentication + Methods + + JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0 - userinfo_endpoint (Union[Unset, str]): URL of the OP's UserInfo Endpoint. - userinfo_signing_alg_values_supported (Union[Unset, List[str]]): JSON array containing a list of the JWS [JWS] - signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. + userinfo_endpoint (Union[Unset, str]): OpenID Connect Userinfo URL + + URL of the OP's UserInfo Endpoint. + userinfo_signing_alg_values_supported (Union[Unset, List[str]]): OpenID Connect Supported Userinfo Signing + Algorithm + + JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo + Endpoint to encode the Claims in a JWT [JWT]. """ authorization_endpoint: str + id_token_signed_response_alg: List[str] id_token_signing_alg_values_supported: List[str] issuer: str jwks_uri: str response_types_supported: List[str] subject_types_supported: List[str] token_endpoint: str + userinfo_signed_response_alg: List[str] backchannel_logout_session_supported: Union[Unset, bool] = UNSET backchannel_logout_supported: Union[Unset, bool] = UNSET claims_parameter_supported: Union[Unset, bool] = UNSET claims_supported: Union[Unset, List[str]] = UNSET + code_challenge_methods_supported: Union[Unset, List[str]] = UNSET end_session_endpoint: Union[Unset, str] = UNSET frontchannel_logout_session_supported: Union[Unset, bool] = UNSET frontchannel_logout_supported: Union[Unset, bool] = UNSET @@ -131,6 +175,11 @@ among others. def to_dict(self) -> Dict[str, Any]: authorization_endpoint = self.authorization_endpoint + id_token_signed_response_alg = self.id_token_signed_response_alg + + + + id_token_signing_alg_values_supported = self.id_token_signing_alg_values_supported @@ -149,6 +198,11 @@ among others. token_endpoint = self.token_endpoint + userinfo_signed_response_alg = self.userinfo_signed_response_alg + + + + backchannel_logout_session_supported = self.backchannel_logout_session_supported backchannel_logout_supported = self.backchannel_logout_supported claims_parameter_supported = self.claims_parameter_supported @@ -159,6 +213,13 @@ among others. + code_challenge_methods_supported: Union[Unset, List[str]] = UNSET + if not isinstance(self.code_challenge_methods_supported, Unset): + code_challenge_methods_supported = self.code_challenge_methods_supported + + + + end_session_endpoint = self.end_session_endpoint frontchannel_logout_session_supported = self.frontchannel_logout_session_supported frontchannel_logout_supported = self.frontchannel_logout_supported @@ -215,12 +276,14 @@ among others. field_dict.update(self.additional_properties) field_dict.update({ "authorization_endpoint": authorization_endpoint, + "id_token_signed_response_alg": id_token_signed_response_alg, "id_token_signing_alg_values_supported": id_token_signing_alg_values_supported, "issuer": issuer, "jwks_uri": jwks_uri, "response_types_supported": response_types_supported, "subject_types_supported": subject_types_supported, "token_endpoint": token_endpoint, + "userinfo_signed_response_alg": userinfo_signed_response_alg, }) if backchannel_logout_session_supported is not UNSET: field_dict["backchannel_logout_session_supported"] = backchannel_logout_session_supported @@ -230,6 +293,8 @@ among others. field_dict["claims_parameter_supported"] = claims_parameter_supported if claims_supported is not UNSET: field_dict["claims_supported"] = claims_supported + if code_challenge_methods_supported is not UNSET: + field_dict["code_challenge_methods_supported"] = code_challenge_methods_supported if end_session_endpoint is not UNSET: field_dict["end_session_endpoint"] = end_session_endpoint if frontchannel_logout_session_supported is not UNSET: @@ -270,6 +335,9 @@ among others. _d = src_dict.copy() authorization_endpoint = _d.pop("authorization_endpoint") + id_token_signed_response_alg = cast(List[str], _d.pop("id_token_signed_response_alg")) + + id_token_signing_alg_values_supported = cast(List[str], _d.pop("id_token_signing_alg_values_supported")) @@ -285,6 +353,9 @@ among others. token_endpoint = _d.pop("token_endpoint") + userinfo_signed_response_alg = cast(List[str], _d.pop("userinfo_signed_response_alg")) + + backchannel_logout_session_supported = _d.pop("backchannel_logout_session_supported", UNSET) backchannel_logout_supported = _d.pop("backchannel_logout_supported", UNSET) @@ -294,6 +365,9 @@ among others. claims_supported = cast(List[str], _d.pop("claims_supported", UNSET)) + code_challenge_methods_supported = cast(List[str], _d.pop("code_challenge_methods_supported", UNSET)) + + end_session_endpoint = _d.pop("end_session_endpoint", UNSET) frontchannel_logout_session_supported = _d.pop("frontchannel_logout_session_supported", UNSET) @@ -330,18 +404,21 @@ among others. userinfo_signing_alg_values_supported = cast(List[str], _d.pop("userinfo_signing_alg_values_supported", UNSET)) - well_known = cls( + open_id_connect_discovery_metadata = cls( authorization_endpoint=authorization_endpoint, + id_token_signed_response_alg=id_token_signed_response_alg, id_token_signing_alg_values_supported=id_token_signing_alg_values_supported, issuer=issuer, jwks_uri=jwks_uri, response_types_supported=response_types_supported, subject_types_supported=subject_types_supported, token_endpoint=token_endpoint, + userinfo_signed_response_alg=userinfo_signed_response_alg, backchannel_logout_session_supported=backchannel_logout_session_supported, backchannel_logout_supported=backchannel_logout_supported, claims_parameter_supported=claims_parameter_supported, claims_supported=claims_supported, + code_challenge_methods_supported=code_challenge_methods_supported, end_session_endpoint=end_session_endpoint, frontchannel_logout_session_supported=frontchannel_logout_session_supported, frontchannel_logout_supported=frontchannel_logout_supported, @@ -359,8 +436,8 @@ among others. userinfo_signing_alg_values_supported=userinfo_signing_alg_values_supported, ) - well_known.additional_properties = _d - return well_known + open_id_connect_discovery_metadata.additional_properties = _d + return open_id_connect_discovery_metadata @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/pagination.py b/libs/ory-hydra-client/ory_hydra_client/models/pagination.py new file mode 100644 index 0000000..d90cc84 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/pagination.py @@ -0,0 +1,86 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="Pagination") + +@attr.s(auto_attribs=True) +class Pagination: + """ + Attributes: + page_size (Union[Unset, int]): Items per page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). Default: 250. + page_token (Union[Unset, str]): Next Page Token + + The next page token. + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). Default: '1'. + """ + + page_size: Union[Unset, int] = 250 + page_token: Union[Unset, str] = '1' + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + page_size = self.page_size + page_token = self.page_token + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if page_size is not UNSET: + field_dict["page_size"] = page_size + if page_token is not UNSET: + field_dict["page_token"] = page_token + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + page_size = _d.pop("page_size", UNSET) + + page_token = _d.pop("page_token", UNSET) + + pagination = cls( + page_size=page_size, + page_token=page_token, + ) + + pagination.additional_properties = _d + return pagination + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_rootfs.py b/libs/ory-hydra-client/ory_hydra_client/models/pagination_headers.py similarity index 52% rename from libs/ory-hydra-client/ory_hydra_client/models/plugin_config_rootfs.py rename to libs/ory-hydra-client/ory_hydra_client/models/pagination_headers.py index 3a07f46..0e48990 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_rootfs.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/pagination_headers.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,47 +7,47 @@ import attr from ..types import UNSET, Unset -from typing import cast, List from ..types import UNSET, Unset from typing import Union -T = TypeVar("T", bound="PluginConfigRootfs") + +T = TypeVar("T", bound="PaginationHeaders") @attr.s(auto_attribs=True) -class PluginConfigRootfs: - """PluginConfigRootfs plugin config rootfs - +class PaginationHeaders: + """ Attributes: - diff_ids (Union[Unset, List[str]]): diff ids - type (Union[Unset, str]): type + link (Union[Unset, str]): The link header contains pagination links. + + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + + in: header + x_total_count (Union[Unset, str]): The total number of clients. + + in: header """ - diff_ids: Union[Unset, List[str]] = UNSET - type: Union[Unset, str] = UNSET + link: Union[Unset, str] = UNSET + x_total_count: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - diff_ids: Union[Unset, List[str]] = UNSET - if not isinstance(self.diff_ids, Unset): - diff_ids = self.diff_ids - - - - - type = self.type + link = self.link + x_total_count = self.x_total_count field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ }) - if diff_ids is not UNSET: - field_dict["diff_ids"] = diff_ids - if type is not UNSET: - field_dict["type"] = type + if link is not UNSET: + field_dict["link"] = link + if x_total_count is not UNSET: + field_dict["x-total-count"] = x_total_count return field_dict @@ -56,18 +56,17 @@ class PluginConfigRootfs: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - diff_ids = cast(List[str], _d.pop("diff_ids", UNSET)) + link = _d.pop("link", UNSET) + x_total_count = _d.pop("x-total-count", UNSET) - type = _d.pop("type", UNSET) - - plugin_config_rootfs = cls( - diff_ids=diff_ids, - type=type, + pagination_headers = cls( + link=link, + x_total_count=x_total_count, ) - plugin_config_rootfs.additional_properties = _d - return plugin_config_rootfs + pagination_headers.additional_properties = _d + return pagination_headers @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/pagination_request_parameters.py b/libs/ory-hydra-client/ory_hydra_client/models/pagination_request_parameters.py new file mode 100644 index 0000000..adfdeb4 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/pagination_request_parameters.py @@ -0,0 +1,91 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="PaginationRequestParameters") + +@attr.s(auto_attribs=True) +class PaginationRequestParameters: + """The `Link` HTTP header contains multiple links (`first`, `next`, `last`, `previous`) formatted as: +`; rel="{page}"` + +For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api- +design#pagination). + + Attributes: + page_size (Union[Unset, int]): Items per Page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). Default: 250. + page_token (Union[Unset, str]): Next Page Token + + The next page token. + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). Default: '1'. + """ + + page_size: Union[Unset, int] = 250 + page_token: Union[Unset, str] = '1' + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + page_size = self.page_size + page_token = self.page_token + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if page_size is not UNSET: + field_dict["page_size"] = page_size + if page_token is not UNSET: + field_dict["page_token"] = page_token + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + page_size = _d.pop("page_size", UNSET) + + page_token = _d.pop("page_token", UNSET) + + pagination_request_parameters = cls( + page_size=page_size, + page_token=page_token, + ) + + pagination_request_parameters.additional_properties = _d + return pagination_request_parameters + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/pagination_response_header.py b/libs/ory-hydra-client/ory_hydra_client/models/pagination_response_header.py new file mode 100644 index 0000000..1fa3728 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/pagination_response_header.py @@ -0,0 +1,98 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="PaginationResponseHeader") + +@attr.s(auto_attribs=True) +class PaginationResponseHeader: + """The `Link` HTTP header contains multiple links (`first`, `next`, `last`, `previous`) formatted as: +`; rel="{page}"` + +For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api- +design#pagination). + + Attributes: + link (Union[Unset, str]): The Link HTTP Header + + The `Link` header contains a comma-delimited list of links to the following pages: + + first: The first page of results. + next: The next page of results. + prev: The previous page of results. + last: The last page of results. + + Pages are omitted if they do not exist. For example, if there is no next page, the `next` link is omitted. + Examples: + + ; rel="first",; + rel="next",; rel="prev",; rel="last" + x_total_count (Union[Unset, int]): The X-Total-Count HTTP Header + + The `X-Total-Count` header contains the total number of items in the collection. + """ + + link: Union[Unset, str] = UNSET + x_total_count: Union[Unset, int] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + link = self.link + x_total_count = self.x_total_count + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if link is not UNSET: + field_dict["link"] = link + if x_total_count is not UNSET: + field_dict["x-total-count"] = x_total_count + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + link = _d.pop("link", UNSET) + + x_total_count = _d.pop("x-total-count", UNSET) + + pagination_response_header = cls( + link=link, + x_total_count=x_total_count, + ) + + pagination_response_header.additional_properties = _d + return pagination_response_header + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session.py b/libs/ory-hydra-client/ory_hydra_client/models/pass_session_data_to_a_consent_request.py similarity index 52% rename from libs/ory-hydra-client/ory_hydra_client/models/consent_request_session.py rename to libs/ory-hydra-client/ory_hydra_client/models/pass_session_data_to_a_consent_request.py index fe26176..24b971e 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/consent_request_session.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/pass_session_data_to_a_consent_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,45 +7,38 @@ import attr from ..types import UNSET, Unset -from typing import Union -from typing import cast from ..types import UNSET, Unset -from typing import Dict +from typing import Union -T = TypeVar("T", bound="ConsentRequestSession") + +T = TypeVar("T", bound="PassSessionDataToAConsentRequest") @attr.s(auto_attribs=True) -class ConsentRequestSession: +class PassSessionDataToAConsentRequest: """ Attributes: - access_token (Union[Unset, ConsentRequestSessionAccessToken]): AccessToken sets session data for the access and - refresh token, as well as any future tokens issued by the + access_token (Union[Unset, Any]): AccessToken sets session data for the access and refresh token, as well as any + future tokens issued by the refresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection. If only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties can access that endpoint as well, sensitive data from the session might be exposed to them. Use with care! - id_token (Union[Unset, ConsentRequestSessionIdToken]): IDToken sets session data for the OpenID Connect ID - token. Keep in mind that the session'id payloads are readable + id_token (Union[Unset, Any]): IDToken sets session data for the OpenID Connect ID token. Keep in mind that the + session'id payloads are readable by anyone that has access to the ID Challenge. Use with care! """ - access_token: Union[Unset, 'ConsentRequestSessionAccessToken'] = UNSET - id_token: Union[Unset, 'ConsentRequestSessionIdToken'] = UNSET + access_token: Union[Unset, Any] = UNSET + id_token: Union[Unset, Any] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - access_token: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.access_token, Unset): - access_token = self.access_token.to_dict() - - id_token: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.id_token, Unset): - id_token = self.id_token.to_dict() - + access_token = self.access_token + id_token = self.id_token field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) @@ -63,33 +56,17 @@ class ConsentRequestSession: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - _access_token = _d.pop("access_token", UNSET) - access_token: Union[Unset, ConsentRequestSessionAccessToken] - if isinstance(_access_token, Unset): - access_token = UNSET - else: - access_token = ConsentRequestSessionAccessToken.from_dict(_access_token) + access_token = _d.pop("access_token", UNSET) + id_token = _d.pop("id_token", UNSET) - - - _id_token = _d.pop("id_token", UNSET) - id_token: Union[Unset, ConsentRequestSessionIdToken] - if isinstance(_id_token, Unset): - id_token = UNSET - else: - id_token = ConsentRequestSessionIdToken.from_dict(_id_token) - - - - - consent_request_session = cls( + pass_session_data_to_a_consent_request = cls( access_token=access_token, id_token=id_token, ) - consent_request_session.additional_properties = _d - return consent_request_session + pass_session_data_to_a_consent_request.additional_properties = _d + return pass_session_data_to_a_consent_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_config.py deleted file mode 100644 index f833a80..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config.py +++ /dev/null @@ -1,254 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import Union -from typing import Dict -from typing import cast -from ..types import UNSET, Unset -from typing import cast, List - - - - -T = TypeVar("T", bound="PluginConfig") - -@attr.s(auto_attribs=True) -class PluginConfig: - """ - Attributes: - args (PluginConfigArgs): PluginConfigArgs plugin config args - description (str): description - documentation (str): documentation - entrypoint (List[str]): entrypoint - env (List['PluginEnv']): env - interface (PluginConfigInterface): PluginConfigInterface The interface between Docker and the plugin - ipc_host (bool): ipc host - linux (PluginConfigLinux): PluginConfigLinux plugin config linux - mounts (List['PluginMount']): mounts - network (PluginConfigNetwork): PluginConfigNetwork plugin config network - pid_host (bool): pid host - propagated_mount (str): propagated mount - work_dir (str): work dir - docker_version (Union[Unset, str]): Docker Version used to create the plugin - user (Union[Unset, PluginConfigUser]): PluginConfigUser plugin config user - rootfs (Union[Unset, PluginConfigRootfs]): PluginConfigRootfs plugin config rootfs - """ - - args: 'PluginConfigArgs' - description: str - documentation: str - entrypoint: List[str] - env: List['PluginEnv'] - interface: 'PluginConfigInterface' - ipc_host: bool - linux: 'PluginConfigLinux' - mounts: List['PluginMount'] - network: 'PluginConfigNetwork' - pid_host: bool - propagated_mount: str - work_dir: str - docker_version: Union[Unset, str] = UNSET - user: Union[Unset, 'PluginConfigUser'] = UNSET - rootfs: Union[Unset, 'PluginConfigRootfs'] = UNSET - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - args = self.args.to_dict() - - description = self.description - documentation = self.documentation - entrypoint = self.entrypoint - - - - - env = [] - for env_item_data in self.env: - env_item = env_item_data.to_dict() - - env.append(env_item) - - - - - interface = self.interface.to_dict() - - ipc_host = self.ipc_host - linux = self.linux.to_dict() - - mounts = [] - for mounts_item_data in self.mounts: - mounts_item = mounts_item_data.to_dict() - - mounts.append(mounts_item) - - - - - network = self.network.to_dict() - - pid_host = self.pid_host - propagated_mount = self.propagated_mount - work_dir = self.work_dir - docker_version = self.docker_version - user: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.user, Unset): - user = self.user.to_dict() - - rootfs: Union[Unset, Dict[str, Any]] = UNSET - if not isinstance(self.rootfs, Unset): - rootfs = self.rootfs.to_dict() - - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Args": args, - "Description": description, - "Documentation": documentation, - "Entrypoint": entrypoint, - "Env": env, - "Interface": interface, - "IpcHost": ipc_host, - "Linux": linux, - "Mounts": mounts, - "Network": network, - "PidHost": pid_host, - "PropagatedMount": propagated_mount, - "WorkDir": work_dir, - }) - if docker_version is not UNSET: - field_dict["DockerVersion"] = docker_version - if user is not UNSET: - field_dict["User"] = user - if rootfs is not UNSET: - field_dict["rootfs"] = rootfs - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - args = PluginConfigArgs.from_dict(_d.pop("Args")) - - - - - description = _d.pop("Description") - - documentation = _d.pop("Documentation") - - entrypoint = cast(List[str], _d.pop("Entrypoint")) - - - env = [] - _env = _d.pop("Env") - for env_item_data in (_env): - env_item = PluginEnv.from_dict(env_item_data) - - - - env.append(env_item) - - - interface = PluginConfigInterface.from_dict(_d.pop("Interface")) - - - - - ipc_host = _d.pop("IpcHost") - - linux = PluginConfigLinux.from_dict(_d.pop("Linux")) - - - - - mounts = [] - _mounts = _d.pop("Mounts") - for mounts_item_data in (_mounts): - mounts_item = PluginMount.from_dict(mounts_item_data) - - - - mounts.append(mounts_item) - - - network = PluginConfigNetwork.from_dict(_d.pop("Network")) - - - - - pid_host = _d.pop("PidHost") - - propagated_mount = _d.pop("PropagatedMount") - - work_dir = _d.pop("WorkDir") - - docker_version = _d.pop("DockerVersion", UNSET) - - _user = _d.pop("User", UNSET) - user: Union[Unset, PluginConfigUser] - if isinstance(_user, Unset): - user = UNSET - else: - user = PluginConfigUser.from_dict(_user) - - - - - _rootfs = _d.pop("rootfs", UNSET) - rootfs: Union[Unset, PluginConfigRootfs] - if isinstance(_rootfs, Unset): - rootfs = UNSET - else: - rootfs = PluginConfigRootfs.from_dict(_rootfs) - - - - - plugin_config = cls( - args=args, - description=description, - documentation=documentation, - entrypoint=entrypoint, - env=env, - interface=interface, - ipc_host=ipc_host, - linux=linux, - mounts=mounts, - network=network, - pid_host=pid_host, - propagated_mount=propagated_mount, - work_dir=work_dir, - docker_version=docker_version, - user=user, - rootfs=rootfs, - ) - - plugin_config.additional_properties = _d - return plugin_config - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_args.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_args.py deleted file mode 100644 index 5459c46..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_args.py +++ /dev/null @@ -1,99 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast, List - - - - -T = TypeVar("T", bound="PluginConfigArgs") - -@attr.s(auto_attribs=True) -class PluginConfigArgs: - """PluginConfigArgs plugin config args - - Attributes: - description (str): description - name (str): name - settable (List[str]): settable - value (List[str]): value - """ - - description: str - name: str - settable: List[str] - value: List[str] - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - description = self.description - name = self.name - settable = self.settable - - - - - value = self.value - - - - - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Description": description, - "Name": name, - "Settable": settable, - "Value": value, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - description = _d.pop("Description") - - name = _d.pop("Name") - - settable = cast(List[str], _d.pop("Settable")) - - - value = cast(List[str], _d.pop("Value")) - - - plugin_config_args = cls( - description=description, - name=name, - settable=settable, - value=value, - ) - - plugin_config_args.additional_properties = _d - return plugin_config_args - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_interface.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_interface.py deleted file mode 100644 index f513af5..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_interface.py +++ /dev/null @@ -1,93 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast -from typing import cast, List -from typing import Dict - - - - -T = TypeVar("T", bound="PluginConfigInterface") - -@attr.s(auto_attribs=True) -class PluginConfigInterface: - """PluginConfigInterface The interface between Docker and the plugin - - Attributes: - socket (str): socket - types (List['PluginInterfaceType']): types - """ - - socket: str - types: List['PluginInterfaceType'] - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - socket = self.socket - types = [] - for types_item_data in self.types: - types_item = types_item_data.to_dict() - - types.append(types_item) - - - - - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Socket": socket, - "Types": types, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - socket = _d.pop("Socket") - - types = [] - _types = _d.pop("Types") - for types_item_data in (_types): - types_item = PluginInterfaceType.from_dict(types_item_data) - - - - types.append(types_item) - - - plugin_config_interface = cls( - socket=socket, - types=types, - ) - - plugin_config_interface.additional_properties = _d - return plugin_config_interface - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_linux.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_linux.py deleted file mode 100644 index cf12730..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_linux.py +++ /dev/null @@ -1,105 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast -from typing import cast, List -from typing import Dict - - - - -T = TypeVar("T", bound="PluginConfigLinux") - -@attr.s(auto_attribs=True) -class PluginConfigLinux: - """PluginConfigLinux plugin config linux - - Attributes: - allow_all_devices (bool): allow all devices - capabilities (List[str]): capabilities - devices (List['PluginDevice']): devices - """ - - allow_all_devices: bool - capabilities: List[str] - devices: List['PluginDevice'] - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - allow_all_devices = self.allow_all_devices - capabilities = self.capabilities - - - - - devices = [] - for devices_item_data in self.devices: - devices_item = devices_item_data.to_dict() - - devices.append(devices_item) - - - - - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "AllowAllDevices": allow_all_devices, - "Capabilities": capabilities, - "Devices": devices, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - allow_all_devices = _d.pop("AllowAllDevices") - - capabilities = cast(List[str], _d.pop("Capabilities")) - - - devices = [] - _devices = _d.pop("Devices") - for devices_item_data in (_devices): - devices_item = PluginDevice.from_dict(devices_item_data) - - - - devices.append(devices_item) - - - plugin_config_linux = cls( - allow_all_devices=allow_all_devices, - capabilities=capabilities, - devices=devices, - ) - - plugin_config_linux.additional_properties = _d - return plugin_config_linux - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_device.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_device.py deleted file mode 100644 index ff8dd8b..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_device.py +++ /dev/null @@ -1,94 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast, List - - - - -T = TypeVar("T", bound="PluginDevice") - -@attr.s(auto_attribs=True) -class PluginDevice: - """PluginDevice plugin device - - Attributes: - description (str): description - name (str): name - path (str): path - settable (List[str]): settable - """ - - description: str - name: str - path: str - settable: List[str] - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - description = self.description - name = self.name - path = self.path - settable = self.settable - - - - - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Description": description, - "Name": name, - "Path": path, - "Settable": settable, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - description = _d.pop("Description") - - name = _d.pop("Name") - - path = _d.pop("Path") - - settable = cast(List[str], _d.pop("Settable")) - - - plugin_device = cls( - description=description, - name=name, - path=path, - settable=settable, - ) - - plugin_device.additional_properties = _d - return plugin_device - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_env.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_env.py deleted file mode 100644 index 39e13af..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_env.py +++ /dev/null @@ -1,94 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast, List - - - - -T = TypeVar("T", bound="PluginEnv") - -@attr.s(auto_attribs=True) -class PluginEnv: - """PluginEnv plugin env - - Attributes: - description (str): description - name (str): name - settable (List[str]): settable - value (str): value - """ - - description: str - name: str - settable: List[str] - value: str - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - description = self.description - name = self.name - settable = self.settable - - - - - value = self.value - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Description": description, - "Name": name, - "Settable": settable, - "Value": value, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - description = _d.pop("Description") - - name = _d.pop("Name") - - settable = cast(List[str], _d.pop("Settable")) - - - value = _d.pop("Value") - - plugin_env = cls( - description=description, - name=name, - settable=settable, - value=value, - ) - - plugin_env.additional_properties = _d - return plugin_env - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_interface_type.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_interface_type.py deleted file mode 100644 index ad0bdc7..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_interface_type.py +++ /dev/null @@ -1,81 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - - - - - -T = TypeVar("T", bound="PluginInterfaceType") - -@attr.s(auto_attribs=True) -class PluginInterfaceType: - """PluginInterfaceType plugin interface type - - Attributes: - capability (str): capability - prefix (str): prefix - version (str): version - """ - - capability: str - prefix: str - version: str - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - capability = self.capability - prefix = self.prefix - version = self.version - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Capability": capability, - "Prefix": prefix, - "Version": version, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - capability = _d.pop("Capability") - - prefix = _d.pop("Prefix") - - version = _d.pop("Version") - - plugin_interface_type = cls( - capability=capability, - prefix=prefix, - version=version, - ) - - plugin_interface_type.additional_properties = _d - return plugin_interface_type - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_mount.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_mount.py deleted file mode 100644 index 97771d8..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_mount.py +++ /dev/null @@ -1,120 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast, List - - - - -T = TypeVar("T", bound="PluginMount") - -@attr.s(auto_attribs=True) -class PluginMount: - """PluginMount plugin mount - - Attributes: - description (str): description - destination (str): destination - name (str): name - options (List[str]): options - settable (List[str]): settable - source (str): source - type (str): type - """ - - description: str - destination: str - name: str - options: List[str] - settable: List[str] - source: str - type: str - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - description = self.description - destination = self.destination - name = self.name - options = self.options - - - - - settable = self.settable - - - - - source = self.source - type = self.type - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Description": description, - "Destination": destination, - "Name": name, - "Options": options, - "Settable": settable, - "Source": source, - "Type": type, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - description = _d.pop("Description") - - destination = _d.pop("Destination") - - name = _d.pop("Name") - - options = cast(List[str], _d.pop("Options")) - - - settable = cast(List[str], _d.pop("Settable")) - - - source = _d.pop("Source") - - type = _d.pop("Type") - - plugin_mount = cls( - description=description, - destination=destination, - name=name, - options=options, - settable=settable, - source=source, - type=type, - ) - - plugin_mount.additional_properties = _d - return plugin_mount - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_settings.py b/libs/ory-hydra-client/ory_hydra_client/models/plugin_settings.py deleted file mode 100644 index 5907f37..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_settings.py +++ /dev/null @@ -1,132 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - -from typing import cast -from typing import cast, List -from typing import Dict - - - - -T = TypeVar("T", bound="PluginSettings") - -@attr.s(auto_attribs=True) -class PluginSettings: - """ - Attributes: - args (List[str]): args - devices (List['PluginDevice']): devices - env (List[str]): env - mounts (List['PluginMount']): mounts - """ - - args: List[str] - devices: List['PluginDevice'] - env: List[str] - mounts: List['PluginMount'] - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - args = self.args - - - - - devices = [] - for devices_item_data in self.devices: - devices_item = devices_item_data.to_dict() - - devices.append(devices_item) - - - - - env = self.env - - - - - mounts = [] - for mounts_item_data in self.mounts: - mounts_item = mounts_item_data.to_dict() - - mounts.append(mounts_item) - - - - - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "Args": args, - "Devices": devices, - "Env": env, - "Mounts": mounts, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - args = cast(List[str], _d.pop("Args")) - - - devices = [] - _devices = _d.pop("Devices") - for devices_item_data in (_devices): - devices_item = PluginDevice.from_dict(devices_item_data) - - - - devices.append(devices_item) - - - env = cast(List[str], _d.pop("Env")) - - - mounts = [] - _mounts = _d.pop("Mounts") - for mounts_item_data in (_mounts): - mounts_item = PluginMount.from_dict(mounts_item_data) - - - - mounts.append(mounts_item) - - - plugin_settings = cls( - args=args, - devices=devices, - env=env, - mounts=mounts, - ) - - plugin_settings.additional_properties = _d - return plugin_settings - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/revoke_o_auth_2_token_data.py b/libs/ory-hydra-client/ory_hydra_client/models/revoke_o_auth_2_token_data.py index 838962f..17650a0 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/revoke_o_auth_2_token_data.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/revoke_o_auth_2_token_data.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,6 +7,9 @@ import attr from ..types import UNSET, Unset +from ..types import UNSET, Unset +from typing import Union + @@ -18,20 +21,30 @@ class RevokeOAuth2TokenData: """ Attributes: token (str): + client_id (Union[Unset, str]): + client_secret (Union[Unset, str]): """ token: str + client_id: Union[Unset, str] = UNSET + client_secret: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: token = self.token + client_id = self.client_id + client_secret = self.client_secret field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ "token": token, }) + if client_id is not UNSET: + field_dict["client_id"] = client_id + if client_secret is not UNSET: + field_dict["client_secret"] = client_secret return field_dict @@ -42,8 +55,14 @@ class RevokeOAuth2TokenData: _d = src_dict.copy() token = _d.pop("token") + client_id = _d.pop("client_id", UNSET) + + client_secret = _d.pop("client_secret", UNSET) + revoke_o_auth_2_token_data = cls( token=token, + client_id=client_id, + client_secret=client_secret, ) revoke_o_auth_2_token_data.additional_properties = _d diff --git a/libs/ory-hydra-client/ory_hydra_client/models/accept_consent_request.py b/libs/ory-hydra-client/ory_hydra_client/models/the_request_payload_used_to_accept_a_consent_request.py similarity index 81% rename from libs/ory-hydra-client/ory_hydra_client/models/accept_consent_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/the_request_payload_used_to_accept_a_consent_request.py index b912ebe..e5c95d9 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/accept_consent_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/the_request_payload_used_to_accept_a_consent_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -7,21 +7,24 @@ import attr from ..types import UNSET, Unset -from dateutil.parser import isoparse -from typing import Dict -from typing import Union -from typing import cast from ..types import UNSET, Unset -from typing import cast, List +from typing import cast +from typing import Union +from typing import Dict +from dateutil.parser import isoparse import datetime +from typing import cast, List + +if TYPE_CHECKING: + from ..models.pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest -T = TypeVar("T", bound="AcceptConsentRequest") +T = TypeVar("T", bound="TheRequestPayloadUsedToAcceptAConsentRequest") @attr.s(auto_attribs=True) -class AcceptConsentRequest: +class TheRequestPayloadUsedToAcceptAConsentRequest: """ Attributes: grant_access_token_audience (Union[Unset, List[str]]): @@ -33,7 +36,7 @@ class AcceptConsentRequest: remember_for (Union[Unset, int]): RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the authorization will be remembered indefinitely. - session (Union[Unset, ConsentRequestSession]): + session (Union[Unset, PassSessionDataToAConsentRequest]): """ grant_access_token_audience: Union[Unset, List[str]] = UNSET @@ -41,11 +44,12 @@ class AcceptConsentRequest: handled_at: Union[Unset, datetime.datetime] = UNSET remember: Union[Unset, bool] = UNSET remember_for: Union[Unset, int] = UNSET - session: Union[Unset, 'ConsentRequestSession'] = UNSET + session: Union[Unset, 'PassSessionDataToAConsentRequest'] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: + from ..models.pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest grant_access_token_audience: Union[Unset, List[str]] = UNSET if not isinstance(self.grant_access_token_audience, Unset): grant_access_token_audience = self.grant_access_token_audience @@ -94,6 +98,7 @@ class AcceptConsentRequest: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.pass_session_data_to_a_consent_request import PassSessionDataToAConsentRequest _d = src_dict.copy() grant_access_token_audience = cast(List[str], _d.pop("grant_access_token_audience", UNSET)) @@ -116,16 +121,16 @@ class AcceptConsentRequest: remember_for = _d.pop("remember_for", UNSET) _session = _d.pop("session", UNSET) - session: Union[Unset, ConsentRequestSession] + session: Union[Unset, PassSessionDataToAConsentRequest] if isinstance(_session, Unset): session = UNSET else: - session = ConsentRequestSession.from_dict(_session) + session = PassSessionDataToAConsentRequest.from_dict(_session) - accept_consent_request = cls( + the_request_payload_used_to_accept_a_consent_request = cls( grant_access_token_audience=grant_access_token_audience, grant_scope=grant_scope, handled_at=handled_at, @@ -134,8 +139,8 @@ class AcceptConsentRequest: session=session, ) - accept_consent_request.additional_properties = _d - return accept_consent_request + the_request_payload_used_to_accept_a_consent_request.additional_properties = _d + return the_request_payload_used_to_accept_a_consent_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/reject_request.py b/libs/ory-hydra-client/ory_hydra_client/models/the_request_payload_used_to_accept_a_login_or_consent_request.py similarity index 88% rename from libs/ory-hydra-client/ory_hydra_client/models/reject_request.py rename to libs/ory-hydra-client/ory_hydra_client/models/the_request_payload_used_to_accept_a_login_or_consent_request.py index d8010fd..f112b6d 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/reject_request.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/the_request_payload_used_to_accept_a_login_or_consent_request.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,10 +13,11 @@ from typing import Union -T = TypeVar("T", bound="RejectRequest") + +T = TypeVar("T", bound="TheRequestPayloadUsedToAcceptALoginOrConsentRequest") @attr.s(auto_attribs=True) -class RejectRequest: +class TheRequestPayloadUsedToAcceptALoginOrConsentRequest: """ Attributes: error (Union[Unset, str]): The error should follow the OAuth2 error format (e.g. `invalid_request`, @@ -80,7 +81,7 @@ class RejectRequest: status_code = _d.pop("status_code", UNSET) - reject_request = cls( + the_request_payload_used_to_accept_a_login_or_consent_request = cls( error=error, error_debug=error_debug, error_description=error_description, @@ -88,8 +89,8 @@ class RejectRequest: status_code=status_code, ) - reject_request.additional_properties = _d - return reject_request + the_request_payload_used_to_accept_a_login_or_consent_request.additional_properties = _d + return the_request_payload_used_to_accept_a_login_or_consent_request @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/token_pagination.py b/libs/ory-hydra-client/ory_hydra_client/models/token_pagination.py new file mode 100644 index 0000000..6f0eb87 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/token_pagination.py @@ -0,0 +1,86 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="TokenPagination") + +@attr.s(auto_attribs=True) +class TokenPagination: + """ + Attributes: + page_size (Union[Unset, int]): Items per page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). Default: 250. + page_token (Union[Unset, str]): Next Page Token + + The next page token. + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). Default: '1'. + """ + + page_size: Union[Unset, int] = 250 + page_token: Union[Unset, str] = '1' + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + page_size = self.page_size + page_token = self.page_token + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if page_size is not UNSET: + field_dict["page_size"] = page_size + if page_token is not UNSET: + field_dict["page_token"] = page_token + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + page_size = _d.pop("page_size", UNSET) + + page_token = _d.pop("page_token", UNSET) + + token_pagination = cls( + page_size=page_size, + page_token=page_token, + ) + + token_pagination.additional_properties = _d + return token_pagination + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_user.py b/libs/ory-hydra-client/ory_hydra_client/models/token_pagination_headers.py similarity index 51% rename from libs/ory-hydra-client/ory_hydra_client/models/plugin_config_user.py rename to libs/ory-hydra-client/ory_hydra_client/models/token_pagination_headers.py index 08cafde..48c5424 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/plugin_config_user.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/token_pagination_headers.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,34 +13,41 @@ from typing import Union -T = TypeVar("T", bound="PluginConfigUser") + +T = TypeVar("T", bound="TokenPaginationHeaders") @attr.s(auto_attribs=True) -class PluginConfigUser: - """PluginConfigUser plugin config user - +class TokenPaginationHeaders: + """ Attributes: - gid (Union[Unset, int]): g ID - uid (Union[Unset, int]): UID + link (Union[Unset, str]): The link header contains pagination links. + + For details on pagination please head over to the [pagination + documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + + in: header + x_total_count (Union[Unset, str]): The total number of clients. + + in: header """ - gid: Union[Unset, int] = UNSET - uid: Union[Unset, int] = UNSET + link: Union[Unset, str] = UNSET + x_total_count: Union[Unset, str] = UNSET additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) def to_dict(self) -> Dict[str, Any]: - gid = self.gid - uid = self.uid + link = self.link + x_total_count = self.x_total_count field_dict: Dict[str, Any] = {} field_dict.update(self.additional_properties) field_dict.update({ }) - if gid is not UNSET: - field_dict["GID"] = gid - if uid is not UNSET: - field_dict["UID"] = uid + if link is not UNSET: + field_dict["link"] = link + if x_total_count is not UNSET: + field_dict["x-total-count"] = x_total_count return field_dict @@ -49,17 +56,17 @@ class PluginConfigUser: @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: _d = src_dict.copy() - gid = _d.pop("GID", UNSET) + link = _d.pop("link", UNSET) - uid = _d.pop("UID", UNSET) + x_total_count = _d.pop("x-total-count", UNSET) - plugin_config_user = cls( - gid=gid, - uid=uid, + token_pagination_headers = cls( + link=link, + x_total_count=x_total_count, ) - plugin_config_user.additional_properties = _d - return plugin_config_user + token_pagination_headers.additional_properties = _d + return token_pagination_headers @property def additional_keys(self) -> List[str]: diff --git a/libs/ory-hydra-client/ory_hydra_client/models/trust_o_auth_2_jwt_grant_issuer.py b/libs/ory-hydra-client/ory_hydra_client/models/trust_o_auth_2_jwt_grant_issuer.py new file mode 100644 index 0000000..7a0dc5d --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/trust_o_auth_2_jwt_grant_issuer.py @@ -0,0 +1,134 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import cast +from typing import Union +from typing import Dict +from dateutil.parser import isoparse +import datetime +from typing import cast, List + +if TYPE_CHECKING: + from ..models.json_web_key import JsonWebKey + + + + +T = TypeVar("T", bound="TrustOAuth2JwtGrantIssuer") + +@attr.s(auto_attribs=True) +class TrustOAuth2JwtGrantIssuer: + """Trust OAuth2 JWT Bearer Grant Type Issuer Request Body + + Attributes: + expires_at (datetime.datetime): The "expires_at" indicates, when grant will expire, so we will reject assertion + from "issuer" targeting "subject". + issuer (str): The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + Example: https://jwt-idp.example.com. + jwk (JsonWebKey): + scope (List[str]): The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 + [RFC6749]) Example: ['openid', 'offline']. + allow_any_subject (Union[Unset, bool]): The "allow_any_subject" indicates that the issuer is allowed to have any + principal as the subject of the JWT. + subject (Union[Unset, str]): The "subject" identifies the principal that is the subject of the JWT. Example: + mike@example.com. + """ + + expires_at: datetime.datetime + issuer: str + jwk: 'JsonWebKey' + scope: List[str] + allow_any_subject: Union[Unset, bool] = UNSET + subject: Union[Unset, str] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + from ..models.json_web_key import JsonWebKey + expires_at = self.expires_at.isoformat() + + issuer = self.issuer + jwk = self.jwk.to_dict() + + scope = self.scope + + + + + allow_any_subject = self.allow_any_subject + subject = self.subject + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + "expires_at": expires_at, + "issuer": issuer, + "jwk": jwk, + "scope": scope, + }) + if allow_any_subject is not UNSET: + field_dict["allow_any_subject"] = allow_any_subject + if subject is not UNSET: + field_dict["subject"] = subject + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.json_web_key import JsonWebKey + _d = src_dict.copy() + expires_at = isoparse(_d.pop("expires_at")) + + + + + issuer = _d.pop("issuer") + + jwk = JsonWebKey.from_dict(_d.pop("jwk")) + + + + + scope = cast(List[str], _d.pop("scope")) + + + allow_any_subject = _d.pop("allow_any_subject", UNSET) + + subject = _d.pop("subject", UNSET) + + trust_o_auth_2_jwt_grant_issuer = cls( + expires_at=expires_at, + issuer=issuer, + jwk=jwk, + scope=scope, + allow_any_subject=allow_any_subject, + subject=subject, + ) + + trust_o_auth_2_jwt_grant_issuer.additional_properties = _d + return trust_o_auth_2_jwt_grant_issuer + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/trusted_o_auth_2_jwt_grant_issuer.py b/libs/ory-hydra-client/ory_hydra_client/models/trusted_o_auth_2_jwt_grant_issuer.py new file mode 100644 index 0000000..de57857 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/trusted_o_auth_2_jwt_grant_issuer.py @@ -0,0 +1,182 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import cast +from typing import Union +from typing import Dict +from dateutil.parser import isoparse +import datetime +from typing import cast, List + +if TYPE_CHECKING: + from ..models.trusted_o_auth_2_jwt_grant_json_web_key import TrustedOAuth2JwtGrantJsonWebKey + + + + +T = TypeVar("T", bound="TrustedOAuth2JwtGrantIssuer") + +@attr.s(auto_attribs=True) +class TrustedOAuth2JwtGrantIssuer: + """OAuth2 JWT Bearer Grant Type Issuer Trust Relationship + + Attributes: + allow_any_subject (Union[Unset, bool]): The "allow_any_subject" indicates that the issuer is allowed to have any + principal as the subject of the JWT. + created_at (Union[Unset, datetime.datetime]): The "created_at" indicates, when grant was created. + expires_at (Union[Unset, datetime.datetime]): The "expires_at" indicates, when grant will expire, so we will + reject assertion from "issuer" targeting "subject". + id (Union[Unset, str]): Example: 9edc811f-4e28-453c-9b46-4de65f00217f. + issuer (Union[Unset, str]): The "issuer" identifies the principal that issued the JWT assertion (same as "iss" + claim in JWT). Example: https://jwt-idp.example.com. + public_key (Union[Unset, TrustedOAuth2JwtGrantJsonWebKey]): OAuth2 JWT Bearer Grant Type Issuer Trusted JSON Web + Key + scope (Union[Unset, List[str]]): The "scope" contains list of scope values (as described in Section 3.3 of OAuth + 2.0 [RFC6749]) Example: ['openid', 'offline']. + subject (Union[Unset, str]): The "subject" identifies the principal that is the subject of the JWT. Example: + mike@example.com. + """ + + allow_any_subject: Union[Unset, bool] = UNSET + created_at: Union[Unset, datetime.datetime] = UNSET + expires_at: Union[Unset, datetime.datetime] = UNSET + id: Union[Unset, str] = UNSET + issuer: Union[Unset, str] = UNSET + public_key: Union[Unset, 'TrustedOAuth2JwtGrantJsonWebKey'] = UNSET + scope: Union[Unset, List[str]] = UNSET + subject: Union[Unset, str] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + from ..models.trusted_o_auth_2_jwt_grant_json_web_key import TrustedOAuth2JwtGrantJsonWebKey + allow_any_subject = self.allow_any_subject + created_at: Union[Unset, str] = UNSET + if not isinstance(self.created_at, Unset): + created_at = self.created_at.isoformat() + + expires_at: Union[Unset, str] = UNSET + if not isinstance(self.expires_at, Unset): + expires_at = self.expires_at.isoformat() + + id = self.id + issuer = self.issuer + public_key: Union[Unset, Dict[str, Any]] = UNSET + if not isinstance(self.public_key, Unset): + public_key = self.public_key.to_dict() + + scope: Union[Unset, List[str]] = UNSET + if not isinstance(self.scope, Unset): + scope = self.scope + + + + + subject = self.subject + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if allow_any_subject is not UNSET: + field_dict["allow_any_subject"] = allow_any_subject + if created_at is not UNSET: + field_dict["created_at"] = created_at + if expires_at is not UNSET: + field_dict["expires_at"] = expires_at + if id is not UNSET: + field_dict["id"] = id + if issuer is not UNSET: + field_dict["issuer"] = issuer + if public_key is not UNSET: + field_dict["public_key"] = public_key + if scope is not UNSET: + field_dict["scope"] = scope + if subject is not UNSET: + field_dict["subject"] = subject + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + from ..models.trusted_o_auth_2_jwt_grant_json_web_key import TrustedOAuth2JwtGrantJsonWebKey + _d = src_dict.copy() + allow_any_subject = _d.pop("allow_any_subject", UNSET) + + _created_at = _d.pop("created_at", UNSET) + created_at: Union[Unset, datetime.datetime] + if isinstance(_created_at, Unset): + created_at = UNSET + else: + created_at = isoparse(_created_at) + + + + + _expires_at = _d.pop("expires_at", UNSET) + expires_at: Union[Unset, datetime.datetime] + if isinstance(_expires_at, Unset): + expires_at = UNSET + else: + expires_at = isoparse(_expires_at) + + + + + id = _d.pop("id", UNSET) + + issuer = _d.pop("issuer", UNSET) + + _public_key = _d.pop("public_key", UNSET) + public_key: Union[Unset, TrustedOAuth2JwtGrantJsonWebKey] + if isinstance(_public_key, Unset): + public_key = UNSET + else: + public_key = TrustedOAuth2JwtGrantJsonWebKey.from_dict(_public_key) + + + + + scope = cast(List[str], _d.pop("scope", UNSET)) + + + subject = _d.pop("subject", UNSET) + + trusted_o_auth_2_jwt_grant_issuer = cls( + allow_any_subject=allow_any_subject, + created_at=created_at, + expires_at=expires_at, + id=id, + issuer=issuer, + public_key=public_key, + scope=scope, + subject=subject, + ) + + trusted_o_auth_2_jwt_grant_issuer.additional_properties = _d + return trusted_o_auth_2_jwt_grant_issuer + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/trusted_o_auth_2_jwt_grant_json_web_key.py b/libs/ory-hydra-client/ory_hydra_client/models/trusted_o_auth_2_jwt_grant_json_web_key.py new file mode 100644 index 0000000..3c88901 --- /dev/null +++ b/libs/ory-hydra-client/ory_hydra_client/models/trusted_o_auth_2_jwt_grant_json_web_key.py @@ -0,0 +1,81 @@ +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING + +from typing import List + + +import attr + +from ..types import UNSET, Unset + +from ..types import UNSET, Unset +from typing import Union + + + + + +T = TypeVar("T", bound="TrustedOAuth2JwtGrantJsonWebKey") + +@attr.s(auto_attribs=True) +class TrustedOAuth2JwtGrantJsonWebKey: + """OAuth2 JWT Bearer Grant Type Issuer Trusted JSON Web Key + + Attributes: + kid (Union[Unset, str]): The "key_id" is key unique identifier (same as kid header in jws/jwt). Example: + 123e4567-e89b-12d3-a456-426655440000. + set_ (Union[Unset, str]): The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" + in grant. Example: https://jwt-idp.example.com. + """ + + kid: Union[Unset, str] = UNSET + set_: Union[Unset, str] = UNSET + additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) + + + def to_dict(self) -> Dict[str, Any]: + kid = self.kid + set_ = self.set_ + + field_dict: Dict[str, Any] = {} + field_dict.update(self.additional_properties) + field_dict.update({ + }) + if kid is not UNSET: + field_dict["kid"] = kid + if set_ is not UNSET: + field_dict["set"] = set_ + + return field_dict + + + + @classmethod + def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + _d = src_dict.copy() + kid = _d.pop("kid", UNSET) + + set_ = _d.pop("set", UNSET) + + trusted_o_auth_2_jwt_grant_json_web_key = cls( + kid=kid, + set_=set_, + ) + + trusted_o_auth_2_jwt_grant_json_web_key.additional_properties = _d + return trusted_o_auth_2_jwt_grant_json_web_key + + @property + def additional_keys(self) -> List[str]: + return list(self.additional_properties.keys()) + + def __getitem__(self, key: str) -> Any: + return self.additional_properties[key] + + def __setitem__(self, key: str, value: Any) -> None: + self.additional_properties[key] = value + + def __delitem__(self, key: str) -> None: + del self.additional_properties[key] + + def __contains__(self, key: str) -> bool: + return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/models/version.py b/libs/ory-hydra-client/ory_hydra_client/models/version.py index 7114c1d..0fb20c5 100644 --- a/libs/ory-hydra-client/ory_hydra_client/models/version.py +++ b/libs/ory-hydra-client/ory_hydra_client/models/version.py @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING from typing import List @@ -13,6 +13,7 @@ from typing import Union + T = TypeVar("T", bound="Version") @attr.s(auto_attribs=True) diff --git a/libs/ory-hydra-client/ory_hydra_client/models/volume_usage_data.py b/libs/ory-hydra-client/ory_hydra_client/models/volume_usage_data.py deleted file mode 100644 index 5440625..0000000 --- a/libs/ory-hydra-client/ory_hydra_client/models/volume_usage_data.py +++ /dev/null @@ -1,79 +0,0 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO - -from typing import List - - -import attr - -from ..types import UNSET, Unset - - - - - -T = TypeVar("T", bound="VolumeUsageData") - -@attr.s(auto_attribs=True) -class VolumeUsageData: - """VolumeUsageData Usage details about the volume. This information is used by the -`GET /system/df` endpoint, and omitted in other endpoints. - - Attributes: - ref_count (int): The number of containers referencing this volume. This field - is set to `-1` if the reference-count is not available. - size (int): Amount of disk space used by the volume (in bytes). This information - is only available for volumes created with the `"local"` volume - driver. For volumes created with other volume drivers, this field - is set to `-1` ("not available") - """ - - ref_count: int - size: int - additional_properties: Dict[str, Any] = attr.ib(init=False, factory=dict) - - - def to_dict(self) -> Dict[str, Any]: - ref_count = self.ref_count - size = self.size - - field_dict: Dict[str, Any] = {} - field_dict.update(self.additional_properties) - field_dict.update({ - "RefCount": ref_count, - "Size": size, - }) - - return field_dict - - - - @classmethod - def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: - _d = src_dict.copy() - ref_count = _d.pop("RefCount") - - size = _d.pop("Size") - - volume_usage_data = cls( - ref_count=ref_count, - size=size, - ) - - volume_usage_data.additional_properties = _d - return volume_usage_data - - @property - def additional_keys(self) -> List[str]: - return list(self.additional_properties.keys()) - - def __getitem__(self, key: str) -> Any: - return self.additional_properties[key] - - def __setitem__(self, key: str, value: Any) -> None: - self.additional_properties[key] = value - - def __delitem__(self, key: str) -> None: - del self.additional_properties[key] - - def __contains__(self, key: str) -> bool: - return key in self.additional_properties diff --git a/libs/ory-hydra-client/ory_hydra_client/types.py b/libs/ory-hydra-client/ory_hydra_client/types.py index 9329d14..2b474f9 100644 --- a/libs/ory-hydra-client/ory_hydra_client/types.py +++ b/libs/ory-hydra-client/ory_hydra_client/types.py @@ -1,4 +1,5 @@ """ Contains some shared types for properties """ +from http import HTTPStatus from typing import Any, BinaryIO, Generic, MutableMapping, Optional, Tuple, TypeVar import attr @@ -34,7 +35,7 @@ T = TypeVar("T") class Response(Generic[T]): """ A response from an endpoint """ - status_code: int + status_code: HTTPStatus content: bytes headers: MutableMapping[str, str] parsed: Optional[T] diff --git a/libs/ory-hydra-client/setup.py b/libs/ory-hydra-client/setup.py index c727b14..176a8fd 100644 --- a/libs/ory-hydra-client/setup.py +++ b/libs/ory-hydra-client/setup.py @@ -7,12 +7,12 @@ long_description = (here / "README.md").read_text(encoding="utf-8") setup( name="ory-hydra-client", - version="1.9.2", - description="A client library for accessing ORY Hydra", + version="2.0.3", + description="A client library for accessing Ory Hydra", long_description=long_description, long_description_content_type="text/markdown", packages=find_packages(), python_requires=">=3.7, <4", - install_requires=["httpx >= 0.15.0", "attrs >= 21.3.0", "python-dateutil >= 2.8.0, < 3"], + install_requires=["httpx >= 0.15.0, < 0.24.0", "attrs >= 21.3.0", "python-dateutil >= 2.8.0, < 3"], package_data={"ory_hydra_client": ["py.typed"]}, ) diff --git a/specs/api_template/README.md.jinja b/specs/api_template/README.md.jinja index e35cd25..1d50c8d 100644 --- a/specs/api_template/README.md.jinja +++ b/specs/api_template/README.md.jinja @@ -61,12 +61,14 @@ client = AuthenticatedClient( ) ``` +There are more settings on the generated `Client` class which let you control more runtime behavior, check out the docstring on that class for more info. + Things to know: 1. Every path/method combo becomes a Python module with four functions: 1. `sync`: Blocking request that returns parsed data (if successful) or `None` 1. `sync_detailed`: Blocking request that always returns a `Request`, optionally with `parsed` set if the request was successful. - 1. `asyncio`: Like `sync` but the async instead of blocking - 1. `asyncio_detailed`: Like `sync_detailed` by async instead of blocking + 1. `asyncio`: Like `sync` but async instead of blocking + 1. `asyncio_detailed`: Like `sync_detailed` but async instead of blocking 1. All path/query params, and bodies become method arguments. 1. If your endpoint had any tags on it, the first tag will be used as a module name for the function (my_tag above) diff --git a/specs/api_template/client.py.jinja b/specs/api_template/client.py.jinja index 028a63a..3155f30 100644 --- a/specs/api_template/client.py.jinja +++ b/specs/api_template/client.py.jinja @@ -4,13 +4,26 @@ import attr @attr.s(auto_attribs=True) class Client: - """ A class for keeping track of data related to the API """ + """ A class for keeping track of data related to the API + + Attributes: + base_url: The base URL for the API, all requests are made to a relative path to this URL + cookies: A dictionary of cookies to be sent with every request + headers: A dictionary of headers to be sent with every request + timeout: The maximum amount of a time in seconds a request can take. API functions will raise + httpx.TimeoutException if this is exceeded. + verify_ssl: Whether or not to verify the SSL certificate of the API server. This should be True in production, + but can be set to False for testing purposes. + raise_on_unexpected_status: Whether or not to raise an errors.UnexpectedStatus if the API returns a + status code that was not documented in the source OpenAPI document. + """ base_url: str cookies: Dict[str, str] = attr.ib(factory=dict, kw_only=True) headers: Dict[str, str] = attr.ib(factory=dict, kw_only=True) timeout: float = attr.ib(5.0, kw_only=True) verify_ssl: Union[str, bool, ssl.SSLContext] = attr.ib(True, kw_only=True) + raise_on_unexpected_status: bool = attr.ib(False, kw_only=True) def get_headers(self) -> Dict[str, str]: """ Get headers to be used in all endpoints """ @@ -39,7 +52,10 @@ class AuthenticatedClient(Client): """ A Client which has been authenticated for use on secured endpoints """ token: str + prefix: str = "Bearer" + auth_header_name: str = "Authorization" def get_headers(self) -> Dict[str, str]: - """ Get headers to be used in authenticated endpoints """ - return {"Authorization": f"Bearer {self.token}", **self.headers} + """Get headers to be used in authenticated endpoints""" + auth_header_value = f"{self.prefix} {self.token}" if self.prefix else self.token + return {self.auth_header_name: auth_header_value, **self.headers} diff --git a/specs/api_template/endpoint_macros.py.jinja b/specs/api_template/endpoint_macros.py.jinja index 290374c..8eddc6a 100644 --- a/specs/api_template/endpoint_macros.py.jinja +++ b/specs/api_template/endpoint_macros.py.jinja @@ -83,15 +83,15 @@ params = {k: v for k, v in params.items() if v is not UNSET and v is not None} {{ parameter.to_string() }}, {% endfor %} *, -{# Proper _client based on whether or not the endpoint requires authentication #} +{# Proper client based on whether or not the endpoint requires authentication #} {% if endpoint.requires_security %} _client: AuthenticatedClient, {% else %} _client: Client, {% endif %} {# Form data if any #} -{% if endpoint.form_body_class %} -form_data: {{ endpoint.form_body_class.name }}, +{% if endpoint.form_body %} +form_data: {{ endpoint.form_body.get_type_string() }}, {% endif %} {# Multipart data if any #} {% if endpoint.multipart_body %} @@ -120,7 +120,7 @@ json_body: {{ endpoint.json_body.get_type_string() }}, {{ parameter.python_name }}={{ parameter.python_name }}, {% endfor %} _client=_client, -{% if endpoint.form_body_class %} +{% if endpoint.form_body %} form_data=form_data, {% endif %} {% if endpoint.multipart_body %} @@ -159,6 +159,10 @@ Args: {% endfor %} {% endif %} +Raises: + errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True. + httpx.TimeoutException: If the request takes longer than Client.timeout. + Returns: Response[{{ return_string }}] """ diff --git a/specs/api_template/endpoint_module.py.jinja b/specs/api_template/endpoint_module.py.jinja index d196b3a..ec3eea1 100644 --- a/specs/api_template/endpoint_module.py.jinja +++ b/specs/api_template/endpoint_module.py.jinja @@ -1,9 +1,11 @@ +from http import HTTPStatus from typing import Any, Dict, List, Optional, Union, cast import httpx from ...client import AuthenticatedClient, Client from ...types import Response, UNSET +from ... import errors {% for relative in endpoint.relative_imports %} {{ relative }} @@ -44,7 +46,7 @@ def _get_kwargs( "headers": headers, "cookies": cookies, "timeout": _client.get_timeout(), - {% if endpoint.form_body_class %} + {% if endpoint.form_body %} "data": form_data.to_dict(), {% elif endpoint.multipart_body %} "files": {{ "multipart_" + endpoint.multipart_body.python_name }}, @@ -57,32 +59,32 @@ def _get_kwargs( } -{% if parsed_responses %} -def _parse_response(*, response: httpx.Response) -> Optional[{{ return_string }}]: +def _parse_response(*, client: Client, response: httpx.Response) -> Optional[{{ return_string }}]: {% for response in endpoint.responses %} - if response.status_code == {{ response.status_code }}: - {% import "property_templates/" + response.prop.template as prop_template %} + if response.status_code == HTTPStatus.{{ response.status_code.name }}: + {% if parsed_responses %}{% import "property_templates/" + response.prop.template as prop_template %} {% if prop_template.construct %} {{ prop_template.construct(response.prop, response.source) | indent(8) }} {% else %} {{ response.prop.python_name }} = cast({{ response.prop.get_type_string() }}, {{ response.source }}) {% endif %} return {{ response.prop.python_name }} + {% else %} + return None + {% endif %} {% endfor %} - return None -{% endif %} + if client.raise_on_unexpected_status: + raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}") + else: + return None -def _build_response(*, response: httpx.Response) -> Response[{{ return_string }}]: +def _build_response(*, client: Client, response: httpx.Response) -> Response[{{ return_string }}]: return Response( - status_code=response.status_code, + status_code=HTTPStatus(response.status_code), content=response.content, headers=response.headers, - {% if parsed_responses %} - parsed=_parse_response(response=response), - {% else %} - parsed=None, - {% endif %} + parsed=_parse_response(client=client, response=response), ) @@ -100,7 +102,7 @@ def sync_detailed( **kwargs, ) - return _build_response(response=response) + return _build_response(client=_client, response=response) {% if parsed_responses %} def sync( @@ -127,7 +129,7 @@ async def asyncio_detailed( **kwargs ) - return _build_response(response=response) + return _build_response(client=_client, response=response) {% if parsed_responses %} async def asyncio( diff --git a/specs/api_template/errors.py.jinja b/specs/api_template/errors.py.jinja new file mode 100644 index 0000000..7445a2d --- /dev/null +++ b/specs/api_template/errors.py.jinja @@ -0,0 +1,7 @@ +""" Contains shared errors types that can be raised from API functions """ + +class UnexpectedStatus(Exception): + """ Raised by api functions when the response status an undocumented status and Client.raise_on_unexpected_status is True """ + ... + +__all__ = ["UnexpectedStatus"] diff --git a/specs/api_template/model.py.jinja b/specs/api_template/model.py.jinja index 646402c..b03cc54 100644 --- a/specs/api_template/model.py.jinja +++ b/specs/api_template/model.py.jinja @@ -1,4 +1,4 @@ -from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO +from typing import Any, Dict, Type, TypeVar, Tuple, Optional, BinaryIO, TextIO, TYPE_CHECKING {% if model.additional_properties %} from typing import List @@ -16,9 +16,16 @@ from ..types import UNSET, Unset {{ relative }} {% endfor %} +{% for lazy_import in model.lazy_imports %} +{% if loop.first %} +if TYPE_CHECKING: +{% endif %} + {{ lazy_import }} +{% endfor %} + {% if model.additional_properties %} -{% set additional_property_type = 'Any' if model.additional_properties == True else model.additional_properties.get_type_string() %} +{% set additional_property_type = 'Any' if model.additional_properties == True else model.additional_properties.get_type_string(quoted=not model.additional_properties.is_base_type) %} {% endif %} {% set class_name = model.class_info.name %} @@ -85,7 +92,7 @@ field_dict: Dict[str, Any] = {} {% endif %} {% if prop_template and prop_template.transform %} for prop_name, prop in self.additional_properties.items(): - {{ prop_template.transform(model.additional_properties, "prop", "field_dict[prop_name]", multipart=multipart) | indent(4) }} + {{ prop_template.transform(model.additional_properties, "prop", "field_dict[prop_name]", multipart=multipart, declare_type=false) | indent(4) }} {% elif multipart %} field_dict.update({ key: (None, str(value).encode(), "text/plain") @@ -113,6 +120,9 @@ return field_dict {% endmacro %} def to_dict(self) -> Dict[str, Any]: + {% for lazy_import in model.lazy_imports %} + {{ lazy_import }} + {% endfor %} {{ _to_dict() | indent(8) }} {% if model.is_multipart_body %} @@ -122,6 +132,9 @@ return field_dict @classmethod def from_dict(cls: Type[T], src_dict: Dict[str, Any]) -> T: + {% for lazy_import in model.lazy_imports %} + {{ lazy_import }} + {% endfor %} _d = src_dict.copy() {% for property in model.required_properties + model.optional_properties %} {% if property.required %} @@ -146,12 +159,18 @@ return field_dict {% if model.additional_properties %} {% if model.additional_properties.template %}{# Can be a bool instead of an object #} {% import "property_templates/" + model.additional_properties.template as prop_template %} + +{% if model.additional_properties.lazy_imports %} + {% for lazy_import in model.additional_properties.lazy_imports %} + {{ lazy_import }} + {% endfor %} +{% endif %} {% else %} {% set prop_template = None %} {% endif %} {% if prop_template and prop_template.construct %} additional_properties = {} - for prop_name, prop_dict in _d.items(): + for prop_name, prop_dict in d.items(): {{ prop_template.construct(model.additional_properties, "prop_dict") | indent(12) }} additional_properties[prop_name] = {{ model.additional_properties.python_name }} diff --git a/specs/api_template/models_init.py.jinja b/specs/api_template/models_init.py.jinja index d595422..7379e86 100644 --- a/specs/api_template/models_init.py.jinja +++ b/specs/api_template/models_init.py.jinja @@ -3,3 +3,11 @@ {% for import in imports | sort %} {{ import }} {% endfor %} + +{% if imports %} +__all__ = ( + {% for all in alls | sort %} + "{{ all }}", + {% endfor %} +) +{% endif %} diff --git a/specs/api_template/package_init.py.jinja b/specs/api_template/package_init.py.jinja index f146549..366a7e5 100644 --- a/specs/api_template/package_init.py.jinja +++ b/specs/api_template/package_init.py.jinja @@ -1,2 +1,7 @@ """ {{ package_description }} """ from .client import AuthenticatedClient, Client + +__all__ = ( + "AuthenticatedClient", + "Client", +) diff --git a/specs/api_template/property_templates/enum_property.py.jinja b/specs/api_template/property_templates/enum_property.py.jinja index ffc07dd..52418a1 100644 --- a/specs/api_template/property_templates/enum_property.py.jinja +++ b/specs/api_template/property_templates/enum_property.py.jinja @@ -33,3 +33,7 @@ if not isinstance({{ source }}, Unset): {% endif %} {% endif %} {% endmacro %} + +{% macro transform_header(property, source, destination) %} +{{ destination }} = str({{ source }}) +{% endmacro %} diff --git a/specs/api_template/property_templates/union_property.py.jinja b/specs/api_template/property_templates/union_property.py.jinja index 8a7d506..4d43faf 100644 --- a/specs/api_template/property_templates/union_property.py.jinja +++ b/specs/api_template/property_templates/union_property.py.jinja @@ -40,24 +40,24 @@ def _parse_{{ property.python_name }}(data: object) -> {{ property.get_type_stri {% endmacro %} {% macro transform(property, source, destination, declare_type=True, multipart=False) %} -{% if not property.required or property.nullable %} -{{ destination }}{% if declare_type %}: {{ property.get_type_string(json=True) }}{% endif %} +{% set ns = namespace(contains_properties_without_transform = false, contains_modified_properties = not property.required, has_if = false) %} +{% if declare_type %}{{ destination }}: {{ property.get_type_string(json=True) }}{% endif %} {% if not property.required %} if isinstance({{ source }}, Unset): {{ destination }} = UNSET -{% endif %} + {% set ns.has_if = true %} {% endif %} {% if property.nullable %} - {% if property.required %} -if {{ source }} is None: - {% else %}{# There's an if UNSET statement before this #} + {% if ns.has_if %} elif {{ source }} is None: + {% else %} +if {{ source }} is None: + {% set ns.has_if = true %} {% endif %} {{ destination }} = None {% endif %} -{% set ns = namespace(contains_properties_without_transform = false, contains_modified_properties = not property.required) %} {% for inner_property in property.inner_properties %} {% import "property_templates/" + inner_property.template as inner_template %} {% if not inner_template.transform %} @@ -66,8 +66,9 @@ elif {{ source }} is None: {% else %} {% set ns.contains_modified_properties = true %} {% endif %} - {% if loop.first and property.required and not property.nullable %}{# No if UNSET or if None statement before this #} + {% if not ns.has_if %} if isinstance({{ source }}, {{ inner_property.get_instance_type_string() }}): + {% set ns.has_if = true %} {% elif not loop.last or ns.contains_properties_without_transform %} elif isinstance({{ source }}, {{ inner_property.get_instance_type_string() }}): {% else %} diff --git a/specs/api_template/pyproject.toml.jinja b/specs/api_template/pyproject.toml.jinja index 5e2c2b1..410d1eb 100644 --- a/specs/api_template/pyproject.toml.jinja +++ b/specs/api_template/pyproject.toml.jinja @@ -14,7 +14,7 @@ include = ["CHANGELOG.md", "{{ package_name }}/py.typed"] [tool.poetry.dependencies] python = "^3.7" -httpx = ">=0.15.4,<0.23.0" +httpx = ">=0.15.4,<0.24.0" attrs = ">=21.3.0" python-dateutil = "^2.8.0" diff --git a/specs/api_template/setup.py.jinja b/specs/api_template/setup.py.jinja index af32f1c..fa36e53 100644 --- a/specs/api_template/setup.py.jinja +++ b/specs/api_template/setup.py.jinja @@ -13,6 +13,6 @@ setup( long_description_content_type="text/markdown", packages=find_packages(), python_requires=">=3.7, <4", - install_requires=["httpx >= 0.15.0, < 0.23.0", "attrs >= 21.3.0", "python-dateutil >= 2.8.0, < 3"], + install_requires=["httpx >= 0.15.0, < 0.24.0", "attrs >= 21.3.0", "python-dateutil >= 2.8.0, < 3"], package_data={"{{ package_name }}": ["py.typed"]}, ) diff --git a/specs/api_template/types.py.jinja b/specs/api_template/types.py.jinja index bf90d01..c746db6 100644 --- a/specs/api_template/types.py.jinja +++ b/specs/api_template/types.py.jinja @@ -1,4 +1,5 @@ """ Contains some shared types for properties """ +from http import HTTPStatus from typing import Any, BinaryIO, Generic, MutableMapping, Optional, Tuple, TypeVar import attr @@ -35,7 +36,7 @@ T = TypeVar("T") class Response(Generic[T]): """ A response from an endpoint """ - status_code: int + status_code: HTTPStatus content: bytes headers: MutableMapping[str, str] parsed: Optional[T] diff --git a/specs/hydra.yaml b/specs/hydra.yaml index 9b314b6..1e823dc 100644 --- a/specs/hydra.yaml +++ b/specs/hydra.yaml @@ -1,2069 +1,120 @@ -openapi: 3.0.1 -info: - title: ORY Hydra - description: Welcome to the ORY Hydra HTTP API documentation. You will find documentation - for all HTTP APIs here. - version: 1.9.2 -servers: -- url: / -paths: - /.well-known/jwks.json: - get: - tags: - - public - summary: JSON Web Keys Discovery - description: |- - This endpoint returns JSON Web Keys to be used as public keys for verifying OpenID Connect ID Tokens and, - if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like - [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. - operationId: wellKnown - responses: - 200: - description: JSONWebKeySet - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKeySet' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /.well-known/openid-configuration: - get: - tags: - - public - summary: OpenID Connect Discovery - description: |- - The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage you to not roll - your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn more on this - flow at https://openid.net/specs/openid-connect-discovery-1_0.html . - - Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. - For a full list of clients go here: https://openid.net/developers/certified/ - operationId: discoverOpenIDConfiguration - responses: - 200: - description: wellKnown - content: - application/json: - schema: - $ref: '#/components/schemas/wellKnown' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /clients: - get: - tags: - - admin - summary: List OAuth 2.0 Clients - description: |- - This endpoint lists all clients in the database, and never returns client secrets. As a default it lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. - The "Link" header is also included in successful responses, which contains one or more links for pagination, formatted like so: '; rel="{page}"', where page is one of the following applicable pages: 'first', 'next', 'last', and 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - operationId: listOAuth2Clients - parameters: - - name: limit - in: query - description: The maximum amount of policies returned, upper bound is 500 policies - schema: - type: integer - format: int64 - - name: offset - in: query - description: The offset from where to start looking. - schema: - type: integer - format: int64 - responses: - 200: - description: A list of clients. - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/oAuth2Client' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - post: - tags: - - admin - summary: Create an OAuth 2.0 Client - description: |- - Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a random secret will be generated. The secret will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somwhere safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. - operationId: createOAuth2Client - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/oAuth2Client' - required: true - responses: - 201: - description: oAuth2Client - content: - application/json: - schema: - $ref: '#/components/schemas/oAuth2Client' - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 409: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /clients/{id}: - get: - tags: - - admin - summary: Get an OAuth 2.0 Client. - description: |- - Get an OAUth 2.0 client by its ID. This endpoint never returns passwords. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. - operationId: getOAuth2Client - parameters: - - name: id - in: path - description: The id of the OAuth 2.0 Client. - required: true - schema: - type: string - responses: - 200: - description: oAuth2Client - content: - application/json: - schema: - $ref: '#/components/schemas/oAuth2Client' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - put: - tags: - - admin - summary: Update an OAuth 2.0 Client - description: |- - Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. - operationId: updateOAuth2Client - parameters: - - name: id - in: path - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/oAuth2Client' - required: true - responses: - 200: - description: oAuth2Client - content: - application/json: - schema: - $ref: '#/components/schemas/oAuth2Client' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - delete: - tags: - - admin - summary: Deletes an OAuth 2.0 Client - description: |- - Delete an existing OAuth 2.0 Client by its ID. - - OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. - operationId: deleteOAuth2Client - parameters: - - name: id - in: path - description: The id of the OAuth 2.0 Client. - required: true - schema: - type: string - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /health/alive: - get: - tags: - - admin - summary: Check Alive Status - description: |- - This endpoint returns a 200 status code when the HTTP server is up running. - This status does currently not include checks whether the database connection is working. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Be aware that if you are running multiple nodes of this service, the health status will never - refer to the cluster state, only to a single instance. - operationId: isInstanceAlive - responses: - 200: - description: healthStatus - content: - application/json: - schema: - $ref: '#/components/schemas/healthStatus' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /health/ready: - get: - tags: - - public - summary: Check Readiness Status - description: |- - This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g. - the database) are responsive as well. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - - Be aware that if you are running multiple nodes of this service, the health status will never - refer to the cluster state, only to a single instance. - operationId: isInstanceReady - responses: - 200: - description: healthStatus - content: - application/json: - schema: - $ref: '#/components/schemas/healthStatus' - 503: - description: healthNotReadyStatus - content: - application/json: - schema: - $ref: '#/components/schemas/healthNotReadyStatus' - /keys/{set}: - get: - tags: - - admin - summary: Retrieve a JSON Web Key Set - description: |- - This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. - operationId: getJsonWebKeySet - parameters: - - name: set - in: path - description: The set - required: true - schema: - type: string - responses: - 200: - description: JSONWebKeySet - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKeySet' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 403: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - put: - tags: - - admin - summary: Update a JSON Web Key Set - description: |- - Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. - operationId: updateJsonWebKeySet - parameters: - - name: set - in: path - description: The set - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKeySet' - required: false - responses: - 200: - description: JSONWebKeySet - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKeySet' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 403: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - post: - tags: - - admin - summary: Generate a New JSON Web Key - description: |- - This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. - operationId: createJsonWebKeySet - parameters: - - name: set - in: path - description: The set - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/jsonWebKeySetGeneratorRequest' - required: false - responses: - 201: - description: JSONWebKeySet - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKeySet' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 403: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - delete: - tags: - - admin - summary: Delete a JSON Web Key Set - description: |- - Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. - operationId: deleteJsonWebKeySet - parameters: - - name: set - in: path - description: The set - required: true - schema: - type: string - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 403: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /keys/{set}/{kid}: - get: - tags: - - admin - summary: Fetch a JSON Web Key - description: This endpoint returns a singular JSON Web Key, identified by the - set and the specific key ID (kid). - operationId: getJsonWebKey - parameters: - - name: kid - in: path - description: The kid of the desired key - required: true - schema: - type: string - - name: set - in: path - description: The set - required: true - schema: - type: string - responses: - 200: - description: JSONWebKeySet - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKeySet' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - put: - tags: - - admin - summary: Update a JSON Web Key - description: |- - Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. - operationId: updateJsonWebKey - parameters: - - name: kid - in: path - description: The kid of the desired key - required: true - schema: - type: string - - name: set - in: path - description: The set - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKey' - required: false - responses: - 200: - description: JSONWebKey - content: - application/json: - schema: - $ref: '#/components/schemas/JSONWebKey' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 403: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - delete: - tags: - - admin - summary: Delete a JSON Web Key - description: |- - Use this endpoint to delete a single JSON Web Key. - - A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. - operationId: deleteJsonWebKey - parameters: - - name: kid - in: path - description: The kid of the desired key - required: true - schema: - type: string - - name: set - in: path - description: The set - required: true - schema: - type: string - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 403: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /metrics/prometheus: - get: - tags: - - admin - summary: Get Snapshot Metrics from the Hydra Service. - description: |- - If you're using k8s, you can then add annotations to your deployment like so: - - ``` - metadata: - annotations: - prometheus.io/port: "4445" - prometheus.io/path: "/metrics/prometheus" - ``` - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - operationId: prometheus - responses: - 200: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - /oauth2/auth: - get: - tags: - - public - summary: The OAuth 2.0 Authorize Endpoint - description: |- - This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. - OAuth2 is a very popular protocol and a library for your programming language will exists. - - To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 - operationId: oauthAuth - responses: - 302: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/auth/requests/consent: - get: - tags: - - admin - summary: Get Consent Request Information - description: |- - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It shows a subject interface which asks the subject to - grant or deny the client access to the requested scope ("Application my-dropbox-app wants write access to all your private files"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if the subject accepted - or rejected the request. - operationId: getConsentRequest - parameters: - - name: consent_challenge - in: query - required: true - schema: - type: string - responses: - 200: - description: consentRequest - content: - application/json: - schema: - $ref: '#/components/schemas/consentRequest' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 409: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/auth/requests/consent/accept: - put: - tags: - - admin - summary: Accept a Consent Request - description: |- - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It shows a subject interface which asks the subject to - grant or deny the client access to the requested scope ("Application my-dropbox-app wants write access to all your private files"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if the subject accepted - or rejected the request. - - This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. - The consent provider includes additional information, such as session data for access and ID tokens, and if the - consent request should be used as basis for future requests. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - operationId: acceptConsentRequest - parameters: - - name: consent_challenge - in: query - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/acceptConsentRequest' - required: false - responses: - 200: - description: completedRequest - content: - application/json: - schema: - $ref: '#/components/schemas/completedRequest' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /oauth2/auth/requests/consent/reject: - put: - tags: - - admin - summary: Reject a Consent Request - description: |- - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider - to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, he/she must now be asked if - the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. - - The consent provider which handles this request and is a web app implemented and hosted by you. It shows a subject interface which asks the subject to - grant or deny the client access to the requested scope ("Application my-dropbox-app wants write access to all your private files"). - - The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent - provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if the subject accepted - or rejected the request. - - This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. - The consent provider must include a reason why the consent was not granted. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - operationId: rejectConsentRequest - parameters: - - name: consent_challenge - in: query - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/rejectRequest' - required: false - responses: - 200: - description: completedRequest - content: - application/json: - schema: - $ref: '#/components/schemas/completedRequest' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /oauth2/auth/requests/login: - get: - tags: - - admin - summary: Get a Login Request - description: |- - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider - (sometimes called "identity provider") to authenticate the subject and then tell ORY Hydra now about it. The login - provider is an web-app you write and host, and it must be able to authenticate ("show the subject a login screen") - a subject (in OAuth2 the proper name for subject is "resource owner"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - operationId: getLoginRequest - parameters: - - name: login_challenge - in: query - required: true - schema: - type: string - responses: - 200: - description: loginRequest - content: - application/json: - schema: - $ref: '#/components/schemas/loginRequest' - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 409: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/auth/requests/login/accept: - put: - tags: - - admin - summary: Accept a Login Request - description: |- - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider - (sometimes called "identity provider") to authenticate the subject and then tell ORY Hydra now about it. The login - provider is an web-app you write and host, and it must be able to authenticate ("show the subject a login screen") - a subject (in OAuth2 the proper name for subject is "resource owner"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - - This endpoint tells ORY Hydra that the subject has successfully authenticated and includes additional information such as - the subject's ID and if ORY Hydra should remember the subject's subject agent for future authentication attempts by setting - a cookie. - - The response contains a redirect URL which the login provider should redirect the user-agent to. - operationId: acceptLoginRequest - parameters: - - name: login_challenge - in: query - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/acceptLoginRequest' - required: false - responses: - 200: - description: completedRequest - content: - application/json: - schema: - $ref: '#/components/schemas/completedRequest' - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /oauth2/auth/requests/login/reject: - put: - tags: - - admin - summary: Reject a Login Request - description: |- - When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the login provider - (sometimes called "identity provider") to authenticate the subject and then tell ORY Hydra now about it. The login - provider is an web-app you write and host, and it must be able to authenticate ("show the subject a login screen") - a subject (in OAuth2 the proper name for subject is "resource owner"). - - The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login - provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. - - This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the authentication - was be denied. - - The response contains a redirect URL which the login provider should redirect the user-agent to. - operationId: rejectLoginRequest - parameters: - - name: login_challenge - in: query - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/rejectRequest' - required: false - responses: - 200: - description: completedRequest - content: - application/json: - schema: - $ref: '#/components/schemas/completedRequest' - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /oauth2/auth/requests/logout: - get: - tags: - - admin - summary: Get a Logout Request - description: Use this endpoint to fetch a logout request. - operationId: getLogoutRequest - parameters: - - name: logout_challenge - in: query - required: true - schema: - type: string - responses: - 200: - description: logoutRequest - content: - application/json: - schema: - $ref: '#/components/schemas/logoutRequest' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/auth/requests/logout/accept: - put: - tags: - - admin - summary: Accept a Logout Request - description: |- - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm that logout request. - No body is required. - - The response contains a redirect URL which the consent provider should redirect the user-agent to. - operationId: acceptLogoutRequest - parameters: - - name: logout_challenge - in: query - required: true - schema: - type: string - responses: - 200: - description: completedRequest - content: - application/json: - schema: - $ref: '#/components/schemas/completedRequest' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/auth/requests/logout/reject: - put: - tags: - - admin - summary: Reject a Logout Request - description: |- - When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny that logout request. - No body is required. - - The response is empty as the logout provider has to chose what action to perform next. - operationId: rejectLogoutRequest - parameters: - - name: logout_challenge - in: query - required: true - schema: - type: string - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/rejectRequest' - application/x-www-form-urlencoded: - schema: - $ref: '#/components/schemas/rejectRequest' - required: false - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /oauth2/auth/sessions/consent: - get: - tags: - - admin - summary: Lists All Consent Sessions of a Subject - description: |- - This endpoint lists all subject's granted consent sessions, including client and granted scope. - If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an - empty JSON array with status code 200 OK. - - - The "Link" header is also included in successful responses, which contains one or more links for pagination, formatted like so: '; rel="{page}"', where page is one of the following applicable pages: 'first', 'next', 'last', and 'previous'. - Multiple links can be included in this header, and will be separated by a comma. - operationId: listSubjectConsentSessions - parameters: - - name: subject - in: query - required: true - schema: - type: string - responses: - 200: - description: A list of used consent requests. - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/PreviousConsentSession' - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - delete: - tags: - - admin - summary: Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client - description: |- - This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and invalidates all - associated OAuth 2.0 Access Tokens. - operationId: revokeConsentSessions - parameters: - - name: subject - in: query - description: The subject (Subject) who's consent sessions should be deleted. - required: true - schema: - type: string - - name: client - in: query - description: If set, deletes only those consent sessions by the Subject that - have been granted to the specified OAuth 2.0 Client ID - schema: - type: string - - name: all - in: query - description: If set to `?all=true`, deletes all consent sessions by the Subject - that have been granted. - schema: - type: boolean - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/auth/sessions/login: - delete: - tags: - - admin - summary: |- - Invalidates All Login Sessions of a Certain User - Invalidates a Subject's Authentication Session - description: |- - This endpoint invalidates a subject's authentication session. After revoking the authentication session, the subject - has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work with OpenID Connect - Front- or Back-channel logout. - operationId: revokeAuthenticationSession - parameters: - - name: subject - in: query - required: true - schema: - type: string - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 404: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/flush: - post: - tags: - - admin - summary: Flush Expired OAuth2 Access Tokens - description: |- - This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which no tokens will be - not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be flushed as they are deleted - automatically when performing the refresh flow. - operationId: flushInactiveOAuth2Tokens - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/flushInactiveOAuth2TokensRequest' - required: false - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - x-codegen-request-body-name: Body - /oauth2/introspect: - post: - tags: - - admin - summary: Introspect OAuth2 Tokens - description: |- - The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token - is neither expired nor revoked. If a token is active, additional information on the token will be included. You can - set additional data for a token by setting `accessTokenExtra` during the consent flow. - - For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection-endpoint/). - operationId: introspectOAuth2Token - requestBody: - content: - application/x-www-form-urlencoded: - schema: - required: - - token - properties: - token: - type: string - description: |- - The string value of the token. For access tokens, this - is the "access_token" value returned from the token endpoint - defined in OAuth 2.0. For refresh tokens, this is the "refresh_token" - value returned. - scope: - type: string - description: |- - An optional, space separated list of required scopes. If the access token was not granted one of the - scopes, the result of active will be false. - required: true - responses: - 200: - description: oAuth2TokenIntrospection - content: - application/json: - schema: - $ref: '#/components/schemas/oAuth2TokenIntrospection' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /oauth2/revoke: - post: - tags: - - public - summary: Revoke OAuth2 Tokens - description: |- - Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no - longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. - Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by - the client the token was generated for. - operationId: revokeOAuth2Token - requestBody: - content: - application/x-www-form-urlencoded: - schema: - required: - - token - properties: - token: - type: string - required: true - responses: - 200: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - security: - - basic: [] - - oauth2: [] - /oauth2/sessions/logout: - get: - tags: - - public - summary: OpenID Connect Front-Backchannel Enabled Logout - description: |- - This endpoint initiates and completes user logout at ORY Hydra and initiates OpenID Connect Front-/Back-channel logout: - - https://openid.net/specs/openid-connect-frontchannel-1_0.html - https://openid.net/specs/openid-connect-backchannel-1_0.html - operationId: disconnectUser - responses: - 302: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - /oauth2/token: - post: - tags: - - public - summary: The OAuth 2.0 Token Endpoint - description: |- - The client makes a request to the token endpoint by sending the - following parameters using the "application/x-www-form-urlencoded" HTTP - request entity-body. - - > Do not implement a client for this endpoint yourself. Use a library. There are many libraries - > available for any programming language. You can find a list of libraries here: https://oauth.net/code/ - > - > Do note that Hydra SDK does not implement this endpoint properly. Use one of the libraries listed above! - operationId: oauth2Token - requestBody: - content: - application/x-www-form-urlencoded: - schema: - required: - - grant_type - properties: - grant_type: - type: string - code: - type: string - refresh_token: - type: string - redirect_uri: - type: string - client_id: - type: string - required: true - responses: - 200: - description: oauth2TokenResponse - content: - application/json: - schema: - $ref: '#/components/schemas/oauth2TokenResponse' - 400: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - security: - - basic: [] - - oauth2: [] - /oauth2/tokens: - delete: - tags: - - admin - summary: Delete OAuth2 Access Tokens from a Client - description: This endpoint deletes OAuth2 access tokens issued for a client - from the database - operationId: deleteOAuth2Token - parameters: - - name: client_id - in: query - required: true - schema: - type: string - responses: - 204: - description: |- - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is - typically 201. - content: {} - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - /userinfo: - get: - tags: - - public - summary: OpenID Connect Userinfo - description: |- - This endpoint returns the payload of the ID Token, including the idTokenExtra values, of - the provided OAuth 2.0 Access Token. - - For more information please [refer to the spec](http://openid.net/specs/openid-connect-core-1_0.html#UserInfo). - operationId: userinfo - responses: - 200: - description: userinfoResponse - content: - application/json: - schema: - $ref: '#/components/schemas/userinfoResponse' - 401: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - 500: - description: genericError - content: - application/json: - schema: - $ref: '#/components/schemas/genericError' - security: - - oauth2: [] - /version: - get: - tags: - - admin - summary: Get Service Version - description: |- - This endpoint returns the service version typically notated using semantic versioning. - - If the service supports TLS Edge Termination, this endpoint does not require the - `X-Forwarded-Proto` header to be set. - operationId: getVersion - responses: - 200: - description: version - content: - application/json: - schema: - $ref: '#/components/schemas/version' components: + responses: + emptyResponse: + description: |- + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + typically 201. + errorOAuth2BadRequest: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: Bad Request Error Response + errorOAuth2Default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: Default Error Response + errorOAuth2NotFound: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: Not Found Error Response + listOAuth2Clients: + content: + application/json: + schema: + items: + $ref: '#/components/schemas/oAuth2Client' + type: array + description: Paginated OAuth2 Client List Response schemas: - ContainerWaitOKBodyError: - type: object - properties: - Message: - type: string - description: Details of an error - description: ContainerWaitOKBodyError container waiting error, if any JSONRawMessage: - #title: JSONRawMessage represents a json.RawMessage that works well with JSON, - # SQL, and Swagger. - type: object - JSONWebKey: - required: - - alg - - kid - - kty - - use - type: object - properties: - alg: - type: string - description: |- - The "alg" (algorithm) parameter identifies the algorithm intended for - use with the key. The values used should either be registered in the - IANA "JSON Web Signature and Encryption Algorithms" registry - established by [JWA] or be a value that contains a Collision- - Resistant Name. - example: RS256 - crv: - type: string - example: P-256 - d: - type: string - example: T_N8I-6He3M8a7X1vWt6TGIx4xB_GP3Mb4SsZSA4v-orvJzzRiQhLlRR81naWYxfQAYt5isDI6_C2L9bdWo4FFPjGQFvNoRX-_sBJyBI_rl-TBgsZYoUlAj3J92WmY2inbA-PwyJfsaIIDceYBC-eX-xiCu6qMqkZi3MwQAFL6bMdPEM0z4JBcwFT3VdiWAIRUuACWQwrXMq672x7fMuaIaHi7XDGgt1ith23CLfaREmJku9PQcchbt_uEY-hqrFY6ntTtS4paWWQj86xLL94S-Tf6v6xkL918PfLSOTq6XCzxvlFwzBJqApnAhbwqLjpPhgUG04EDRrqrSBc5Y1BLevn6Ip5h1AhessBp3wLkQgz_roeckt-ybvzKTjESMuagnpqLvOT7Y9veIug2MwPJZI2VjczRc1vzMs25XrFQ8DpUy-bNdp89TmvAXwctUMiJdgHloJw23Cv03gIUAkDnsTqZmkpbIf-crpgNKFmQP_EDKoe8p_PXZZgfbRri3NoEVGP7Mk6yEu8LjJhClhZaBNjuWw2-KlBfOA3g79mhfBnkInee5KO9mGR50qPk1V-MorUYNTFMZIm0kFE6eYVWFBwJHLKYhHU34DoiK1VP-svZpC2uAMFNA_UJEwM9CQ2b8qe4-5e9aywMvwcuArRkAB5mBIfOaOJao3mfukKAE - dp: - type: string - example: G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0 - dq: - type: string - example: s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk - e: - type: string - example: AQAB - k: - type: string - example: GawgguFyGrWKav7AX4VKUg - kid: - type: string - description: |- - The "kid" (key ID) parameter is used to match a specific key. This - is used, for instance, to choose among a set of keys within a JWK Set - during key rollover. The structure of the "kid" value is - unspecified. When "kid" values are used within a JWK Set, different - keys within the JWK Set SHOULD use distinct "kid" values. (One - example in which different keys might use the same "kid" value is if - they have different "kty" (key type) values but are considered to be - equivalent alternatives by the application using them.) The "kid" - value is a case-sensitive string. - example: 1603dfe0af8f4596 - kty: - type: string - description: |- - The "kty" (key type) parameter identifies the cryptographic algorithm - family used with the key, such as "RSA" or "EC". "kty" values should - either be registered in the IANA "JSON Web Key Types" registry - established by [JWA] or be a value that contains a Collision- - Resistant Name. The "kty" value is a case-sensitive string. - example: RSA - n: - type: string - example: vTqrxUyQPl_20aqf5kXHwDZrel-KovIp8s7ewJod2EXHl8tWlRB3_Rem34KwBfqlKQGp1nqah-51H4Jzruqe0cFP58hPEIt6WqrvnmJCXxnNuIB53iX_uUUXXHDHBeaPCSRoNJzNysjoJ30TIUsKBiirhBa7f235PXbKiHducLevV6PcKxJ5cY8zO286qJLBWSPm-OIevwqsIsSIH44Qtm9sioFikhkbLwoqwWORGAY0nl6XvVOlhADdLjBSqSAeT1FPuCDCnXwzCDR8N9IFB_IjdStFkC-rVt2K5BYfPd0c3yFp_vHR15eRd0zJ8XQ7woBC8Vnsac6Et1pKS59pX6256DPWu8UDdEOolKAPgcd_g2NpA76cAaF_jcT80j9KrEzw8Tv0nJBGesuCjPNjGs_KzdkWTUXt23Hn9QJsdc1MZuaW0iqXBepHYfYoqNelzVte117t4BwVp0kUM6we0IqyXClaZgOI8S-WDBw2_Ovdm8e5NmhYAblEVoygcX8Y46oH6bKiaCQfKCFDMcRgChme7AoE1yZZYsPbaG_3IjPrC4LBMHQw8rM9dWjJ8ImjicvZ1pAm0dx-KHCP3y5PVKrxBDf1zSOsBRkOSjB8TPODnJMz6-jd5hTtZxpZPwPoIdCanTZ3ZD6uRBpTmDwtpRGm63UQs1m5FWPwb0T2IF0 - p: - type: string - example: 6NbkXwDWUhi-eR55Cgbf27FkQDDWIamOaDr0rj1q0f1fFEz1W5A_09YvG09Fiv1AO2-D8Rl8gS1Vkz2i0zCSqnyy8A025XOcRviOMK7nIxE4OH_PEsko8dtIrb3TmE2hUXvCkmzw9EsTF1LQBOGC6iusLTXepIC1x9ukCKFZQvdgtEObQ5kzd9Nhq-cdqmSeMVLoxPLd1blviVT9Vm8-y12CtYpeJHOaIDtVPLlBhJiBoPKWg3vxSm4XxIliNOefqegIlsmTIa3MpS6WWlCK3yHhat0Q-rRxDxdyiVdG_wzJvp0Iw_2wms7pe-PgNPYvUWH9JphWP5K38YqEBiJFXQ - q: - type: string - example: 0A1FmpOWR91_RAWpqreWSavNaZb9nXeKiBo0DQGBz32DbqKqQ8S4aBJmbRhJcctjCLjain-ivut477tAUMmzJwVJDDq2MZFwC9Q-4VYZmFU4HJityQuSzHYe64RjN-E_NQ02TWhG3QGW6roq6c57c99rrUsETwJJiwS8M5p15Miuz53DaOjv-uqqFAFfywN5WkxHbraBcjHtMiQuyQbQqkCFh-oanHkwYNeytsNhTu2mQmwR5DR2roZ2nPiFjC6nsdk-A7E3S3wMzYYFw7jvbWWoYWo9vB40_MY2Y0FYQSqcDzcBIcq_0tnnasf3VW4Fdx6m80RzOb2Fsnln7vKXAQ - qi: - type: string - example: GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU - use: - type: string - description: |- - Use ("public key use") identifies the intended use of - the public key. The "use" parameter is employed to indicate whether - a public key is used for encrypting data or verifying the signature - on data. Values are commonly "sig" (signature) or "enc" (encryption). - example: sig - x: - type: string - example: f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU - x5c: - type: array - description: |- - The "x5c" (X.509 certificate chain) parameter contains a chain of one - or more PKIX certificates [RFC5280]. The certificate chain is - represented as a JSON array of certificate value strings. Each - string in the array is a base64-encoded (Section 4 of [RFC4648] -- - not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value. - The PKIX certificate containing the key value MUST be the first - certificate. - items: - type: string - y: - type: string - example: x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0 - description: |- - It is important that this model object is named JSONWebKey for - "swagger generate spec" to generate only on definition of a - JSONWebKey. - JSONWebKeySet: - type: object - properties: - keys: - type: array - description: |- - The value of the "keys" parameter is an array of JWK values. By - default, the order of the JWK values within the array does not imply - an order of preference among them, although applications of JWK Sets - can choose to assign a meaning to the order for their purposes, if - desired. - items: - $ref: '#/components/schemas/JSONWebKey' - description: |- - It is important that this model object is named JSONWebKeySet for - "swagger generate spec" to generate only on definition of a - JSONWebKeySet. Since one with the same name is previously defined as - client.Client.JSONWebKeys and this one is last, this one will be - effectively written in the swagger spec. - JoseJSONWebKeySet: - type: object - NullTime: - #title: NullTime implements sql.NullTime functionality. + title: JSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger. + NullBool: + nullable: true + type: boolean + NullDuration: + description: Specify a time duration in milliseconds, seconds, minutes, hours. + pattern: ^([0-9]+(ns|us|ms|s|m|h))*$ + title: Time duration type: string + NullInt: + nullable: true + type: integer + NullString: + nullable: true + type: string + NullTime: format: date-time - PluginConfig: - #title: PluginConfig The config of a plugin. - required: - - Args - - Description - - Documentation - - Entrypoint - - Env - - Interface - - IpcHost - - Linux - - Mounts - - Network - - PidHost - - PropagatedMount - - WorkDir - type: object - properties: - Args: - $ref: '#/components/schemas/PluginConfigArgs' - Description: - type: string - description: description - DockerVersion: - type: string - description: Docker Version used to create the plugin - Documentation: - type: string - description: documentation - Entrypoint: - type: array - description: entrypoint - items: - type: string - Env: - type: array - description: env - items: - $ref: '#/components/schemas/PluginEnv' - Interface: - $ref: '#/components/schemas/PluginConfigInterface' - IpcHost: - type: boolean - description: ipc host - Linux: - $ref: '#/components/schemas/PluginConfigLinux' - Mounts: - type: array - description: mounts - items: - $ref: '#/components/schemas/PluginMount' - Network: - $ref: '#/components/schemas/PluginConfigNetwork' - PidHost: - type: boolean - description: pid host - PropagatedMount: - type: string - description: propagated mount - User: - $ref: '#/components/schemas/PluginConfigUser' - WorkDir: - type: string - description: work dir - rootfs: - $ref: '#/components/schemas/PluginConfigRootfs' - PluginConfigArgs: - required: - - Description - - Name - - Settable - - Value - type: object - properties: - Description: - type: string - description: description - Name: - type: string - description: name - Settable: - type: array - description: settable - items: - type: string - Value: - type: array - description: value - items: - type: string - description: PluginConfigArgs plugin config args - PluginConfigInterface: - required: - - Socket - - Types - type: object - properties: - Socket: - type: string - description: socket - Types: - type: array - description: types - items: - $ref: '#/components/schemas/PluginInterfaceType' - description: PluginConfigInterface The interface between Docker and the plugin - PluginConfigLinux: - required: - - AllowAllDevices - - Capabilities - - Devices - type: object - properties: - AllowAllDevices: - type: boolean - description: allow all devices - Capabilities: - type: array - description: capabilities - items: - type: string - Devices: - type: array - description: devices - items: - $ref: '#/components/schemas/PluginDevice' - description: PluginConfigLinux plugin config linux - PluginConfigNetwork: - required: - - Type - type: object - properties: - Type: - type: string - description: type - description: PluginConfigNetwork plugin config network - PluginConfigRootfs: - type: object - properties: - diff_ids: - type: array - description: diff ids - items: - type: string - type: - type: string - description: type - description: PluginConfigRootfs plugin config rootfs - PluginConfigUser: - type: object - properties: - GID: - type: integer - description: g ID - format: uint32 - UID: - type: integer - description: UID - format: uint32 - description: PluginConfigUser plugin config user - PluginDevice: - required: - - Description - - Name - - Path - - Settable - type: object - properties: - Description: - type: string - description: description - Name: - type: string - description: name - Path: - type: string - description: path - Settable: - type: array - description: settable - items: - type: string - description: PluginDevice plugin device - PluginEnv: - required: - - Description - - Name - - Settable - - Value - type: object - properties: - Description: - type: string - description: description - Name: - type: string - description: name - Settable: - type: array - description: settable - items: - type: string - Value: - type: string - description: value - description: PluginEnv plugin env - PluginInterfaceType: - required: - - Capability - - Prefix - - Version - type: object - properties: - Capability: - type: string - description: capability - Prefix: - type: string - description: prefix - Version: - type: string - description: version - description: PluginInterfaceType plugin interface type - PluginMount: - required: - - Description - - Destination - - Name - - Options - - Settable - - Source - - Type - type: object - properties: - Description: - type: string - description: description - Destination: - type: string - description: destination - Name: - type: string - description: name - Options: - type: array - description: options - items: - type: string - Settable: - type: array - description: settable - items: - type: string - Source: - type: string - description: source - Type: - type: string - description: type - description: PluginMount plugin mount - PluginSettings: - #title: PluginSettings Settings that can be modified by users. - required: - - Args - - Devices - - Env - - Mounts - type: object - properties: - Args: - type: array - description: args - items: - type: string - Devices: - type: array - description: devices - items: - $ref: '#/components/schemas/PluginDevice' - Env: - type: array - description: env - items: - type: string - Mounts: - type: array - description: mounts - items: - $ref: '#/components/schemas/PluginMount' - PreviousConsentSession: - type: object - properties: - consent_request: - $ref: '#/components/schemas/consentRequest' - grant_access_token_audience: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - grant_scope: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - handled_at: - $ref: '#/components/schemas/NullTime' - remember: - type: boolean - description: |- - Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same - client asks the same user for the same, or a subset of, scope. - remember_for: - type: integer - description: |- - RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the - authorization will be remembered indefinitely. - format: int64 - session: - $ref: '#/components/schemas/consentRequestSession' - description: |- - The response used to return used consent requests - same as HandledLoginRequest, just with consent_request exposed as json - StringSlicePipeDelimiter: - #title: StringSlicePipeDelimiter de/encodes the string slice to/from a SQL string. - type: array + nullable: true + type: string + NullUUID: + format: uuid4 + nullable: true + type: string + StringSliceJSONFormat: items: type: string - VolumeUsageData: - required: - - RefCount - - Size - type: object - properties: - RefCount: - type: integer - description: |- - The number of containers referencing this volume. This field - is set to `-1` if the reference-count is not available. - format: int64 - Size: - type: integer - description: |- - Amount of disk space used by the volume (in bytes). This information - is only available for volumes created with the `"local"` volume - driver. For volumes created with other volume drivers, this field - is set to `-1` ("not available") - format: int64 - description: |- - VolumeUsageData Usage details about the volume. This information is used by the - `GET /system/df` endpoint, and omitted in other endpoints. - acceptConsentRequest: - #title: The request payload used to accept a consent request. - type: object + title: StringSliceJSONFormat represents []string{} which is encoded to/from JSON for SQL storage. + type: array + Time: + format: date-time + type: string + UUID: + format: uuid4 + type: string + acceptOAuth2ConsentRequest: properties: grant_access_token_audience: - $ref: '#/components/schemas/StringSlicePipeDelimiter' + $ref: '#/components/schemas/StringSliceJSONFormat' grant_scope: - $ref: '#/components/schemas/StringSlicePipeDelimiter' + $ref: '#/components/schemas/StringSliceJSONFormat' handled_at: - $ref: '#/components/schemas/NullTime' + $ref: '#/components/schemas/nullTime' remember: - type: boolean description: |- Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same client asks the same user for the same, or a subset of, scope. + type: boolean remember_for: - type: integer description: |- RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the authorization will be remembered indefinitely. format: int64 + type: integer session: - $ref: '#/components/schemas/consentRequestSession' - acceptLoginRequest: - #title: HandledLoginRequest is the request payload used to accept a login request. - required: - - subject + $ref: '#/components/schemas/acceptOAuth2ConsentRequestSession' + title: The request payload used to accept a consent request. type: object + acceptOAuth2ConsentRequestSession: + properties: + access_token: + description: |- + AccessToken sets session data for the access and refresh token, as well as any future tokens issued by the + refresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection. + If only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties + can access that endpoint as well, sensitive data from the session might be exposed to them. Use with care! + id_token: + description: |- + IDToken sets session data for the OpenID Connect ID token. Keep in mind that the session'id payloads are readable + by anyone that has access to the ID Challenge. Use with care! + title: Pass session data to a consent request. + type: object + acceptOAuth2LoginRequest: properties: acr: - type: string description: |- ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication. + type: string + amr: + $ref: '#/components/schemas/StringSliceJSONFormat' context: $ref: '#/components/schemas/JSONRawMessage' force_subject_identifier: - type: string description: |- ForceSubjectIdentifier forces the "pairwise" user ID of the end-user that authenticated. The "pairwise" user ID refers to the (Pairwise Identifier Algorithm)[http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg] of the OpenID @@ -2082,408 +133,152 @@ components: other unique value). If you fail to compute the proper value, then authentication processes which have id_token_hint set might fail. + type: string remember: - type: boolean description: |- Remember, if set to true, tells ORY Hydra to remember this user by telling the user agent (browser) to store a cookie with authentication data. If the same user performs another OAuth 2.0 Authorization Request, he/she will not be asked to log in again. + type: boolean remember_for: - type: integer description: |- RememberFor sets how long the authentication should be remembered for in seconds. If set to `0`, the authorization will be remembered for the duration of the browser session (using a session cookie). format: int64 - subject: - type: string - description: Subject is the user ID of the end-user that authenticated. - completedRequest: - #title: The response payload sent when accepting or rejecting a login or consent - # request. - required: - - redirect_to - type: object - properties: - redirect_to: - type: string - description: RedirectURL is the URL which you should redirect the user to - once the authentication process is completed. - consentRequest: - #title: Contains information on an ongoing consent request. - required: - - challenge - type: object - properties: - acr: - type: string - description: |- - ACR represents the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it - to express that, for example, a user authenticated using two factor authentication. - challenge: - type: string - description: |- - ID is the identifier ("authorization challenge") of the consent authorization request. It is used to - identify the session. - client: - $ref: '#/components/schemas/oAuth2Client' - context: - $ref: '#/components/schemas/JSONRawMessage' - login_challenge: - type: string - description: |- - LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate - a login and consent request in the login & consent app. - login_session_id: - type: string - description: |- - LoginSessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) - this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) - this will be a new random value. This value is used as the "sid" parameter in the ID Token and in OIDC Front-/Back- - channel logout. It's value can generally be used to associate consecutive login requests by a certain user. - oidc_context: - $ref: '#/components/schemas/openIDConnectContext' - request_url: - type: string - description: |- - RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which - initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but - might come in handy if you want to deal with additional request parameters. - requested_access_token_audience: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - requested_scope: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - skip: - type: boolean - description: |- - Skip, if true, implies that the client has requested the same scopes from the same user previously. - If true, you must not ask the user to grant the requested scopes. You must however either allow or deny the - consent request using the usual API call. - subject: - type: string - description: |- - Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope - requested by the OAuth 2.0 client. - consentRequestSession: - #title: Used to pass session data to a consent request. - type: object - properties: - access_token: - type: object - properties: {} - description: |- - AccessToken sets session data for the access and refresh token, as well as any future tokens issued by the - refresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection. - If only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties - can access that endpoint as well, sensitive data from the session might be exposed to them. Use with care! - id_token: - type: object - properties: {} - description: |- - IDToken sets session data for the OpenID Connect ID token. Keep in mind that the session'id payloads are readable - by anyone that has access to the ID Challenge. Use with care! - flushInactiveOAuth2TokensRequest: - type: object - properties: - notAfter: - type: string - description: |- - NotAfter sets after which point tokens should not be flushed. This is useful when you want to keep a history - of recently issued tokens for auditing. - format: date-time - genericError: - #title: Error response - required: - - error - type: object - properties: - debug: - type: string - description: Debug contains debug information. This is usually not available - and has to be enabled. - example: The database adapter was unable to find the element - error: - type: string - description: Name is the error name. - example: The requested resource could not be found - error_description: - type: string - description: Description contains further information on the nature of the - error. - example: Object with ID 12345 does not exist - status_code: type: integer - description: Code represents the error status code (404, 403, 401, ...). - format: int64 - example: 404 - description: Error responses are sent when an error (e.g. unauthorized, bad - request, ...) occurred. - healthNotReadyStatus: - type: object - properties: - errors: - type: object - additionalProperties: - type: string - description: Errors contains a list of errors that caused the not ready - status. - healthStatus: - type: object - properties: - status: + subject: + description: Subject is the user ID of the end-user that authenticated. type: string - description: Status always contains "ok". - jsonWebKeySetGeneratorRequest: required: - - alg - - kid - - use + - subject + title: HandledLoginRequest is the request payload used to accept a login request. type: object + createJsonWebKeySet: + description: Create JSON Web Key Set Request Body properties: alg: - type: string - description: The algorithm to be used for creating the key. Supports "RS256", - "ES512", "HS512", and "HS256" - kid: - type: string - description: The kid of the key to be created - use: - type: string description: |- + JSON Web Key Algorithm + + The algorithm to be used for creating the key. Supports `RS256`, `ES256`, `ES512`, `HS512`, and `HS256`. + type: string + kid: + description: |- + JSON Web Key ID + + The Key ID of the key to be created. + type: string + use: + description: |- + JSON Web Key Use + The "use" (public key use) parameter identifies the intended use of the public key. The "use" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Valid values are "enc" and "sig". - loginRequest: - #title: Contains information on an ongoing login request. + type: string required: - - challenge - - client - - request_url - - requested_access_token_audience - - requested_scope - - skip - - subject + - alg + - use + - kid type: object + errorOAuth2: + description: Error properties: - challenge: + error: + description: Error type: string + error_debug: description: |- - ID is the identifier ("login challenge") of the login request. It is used to - identify the session. - client: - $ref: '#/components/schemas/oAuth2Client' - oidc_context: - $ref: '#/components/schemas/openIDConnectContext' - request_url: - type: string - description: |- - RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which - initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but - might come in handy if you want to deal with additional request parameters. - requested_access_token_audience: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - requested_scope: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - session_id: - type: string - description: |- - SessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) - this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) - this will be a new random value. This value is used as the "sid" parameter in the ID Token and in OIDC Front-/Back- - channel logout. It's value can generally be used to associate consecutive login requests by a certain user. - skip: - type: boolean - description: |- - Skip, if true, implies that the client has requested the same scopes from the same user previously. - If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL. + Error Debug Information - This feature allows you to update / set session information. - subject: + Only available in dev mode. type: string + error_description: + description: Error Description + type: string + error_hint: description: |- - Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope - requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type - when accepting the login request, or the request will fail. - logoutRequest: - #title: Contains information about an ongoing logout request. - type: object - properties: - request_url: - type: string - description: RequestURL is the original Logout URL requested. - rp_initiated: - type: boolean - description: RPInitiated is set to true if the request was initiated by - a Relying Party (RP), also known as an OAuth 2.0 Client. - sid: - type: string - description: SessionID is the login session ID that was requested to log - out. - subject: - type: string - description: Subject is the user for whom the logout was request. - oAuth2Client: - #title: Client represents an OAuth 2.0 Client. - type: object - properties: - allowed_cors_origins: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - audience: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - backchannel_logout_session_required: - type: boolean - description: |- - Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout - Token to identify the RP session with the OP when the backchannel_logout_uri is used. - If omitted, the default value is false. - backchannel_logout_uri: - type: string - description: RP URL that will cause the RP to log itself out when sent a - Logout Token by the OP. - client_id: - type: string - description: ID is the id for this client. - client_name: - type: string - description: |- - Name is the human-readable string name of the client to be presented to the - end-user during authorization. - client_secret: - type: string - description: |- - Secret is the client's secret. The secret will be included in the create request as cleartext, and then - never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users - that they need to write the secret down as it will not be made available again. - client_secret_expires_at: - type: integer - description: |- - SecretExpiresAt is an integer holding the time at which the client - secret will expire or 0 if it will not expire. The time is - represented as the number of seconds from 1970-01-01T00:00:00Z as - measured in UTC until the date/time of expiration. + Error Hint - This feature is currently not supported and it's value will always - be set to 0. + Helps the user identify the error cause. + example: The redirect URL is not allowed. + type: string + status_code: + description: HTTP Status Code + example: 401 format: int64 - client_uri: - type: string - description: |- - ClientURI is an URL string of a web page providing information about the client. - If present, the server SHOULD display this URL to the end-user in - a clickable fashion. - contacts: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - created_at: - type: string - description: CreatedAt returns the timestamp of the client's creation. - format: date-time - frontchannel_logout_session_required: - type: boolean - description: |- - Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be - included to identify the RP session with the OP when the frontchannel_logout_uri is used. - If omitted, the default value is false. - frontchannel_logout_uri: - type: string - description: |- - RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query - parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the - request and to determine which of the potentially multiple sessions is to be logged out; if either is - included, both MUST be. - grant_types: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - jwks: - $ref: '#/components/schemas/JoseJSONWebKeySet' - jwks_uri: - type: string - description: |- - URL for the Client's JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains - the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the - Client's encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing - and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced - JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both - signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used - to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST - match those in the certificate. - logo_uri: - type: string - description: LogoURI is an URL string that references a logo for the client. - metadata: - $ref: '#/components/schemas/JSONRawMessage' - owner: - type: string - description: Owner is a string identifying the owner of the OAuth 2.0 Client. - policy_uri: - type: string - description: |- - PolicyURI is a URL string that points to a human-readable privacy policy document - that describes how the deployment organization collects, uses, - retains, and discloses personal data. - post_logout_redirect_uris: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - redirect_uris: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - request_object_signing_alg: - type: string - description: |- - JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects - from this Client MUST be rejected, if not signed with this algorithm. - request_uris: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - response_types: - $ref: '#/components/schemas/StringSlicePipeDelimiter' - scope: - pattern: ([a-zA-Z0-9\.\*]+\s?)+ - type: string - description: |- - Scope is a string containing a space-separated list of scope values (as - described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client - can use when requesting access tokens. - sector_identifier_uri: - type: string - description: |- - URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a - file with a single JSON array of redirect_uri values. - subject_type: - type: string - description: |- - SubjectType requested for responses to this Client. The subject_types_supported Discovery parameter contains a - list of the supported subject_type values for this server. Valid types include `pairwise` and `public`. - token_endpoint_auth_method: - type: string - description: |- - Requested Client Authentication method for the Token Endpoint. The options are client_secret_post, - client_secret_basic, private_key_jwt, and none. - token_endpoint_auth_signing_alg: - type: string - description: Requested Client Authentication signing algorithm for the Token - Endpoint. - tos_uri: - type: string - description: |- - TermsOfServiceURI is a URL string that points to a human-readable terms of service - document for the client that describes a contractual relationship - between the end-user and the client that the end-user accepts when - authorizing the client. - updated_at: - type: string - description: UpdatedAt returns the timestamp of the last update. - format: date-time - userinfo_signed_response_alg: - type: string - description: |- - JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT - [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims - as a UTF-8 encoded JSON object using the application/json content-type. - oAuth2TokenIntrospection: - #title: 'Introspection contains an access token''s session data as specified - # by IETF RFC 7662, see:' - required: - - active + type: integer type: object + genericError: + properties: + code: + description: The status code + example: 404 + format: int64 + type: integer + debug: + description: |- + Debug information + + This field is often not exposed to protect against leaking + sensitive information. + example: SQL field "foo" is not a bool. + type: string + details: + description: Further error details + id: + description: |- + The error ID + + Useful when trying to identify various errors in application logic. + type: string + message: + description: |- + Error message + + The error's message. + example: The resource could not be found + type: string + reason: + description: A human-readable reason for the error + example: User with ID 1234 does not exist. + type: string + request: + description: |- + The request ID + + The request ID is often exposed internally in order to trace + errors across service architectures. This is often a UUID. + example: d7ef54b1-ec15-46e6-bccb-524b82c035e6 + type: string + status: + description: The status description + example: Not Found + type: string + required: + - message + type: object + healthNotReadyStatus: + properties: + errors: + additionalProperties: + type: string + description: Errors contains a list of errors that caused the not ready status. + type: object + type: object + healthStatus: + properties: + status: + description: Status always contains "ok". + type: string + type: object + introspectedOAuth2Token: + description: |- + Introspection contains an access token's session data as specified by + [IETF RFC 7662](https://tools.ietf.org/html/rfc7662) properties: active: - type: boolean description: |- Active is a boolean indicator of whether or not the presented token is currently active. The specifics of a token's "active" state @@ -2494,95 +289,563 @@ components: has not been revoked by the resource owner, and is within its given time window of validity (e.g., after its issuance time and before its expiration time). + type: boolean aud: - type: array description: Audience contains a list of the token's intended audiences. items: type: string + type: array client_id: - type: string description: |- ID is aclient identifier for the OAuth 2.0 client that requested this token. + type: string exp: - type: integer description: |- Expires at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token will expire. format: int64 - ext: - type: object - properties: {} - description: Extra is arbitrary data set by the session. - iat: type: integer + ext: + additionalProperties: {} + description: Extra is arbitrary data set by the session. + type: object + iat: description: |- Issued at is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token was originally issued. format: int64 - iss: - type: string - description: IssuerURL is a string representing the issuer of this token - nbf: type: integer + iss: + description: IssuerURL is a string representing the issuer of this token + type: string + nbf: description: |- NotBefore is an integer timestamp, measured in the number of seconds since January 1 1970 UTC, indicating when this token is not to be used before. format: int64 + type: integer obfuscated_subject: - type: string description: |- ObfuscatedSubject is set when the subject identifier algorithm was set to "pairwise" during authorization. It is the `sub` value of the ID Token that was issued. - scope: type: string + scope: description: |- Scope is a JSON string containing a space-separated list of scopes associated with this token. - sub: type: string + sub: description: |- Subject of the token, as defined in JWT [RFC7519]. Usually a machine-readable identifier of the resource owner who authorized this token. + type: string token_type: - type: string description: TokenType is the introspected token's type, typically `Bearer`. + type: string token_use: + description: TokenUse is the introspected token's use, for example `access_token` or `refresh_token`. type: string - description: TokenUse is the introspected token's use, for example `access_token` - or `refresh_token`. username: - type: string description: |- Username is a human-readable identifier for the resource owner who authorized this token. - description: https://tools.ietf.org/html/rfc7662 - oauth2TokenResponse: + type: string + required: + - active type: object + jsonPatch: + description: A JSONPatch document as defined by RFC 6902 properties: - access_token: + from: + description: |- + This field is used together with operation "move" and uses JSON Pointer notation. + + Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). + example: /name type: string - expires_in: - type: integer - format: int64 - id_token: + op: + description: The operation to be performed. One of "add", "remove", "replace", "move", "copy", or "test". + example: replace type: string - refresh_token: + path: + description: |- + The path to the target path. Uses JSON pointer notation. + + Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). + example: /name type: string - scope: - type: string - token_type: - type: string - description: The Access Token Response - openIDConnectContext: - #title: Contains optional information about the OpenID Connect request. + value: + description: |- + The value to be used within the operations. + + Learn more [about JSON Pointers](https://datatracker.ietf.org/doc/html/rfc6901#section-5). + example: foobar + required: + - op + - path type: object + jsonPatchDocument: + description: A JSONPatchDocument request + items: + $ref: '#/components/schemas/jsonPatch' + type: array + jsonWebKey: + properties: + alg: + description: |- + The "alg" (algorithm) parameter identifies the algorithm intended for + use with the key. The values used should either be registered in the + IANA "JSON Web Signature and Encryption Algorithms" registry + established by [JWA] or be a value that contains a Collision- + Resistant Name. + example: RS256 + type: string + crv: + example: P-256 + type: string + d: + example: T_N8I-6He3M8a7X1vWt6TGIx4xB_GP3Mb4SsZSA4v-orvJzzRiQhLlRR81naWYxfQAYt5isDI6_C2L9bdWo4FFPjGQFvNoRX-_sBJyBI_rl-TBgsZYoUlAj3J92WmY2inbA-PwyJfsaIIDceYBC-eX-xiCu6qMqkZi3MwQAFL6bMdPEM0z4JBcwFT3VdiWAIRUuACWQwrXMq672x7fMuaIaHi7XDGgt1ith23CLfaREmJku9PQcchbt_uEY-hqrFY6ntTtS4paWWQj86xLL94S-Tf6v6xkL918PfLSOTq6XCzxvlFwzBJqApnAhbwqLjpPhgUG04EDRrqrSBc5Y1BLevn6Ip5h1AhessBp3wLkQgz_roeckt-ybvzKTjESMuagnpqLvOT7Y9veIug2MwPJZI2VjczRc1vzMs25XrFQ8DpUy-bNdp89TmvAXwctUMiJdgHloJw23Cv03gIUAkDnsTqZmkpbIf-crpgNKFmQP_EDKoe8p_PXZZgfbRri3NoEVGP7Mk6yEu8LjJhClhZaBNjuWw2-KlBfOA3g79mhfBnkInee5KO9mGR50qPk1V-MorUYNTFMZIm0kFE6eYVWFBwJHLKYhHU34DoiK1VP-svZpC2uAMFNA_UJEwM9CQ2b8qe4-5e9aywMvwcuArRkAB5mBIfOaOJao3mfukKAE + type: string + dp: + example: G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0 + type: string + dq: + example: s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk + type: string + e: + example: AQAB + type: string + k: + example: GawgguFyGrWKav7AX4VKUg + type: string + kid: + description: |- + The "kid" (key ID) parameter is used to match a specific key. This + is used, for instance, to choose among a set of keys within a JWK Set + during key rollover. The structure of the "kid" value is + unspecified. When "kid" values are used within a JWK Set, different + keys within the JWK Set SHOULD use distinct "kid" values. (One + example in which different keys might use the same "kid" value is if + they have different "kty" (key type) values but are considered to be + equivalent alternatives by the application using them.) The "kid" + value is a case-sensitive string. + example: 1603dfe0af8f4596 + type: string + kty: + description: |- + The "kty" (key type) parameter identifies the cryptographic algorithm + family used with the key, such as "RSA" or "EC". "kty" values should + either be registered in the IANA "JSON Web Key Types" registry + established by [JWA] or be a value that contains a Collision- + Resistant Name. The "kty" value is a case-sensitive string. + example: RSA + type: string + 'n': + example: vTqrxUyQPl_20aqf5kXHwDZrel-KovIp8s7ewJod2EXHl8tWlRB3_Rem34KwBfqlKQGp1nqah-51H4Jzruqe0cFP58hPEIt6WqrvnmJCXxnNuIB53iX_uUUXXHDHBeaPCSRoNJzNysjoJ30TIUsKBiirhBa7f235PXbKiHducLevV6PcKxJ5cY8zO286qJLBWSPm-OIevwqsIsSIH44Qtm9sioFikhkbLwoqwWORGAY0nl6XvVOlhADdLjBSqSAeT1FPuCDCnXwzCDR8N9IFB_IjdStFkC-rVt2K5BYfPd0c3yFp_vHR15eRd0zJ8XQ7woBC8Vnsac6Et1pKS59pX6256DPWu8UDdEOolKAPgcd_g2NpA76cAaF_jcT80j9KrEzw8Tv0nJBGesuCjPNjGs_KzdkWTUXt23Hn9QJsdc1MZuaW0iqXBepHYfYoqNelzVte117t4BwVp0kUM6we0IqyXClaZgOI8S-WDBw2_Ovdm8e5NmhYAblEVoygcX8Y46oH6bKiaCQfKCFDMcRgChme7AoE1yZZYsPbaG_3IjPrC4LBMHQw8rM9dWjJ8ImjicvZ1pAm0dx-KHCP3y5PVKrxBDf1zSOsBRkOSjB8TPODnJMz6-jd5hTtZxpZPwPoIdCanTZ3ZD6uRBpTmDwtpRGm63UQs1m5FWPwb0T2IF0 + type: string + p: + example: 6NbkXwDWUhi-eR55Cgbf27FkQDDWIamOaDr0rj1q0f1fFEz1W5A_09YvG09Fiv1AO2-D8Rl8gS1Vkz2i0zCSqnyy8A025XOcRviOMK7nIxE4OH_PEsko8dtIrb3TmE2hUXvCkmzw9EsTF1LQBOGC6iusLTXepIC1x9ukCKFZQvdgtEObQ5kzd9Nhq-cdqmSeMVLoxPLd1blviVT9Vm8-y12CtYpeJHOaIDtVPLlBhJiBoPKWg3vxSm4XxIliNOefqegIlsmTIa3MpS6WWlCK3yHhat0Q-rRxDxdyiVdG_wzJvp0Iw_2wms7pe-PgNPYvUWH9JphWP5K38YqEBiJFXQ + type: string + q: + example: 0A1FmpOWR91_RAWpqreWSavNaZb9nXeKiBo0DQGBz32DbqKqQ8S4aBJmbRhJcctjCLjain-ivut477tAUMmzJwVJDDq2MZFwC9Q-4VYZmFU4HJityQuSzHYe64RjN-E_NQ02TWhG3QGW6roq6c57c99rrUsETwJJiwS8M5p15Miuz53DaOjv-uqqFAFfywN5WkxHbraBcjHtMiQuyQbQqkCFh-oanHkwYNeytsNhTu2mQmwR5DR2roZ2nPiFjC6nsdk-A7E3S3wMzYYFw7jvbWWoYWo9vB40_MY2Y0FYQSqcDzcBIcq_0tnnasf3VW4Fdx6m80RzOb2Fsnln7vKXAQ + type: string + qi: + example: GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU + type: string + use: + description: |- + Use ("public key use") identifies the intended use of + the public key. The "use" parameter is employed to indicate whether + a public key is used for encrypting data or verifying the signature + on data. Values are commonly "sig" (signature) or "enc" (encryption). + example: sig + type: string + x: + example: f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU + type: string + x5c: + description: |- + The "x5c" (X.509 certificate chain) parameter contains a chain of one + or more PKIX certificates [RFC5280]. The certificate chain is + represented as a JSON array of certificate value strings. Each + string in the array is a base64-encoded (Section 4 of [RFC4648] -- + not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value. + The PKIX certificate containing the key value MUST be the first + certificate. + items: + type: string + type: array + 'y': + example: x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0 + type: string + required: + - use + - kty + - kid + - alg + type: object + jsonWebKeySet: + description: JSON Web Key Set + properties: + keys: + description: |- + List of JSON Web Keys + + The value of the "keys" parameter is an array of JSON Web Key (JWK) + values. By default, the order of the JWK values within the array does + not imply an order of preference among them, although applications + of JWK Sets can choose to assign a meaning to the order for their + purposes, if desired. + items: + $ref: '#/components/schemas/jsonWebKey' + type: array + type: object + nullDuration: + nullable: true + pattern: ^[0-9]+(ns|us|ms|s|m|h)$ + type: string + nullInt64: + nullable: true + type: integer + nullTime: + format: date-time + title: NullTime implements sql.NullTime functionality. + type: string + oAuth2Client: + description: |- + OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + properties: + allowed_cors_origins: + $ref: '#/components/schemas/StringSliceJSONFormat' + audience: + $ref: '#/components/schemas/StringSliceJSONFormat' + authorization_code_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + authorization_code_grant_id_token_lifespan: + $ref: '#/components/schemas/NullDuration' + authorization_code_grant_refresh_token_lifespan: + $ref: '#/components/schemas/NullDuration' + backchannel_logout_session_required: + description: |- + OpenID Connect Back-Channel Logout Session Required + + Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout + Token to identify the RP session with the OP when the backchannel_logout_uri is used. + If omitted, the default value is false. + type: boolean + backchannel_logout_uri: + description: |- + OpenID Connect Back-Channel Logout URI + + RP URL that will cause the RP to log itself out when sent a Logout Token by the OP. + type: string + client_credentials_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + client_id: + description: |- + OAuth 2.0 Client ID + + The ID is autogenerated and immutable. + type: string + client_name: + description: |- + OAuth 2.0 Client Name + + The human-readable name of the client to be presented to the + end-user during authorization. + type: string + client_secret: + description: |- + OAuth 2.0 Client Secret + + The secret will be included in the create request as cleartext, and then + never again. The secret is kept in hashed format and is not recoverable once lost. + type: string + client_secret_expires_at: + description: |- + OAuth 2.0 Client Secret Expires At + + The field is currently not supported and its value is always 0. + format: int64 + type: integer + client_uri: + description: |- + OAuth 2.0 Client URI + + ClientURI is a URL string of a web page providing information about the client. + If present, the server SHOULD display this URL to the end-user in + a clickable fashion. + type: string + contacts: + $ref: '#/components/schemas/StringSliceJSONFormat' + created_at: + description: |- + OAuth 2.0 Client Creation Date + + CreatedAt returns the timestamp of the client's creation. + format: date-time + type: string + frontchannel_logout_session_required: + description: |- + OpenID Connect Front-Channel Logout Session Required + + Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be + included to identify the RP session with the OP when the frontchannel_logout_uri is used. + If omitted, the default value is false. + type: boolean + frontchannel_logout_uri: + description: |- + OpenID Connect Front-Channel Logout URI + + RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query + parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the + request and to determine which of the potentially multiple sessions is to be logged out; if either is + included, both MUST be. + type: string + grant_types: + $ref: '#/components/schemas/StringSliceJSONFormat' + implicit_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + implicit_grant_id_token_lifespan: + $ref: '#/components/schemas/NullDuration' + jwks: + description: |- + OAuth 2.0 Client JSON Web Key Set + + Client's JSON Web Key Set [JWK] document, passed by value. The semantics of the jwks parameter are the same as + the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter + is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for + instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client + can use jwks_uri, it MUST NOT use jwks. One significant downside of jwks is that it does not enable key rotation + (which jwks_uri does, as described in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). The jwks_uri and jwks + parameters MUST NOT be used together. + jwks_uri: + description: |- + OAuth 2.0 Client JSON Web Key Set URL + + URL for the Client's JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains + the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the + Client's encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing + and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced + JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both + signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used + to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST + match those in the certificate. + type: string + jwt_bearer_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + logo_uri: + description: |- + OAuth 2.0 Client Logo URI + + A URL string referencing the client's logo. + type: string + metadata: + $ref: '#/components/schemas/JSONRawMessage' + owner: + description: |- + OAuth 2.0 Client Owner + + Owner is a string identifying the owner of the OAuth 2.0 Client. + type: string + policy_uri: + description: |- + OAuth 2.0 Client Policy URI + + PolicyURI is a URL string that points to a human-readable privacy policy document + that describes how the deployment organization collects, uses, + retains, and discloses personal data. + type: string + post_logout_redirect_uris: + $ref: '#/components/schemas/StringSliceJSONFormat' + redirect_uris: + $ref: '#/components/schemas/StringSliceJSONFormat' + refresh_token_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + refresh_token_grant_id_token_lifespan: + $ref: '#/components/schemas/NullDuration' + refresh_token_grant_refresh_token_lifespan: + $ref: '#/components/schemas/NullDuration' + registration_access_token: + description: |- + OpenID Connect Dynamic Client Registration Access Token + + RegistrationAccessToken can be used to update, get, or delete the OAuth2 Client. It is sent when creating a client + using Dynamic Client Registration. + type: string + registration_client_uri: + description: |- + OpenID Connect Dynamic Client Registration URL + + RegistrationClientURI is the URL used to update, get, or delete the OAuth2 Client. + type: string + request_object_signing_alg: + description: |- + OpenID Connect Request Object Signing Algorithm + + JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects + from this Client MUST be rejected, if not signed with this algorithm. + type: string + request_uris: + $ref: '#/components/schemas/StringSliceJSONFormat' + response_types: + $ref: '#/components/schemas/StringSliceJSONFormat' + scope: + description: |- + OAuth 2.0 Client Scope + + Scope is a string containing a space-separated list of scope values (as + described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client + can use when requesting access tokens. + example: scope1 scope-2 scope.3 scope:4 + type: string + sector_identifier_uri: + description: |- + OpenID Connect Sector Identifier URI + + URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a + file with a single JSON array of redirect_uri values. + type: string + subject_type: + description: |- + OpenID Connect Subject Type + + The `subject_types_supported` Discovery parameter contains a + list of the supported subject_type values for this server. Valid types include `pairwise` and `public`. + type: string + token_endpoint_auth_method: + description: |- + OAuth 2.0 Token Endpoint Authentication Method + + Requested Client Authentication method for the Token Endpoint. The options are: + + `client_secret_post`: (default) Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` in the HTTP body. + `client_secret_basic`: Send `client_id` and `client_secret` as `application/x-www-form-urlencoded` encoded in the HTTP Authorization header. + `private_key_jwt`: Use JSON Web Tokens to authenticate the client. + `none`: Used for public clients (native apps, mobile apps) which can not have secrets. + type: string + token_endpoint_auth_signing_alg: + description: |- + OAuth 2.0 Token Endpoint Signing Algorithm + + Requested Client Authentication signing algorithm for the Token Endpoint. + type: string + tos_uri: + description: |- + OAuth 2.0 Client Terms of Service URI + + A URL string pointing to a human-readable terms of service + document for the client that describes a contractual relationship + between the end-user and the client that the end-user accepts when + authorizing the client. + type: string + updated_at: + description: |- + OAuth 2.0 Client Last Update Date + + UpdatedAt returns the timestamp of the last update. + format: date-time + type: string + userinfo_signed_response_alg: + description: |- + OpenID Connect Request Userinfo Signed Response Algorithm + + JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT + [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims + as a UTF-8 encoded JSON object using the application/json content-type. + type: string + title: OAuth 2.0 Client + type: object + oAuth2ClientTokenLifespans: + description: Lifespans of different token types issued for this OAuth 2.0 Client. + properties: + authorization_code_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + authorization_code_grant_id_token_lifespan: + $ref: '#/components/schemas/NullDuration' + authorization_code_grant_refresh_token_lifespan: + $ref: '#/components/schemas/NullDuration' + client_credentials_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + implicit_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + implicit_grant_id_token_lifespan: + $ref: '#/components/schemas/NullDuration' + jwt_bearer_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + refresh_token_grant_access_token_lifespan: + $ref: '#/components/schemas/NullDuration' + refresh_token_grant_id_token_lifespan: + $ref: '#/components/schemas/NullDuration' + refresh_token_grant_refresh_token_lifespan: + $ref: '#/components/schemas/NullDuration' + title: OAuth 2.0 Client Token Lifespans + type: object + oAuth2ConsentRequest: + properties: + acr: + description: |- + ACR represents the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it + to express that, for example, a user authenticated using two factor authentication. + type: string + amr: + $ref: '#/components/schemas/StringSliceJSONFormat' + challenge: + description: |- + ID is the identifier ("authorization challenge") of the consent authorization request. It is used to + identify the session. + type: string + client: + $ref: '#/components/schemas/oAuth2Client' + context: + $ref: '#/components/schemas/JSONRawMessage' + login_challenge: + description: |- + LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate + a login and consent request in the login & consent app. + type: string + login_session_id: + description: |- + LoginSessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) + this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) + this will be a new random value. This value is used as the "sid" parameter in the ID Token and in OIDC Front-/Back- + channel logout. It's value can generally be used to associate consecutive login requests by a certain user. + type: string + oidc_context: + $ref: '#/components/schemas/oAuth2ConsentRequestOpenIDConnectContext' + request_url: + description: |- + RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which + initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but + might come in handy if you want to deal with additional request parameters. + type: string + requested_access_token_audience: + $ref: '#/components/schemas/StringSliceJSONFormat' + requested_scope: + $ref: '#/components/schemas/StringSliceJSONFormat' + skip: + description: |- + Skip, if true, implies that the client has requested the same scopes from the same user previously. + If true, you must not ask the user to grant the requested scopes. You must however either allow or deny the + consent request using the usual API call. + type: boolean + subject: + description: |- + Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope + requested by the OAuth 2.0 client. + type: string + required: + - challenge + title: Contains information on an ongoing consent request. + type: object + oAuth2ConsentRequestOpenIDConnectContext: properties: acr_values: - type: array description: |- ACRValues is the Authentication AuthorizationContext Class Reference requested in the OAuth 2.0 Authorization request. It is a parameter defined by OpenID Connect and expresses which level of authentication (e.g. 2FA) is required. @@ -2595,8 +858,8 @@ components: Voluntary Claim by this parameter. items: type: string + type: array display: - type: string description: |- Display is a string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. The defined values are: @@ -2606,21 +869,21 @@ components: wap: The Authorization Server SHOULD display the authentication and consent UI consistent with a "feature phone" type display. The Authorization Server MAY also attempt to detect the capabilities of the User Agent and present an appropriate display. + type: string id_token_hint_claims: - type: object - properties: {} + additionalProperties: {} description: |- IDTokenHintClaims are the claims of the ID Token previously issued by the Authorization Server being passed as a hint about the End-User's current or past authenticated session with the Client. + type: object login_hint: - type: string description: |- LoginHint hints about the login identifier the End-User might use to log in (if necessary). This hint can be used by an RP if it first asks the End-User for their e-mail address (or other identifier) and then wants to pass that value as a hint to the discovered authorization service. This value MAY also be a phone number in the format specified for the phone_number Claim. The use of this parameter is optional. + type: string ui_locales: - type: array description: |- UILocales is the End-User'id preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value @@ -2629,229 +892,279 @@ components: locales are not supported by the OpenID Provider. items: type: string - rejectRequest: - #title: The request payload used to accept a login or consent request. + type: array + title: Contains optional information about the OpenID Connect request. type: object + oAuth2ConsentSession: + description: A completed OAuth 2.0 Consent Session. properties: - error: - type: string + consent_request: + $ref: '#/components/schemas/oAuth2ConsentRequest' + expires_at: + properties: + access_token: + format: date-time + type: string + authorize_code: + format: date-time + type: string + id_token: + format: date-time + type: string + par_context: + format: date-time + type: string + refresh_token: + format: date-time + type: string + type: object + grant_access_token_audience: + $ref: '#/components/schemas/StringSliceJSONFormat' + grant_scope: + $ref: '#/components/schemas/StringSliceJSONFormat' + handled_at: + $ref: '#/components/schemas/nullTime' + remember: description: |- - The error should follow the OAuth2 error format (e.g. `invalid_request`, `login_required`). + Remember Consent - Defaults to `request_denied`. - error_debug: - type: string + Remember, if set to true, tells ORY Hydra to remember this consent authorization and reuse it if the same + client asks the same user for the same, or a subset of, scope. + type: boolean + remember_for: description: |- - Debug contains information to help resolve the problem as a developer. Usually not exposed - to the public but only in the server logs. - error_description: - type: string - description: Description of the error in a human readable format. - error_hint: - type: string - description: Hint to help resolve the error. - status_code: - type: integer - description: |- - Represents the HTTP status code of the error (e.g. 401 or 403) + Remember Consent For - Defaults to 400 + RememberFor sets how long the consent authorization should be remembered for in seconds. If set to `0`, the + authorization will be remembered indefinitely. format: int64 - userinfoResponse: - type: object - properties: - birthdate: - type: string - description: End-User's birthday, represented as an ISO 8601:2004 [ISO8601‑2004] - YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. - To represent only the year, YYYY format is allowed. Note that depending - on the underlying platform's date related function, providing just year - can result in varying month and day, so the implementers need to take - this factor into account to correctly process the dates. - email: - type: string - description: End-User's preferred e-mail address. Its value MUST conform - to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon - this value being unique, as discussed in Section 5.7. - email_verified: - type: boolean - description: True if the End-User's e-mail address has been verified; otherwise - false. When this Claim Value is true, this means that the OP took affirmative - steps to ensure that this e-mail address was controlled by the End-User - at the time the verification was performed. The means by which an e-mail - address is verified is context-specific, and dependent upon the trust - framework or contractual agreements within which the parties are operating. - family_name: - type: string - description: Surname(s) or last name(s) of the End-User. Note that in some - cultures, people can have multiple family names or no family name; all - can be present, with the names being separated by space characters. - gender: - type: string - description: End-User's gender. Values defined by this specification are - female and male. Other values MAY be used when neither of the defined - values are applicable. - given_name: - type: string - description: Given name(s) or first name(s) of the End-User. Note that in - some cultures, people can have multiple given names; all can be present, - with the names being separated by space characters. - locale: - type: string - description: End-User's locale, represented as a BCP47 [RFC5646] language - tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in - lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, - separated by a dash. For example, en-US or fr-CA. As a compatibility note, - some implementations have used an underscore as the separator rather than - a dash, for example, en_US; Relying Parties MAY choose to accept this - locale syntax as well. - middle_name: - type: string - description: Middle name(s) of the End-User. Note that in some cultures, - people can have multiple middle names; all can be present, with the names - being separated by space characters. Also note that in some cultures, - middle names are not used. - name: - type: string - description: End-User's full name in displayable form including all name - parts, possibly including titles and suffixes, ordered according to the - End-User's locale and preferences. - nickname: - type: string - description: Casual name of the End-User that may or may not be the same - as the given_name. For instance, a nickname value of Mike might be returned - alongside a given_name value of Michael. - phone_number: - type: string - description: End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED - as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) - 687 2400. If the phone number contains an extension, it is RECOMMENDED - that the extension be represented using the RFC 3966 [RFC3966] extension - syntax, for example, +1 (604) 555-1234;ext=5678. - phone_number_verified: - type: boolean - description: True if the End-User's phone number has been verified; otherwise - false. When this Claim Value is true, this means that the OP took affirmative - steps to ensure that this phone number was controlled by the End-User - at the time the verification was performed. The means by which a phone - number is verified is context-specific, and dependent upon the trust framework - or contractual agreements within which the parties are operating. When - true, the phone_number Claim MUST be in E.164 format and any extensions - MUST be represented in RFC 3966 format. - picture: - type: string - description: URL of the End-User's profile picture. This URL MUST refer - to an image file (for example, a PNG, JPEG, or GIF image file), rather - than to a Web page containing an image. Note that this URL SHOULD specifically - reference a profile photo of the End-User suitable for displaying when - describing the End-User, rather than an arbitrary photo taken by the End-User. - preferred_username: - type: string - description: Non-unique shorthand name by which the End-User wishes to be - referred to at the RP, such as janedoe or j.doe. This value MAY be any - valid JSON string including special characters such as @, /, or whitespace. - profile: - type: string - description: URL of the End-User's profile page. The contents of this Web - page SHOULD be about the End-User. - sub: - type: string - description: Subject - Identifier for the End-User at the IssuerURL. - updated_at: type: integer - description: Time the End-User's information was last updated. Its value - is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z - as measured in UTC until the date/time. - format: int64 - website: - type: string - description: URL of the End-User's Web page or blog. This Web page SHOULD - contain information published by the End-User or an organization that - the End-User is affiliated with. - zoneinfo: - type: string - description: String from zoneinfo [zoneinfo] time zone database representing - the End-User's time zone. For example, Europe/Paris or America/Los_Angeles. - description: The userinfo response - version: + session: + $ref: '#/components/schemas/acceptOAuth2ConsentRequestSession' + title: OAuth 2.0 Consent Session type: object + oAuth2ConsentSessions: + description: List of OAuth 2.0 Consent Sessions + items: + $ref: '#/components/schemas/oAuth2ConsentSession' + type: array + oAuth2LoginRequest: properties: - version: + challenge: + description: |- + ID is the identifier ("login challenge") of the login request. It is used to + identify the session. + type: string + client: + $ref: '#/components/schemas/oAuth2Client' + oidc_context: + $ref: '#/components/schemas/oAuth2ConsentRequestOpenIDConnectContext' + request_url: + description: |- + RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which + initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but + might come in handy if you want to deal with additional request parameters. + type: string + requested_access_token_audience: + $ref: '#/components/schemas/StringSliceJSONFormat' + requested_scope: + $ref: '#/components/schemas/StringSliceJSONFormat' + session_id: + description: |- + SessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) + this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) + this will be a new random value. This value is used as the "sid" parameter in the ID Token and in OIDC Front-/Back- + channel logout. It's value can generally be used to associate consecutive login requests by a certain user. + type: string + skip: + description: |- + Skip, if true, implies that the client has requested the same scopes from the same user previously. + If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL. + + This feature allows you to update / set session information. + type: boolean + subject: + description: |- + Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope + requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type + when accepting the login request, or the request will fail. type: string - description: Version is the service's version. - wellKnown: - #title: WellKnown represents important OpenID Connect discovery metadata required: - - authorization_endpoint - - id_token_signing_alg_values_supported - - issuer - - jwks_uri - - response_types_supported - - subject_types_supported - - token_endpoint + - challenge + - requested_scope + - requested_access_token_audience + - skip + - subject + - client + - request_url + title: Contains information on an ongoing login request. type: object + oAuth2LogoutRequest: + properties: + challenge: + description: |- + Challenge is the identifier ("logout challenge") of the logout authentication request. It is used to + identify the session. + type: string + client: + $ref: '#/components/schemas/oAuth2Client' + request_url: + description: RequestURL is the original Logout URL requested. + type: string + rp_initiated: + description: RPInitiated is set to true if the request was initiated by a Relying Party (RP), also known as an OAuth 2.0 Client. + type: boolean + sid: + description: SessionID is the login session ID that was requested to log out. + type: string + subject: + description: Subject is the user for whom the logout was request. + type: string + title: Contains information about an ongoing logout request. + type: object + oAuth2RedirectTo: + description: Contains a redirect URL used to complete a login, consent, or logout request. + properties: + redirect_to: + description: RedirectURL is the URL which you should redirect the user's browser to once the authentication process is completed. + type: string + required: + - redirect_to + title: OAuth 2.0 Redirect Browser To + type: object + oAuth2TokenExchange: + description: OAuth2 Token Exchange Result + properties: + access_token: + description: The access token issued by the authorization server. + type: string + expires_in: + description: |- + The lifetime in seconds of the access token. For + example, the value "3600" denotes that the access token will + expire in one hour from the time the response was generated. + format: int64 + type: integer + id_token: + description: To retrieve a refresh token request the id_token scope. + format: int64 + type: integer + refresh_token: + description: |- + The refresh token, which can be used to obtain new + access tokens. To retrieve it add the scope "offline" to your access token request. + type: string + scope: + description: The scope of the access token + type: string + token_type: + description: The type of the token issued + type: string + type: object + oidcConfiguration: + description: |- + Includes links to several endpoints (for example `/oauth2/token`) and exposes information on supported signature algorithms + among others. properties: authorization_endpoint: - type: string - description: URL of the OP's OAuth 2.0 Authorization Endpoint. + description: OAuth 2.0 Authorization Endpoint URL example: https://playground.ory.sh/ory-hydra/public/oauth2/auth + type: string backchannel_logout_session_supported: - type: boolean description: |- + OpenID Connect Back-Channel Logout Session Required + Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to identify the RP session with the OP. If supported, the sid Claim is also included in ID Tokens issued by the OP + type: boolean backchannel_logout_supported: - type: boolean - description: Boolean value specifying whether the OP supports back-channel - logout, with true indicating support. - claims_parameter_supported: - type: boolean - description: Boolean value specifying whether the OP supports use of the - claims parameter, with true indicating support. - claims_supported: - type: array description: |- + OpenID Connect Back-Channel Logout Supported + + Boolean value specifying whether the OP supports back-channel logout, with true indicating support. + type: boolean + claims_parameter_supported: + description: |- + OpenID Connect Claims Parameter Parameter Supported + + Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. + type: boolean + claims_supported: + description: |- + OpenID Connect Supported Claims + JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list. items: type: string - end_session_endpoint: - type: string - description: URL at the OP to which an RP can perform a redirect to request - that the End-User be logged out at the OP. - frontchannel_logout_session_supported: - type: boolean + type: array + code_challenge_methods_supported: description: |- + OAuth 2.0 PKCE Supported Code Challenge Methods + + JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported + by this authorization server. + items: + type: string + type: array + end_session_endpoint: + description: |- + OpenID Connect End-Session Endpoint + + URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP. + type: string + frontchannel_logout_session_supported: + description: |- + OpenID Connect Front-Channel Logout Session Required + Boolean value specifying whether the OP can pass iss (issuer) and sid (session ID) query parameters to identify the RP session with the OP when the frontchannel_logout_uri is used. If supported, the sid Claim is also included in ID Tokens issued by the OP. - frontchannel_logout_supported: type: boolean - description: Boolean value specifying whether the OP supports HTTP-based - logout, with true indicating support. + frontchannel_logout_supported: + description: |- + OpenID Connect Front-Channel Logout Supported + + Boolean value specifying whether the OP supports HTTP-based logout, with true indicating support. + type: boolean grant_types_supported: - type: array - description: JSON array containing a list of the OAuth 2.0 Grant Type values - that this OP supports. + description: |- + OAuth 2.0 Supported Grant Types + + JSON array containing a list of the OAuth 2.0 Grant Type values that this OP supports. items: type: string - id_token_signing_alg_values_supported: type: array + id_token_signed_response_alg: description: |- + OpenID Connect Default ID Token Signing Algorithms + + Algorithm used to sign OpenID Connect ID Tokens. + items: + type: string + type: array + id_token_signing_alg_values_supported: + description: |- + OpenID Connect Supported ID Token Signing Algorithms + JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT. items: type: string + type: array issuer: - type: string description: |- - URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. + OpenID Connect Issuer URL + + An URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL. example: https://playground.ory.sh/ory-hydra/public/ - jwks_uri: type: string + jwks_uri: description: |- + OpenID Connect Well-Known JSON Web Keys URL + URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set MAY also contain the Server's encryption key(s), which are used by RPs to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) @@ -2859,102 +1172,2095 @@ components: Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. - example: https://playground.ory.sh/ory-hydra/public/.well-known/jwks.json - registration_endpoint: + example: https://{slug}.projects.oryapis.com/.well-known/jwks.json type: string - description: URL of the OP's Dynamic Client Registration Endpoint. + registration_endpoint: + description: OpenID Connect Dynamic Client Registration Endpoint URL example: https://playground.ory.sh/ory-hydra/admin/client + type: string request_object_signing_alg_values_supported: - type: array description: |- + OpenID Connect Supported Request Object Signing Algorithms + JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, which are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. These algorithms are used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). items: type: string + type: array request_parameter_supported: - type: boolean - description: Boolean value specifying whether the OP supports use of the - request parameter, with true indicating support. - request_uri_parameter_supported: - type: boolean - description: Boolean value specifying whether the OP supports use of the - request_uri parameter, with true indicating support. - require_request_uri_registration: - type: boolean description: |- + OpenID Connect Request Parameter Supported + + Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. + type: boolean + request_uri_parameter_supported: + description: |- + OpenID Connect Request URI Parameter Supported + + Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. + type: boolean + require_request_uri_registration: + description: |- + OpenID Connect Requires Request URI Registration + Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter. + type: boolean response_modes_supported: - type: array - description: JSON array containing a list of the OAuth 2.0 response_mode - values that this OP supports. + description: |- + OAuth 2.0 Supported Response Modes + + JSON array containing a list of the OAuth 2.0 response_mode values that this OP supports. items: type: string - response_types_supported: type: array + response_types_supported: description: |- + OAuth 2.0 Supported Response Types + JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values. items: type: string - revocation_endpoint: - type: string - description: URL of the authorization server's OAuth 2.0 revocation endpoint. - scopes_supported: type: array + revocation_endpoint: description: |- - SON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST + OAuth 2.0 Token Revocation URL + + URL of the authorization server's OAuth 2.0 revocation endpoint. + type: string + scopes_supported: + description: |- + OAuth 2.0 Supported Scope Values + + JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. Servers MAY choose not to advertise some supported scope values even when this parameter is used items: type: string - subject_types_supported: type: array + subject_types_supported: description: |- + OpenID Connect Supported Subject Types + JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public. items: type: string - token_endpoint: - type: string - description: URL of the OP's OAuth 2.0 Token Endpoint - example: https://playground.ory.sh/ory-hydra/public/oauth2/token - token_endpoint_auth_methods_supported: type: array + token_endpoint: + description: OAuth 2.0 Token Endpoint URL + example: https://playground.ory.sh/ory-hydra/public/oauth2/token + type: string + token_endpoint_auth_methods_supported: description: |- + OAuth 2.0 Supported Client Authentication Methods + JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0 items: type: string - userinfo_endpoint: - type: string - description: URL of the OP's UserInfo Endpoint. - userinfo_signing_alg_values_supported: type: array - description: JSON array containing a list of the JWS [JWS] signing algorithms - (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims - in a JWT [JWT]. + userinfo_endpoint: + description: |- + OpenID Connect Userinfo URL + + URL of the OP's UserInfo Endpoint. + type: string + userinfo_signed_response_alg: + description: |- + OpenID Connect User Userinfo Signing Algorithm + + Algorithm used to sign OpenID Connect Userinfo Responses. items: type: string + type: array + userinfo_signing_alg_values_supported: + description: |- + OpenID Connect Supported Userinfo Signing Algorithm + + JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. + items: + type: string + type: array + required: + - issuer + - authorization_endpoint + - token_endpoint + - jwks_uri + - subject_types_supported + - response_types_supported + - id_token_signing_alg_values_supported + - id_token_signed_response_alg + - userinfo_signed_response_alg + title: OpenID Connect Discovery Metadata + type: object + oidcUserInfo: + description: OpenID Connect Userinfo + properties: + birthdate: + description: End-User's birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform's date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates. + type: string + email: + description: End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 5.7. + type: string + email_verified: + description: True if the End-User's e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. + type: boolean + family_name: + description: Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters. + type: string + gender: + description: End-User's gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable. + type: string + given_name: + description: Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters. + type: string + locale: + description: End-User's locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well. + type: string + middle_name: + description: Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used. + type: string + name: + description: End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences. + type: string + nickname: + description: Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael. + type: string + phone_number: + description: End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678. + type: string + phone_number_verified: + description: True if the End-User's phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format. + type: boolean + picture: + description: URL of the End-User's profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User. + type: string + preferred_username: + description: Non-unique shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace. + type: string + profile: + description: URL of the End-User's profile page. The contents of this Web page SHOULD be about the End-User. + type: string + sub: + description: Subject - Identifier for the End-User at the IssuerURL. + type: string + updated_at: + description: Time the End-User's information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time. + format: int64 + type: integer + website: + description: URL of the End-User's Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with. + type: string + zoneinfo: + description: String from zoneinfo [zoneinfo] time zone database representing the End-User's time zone. For example, Europe/Paris or America/Los_Angeles. + type: string + type: object + pagination: + properties: + page_size: + default: 250 + description: |- + Items per page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + format: int64 + maximum: 1000 + minimum: 1 + type: integer + page_token: + default: '1' + description: |- + Next Page Token + + The next page token. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + minimum: 1 + type: string + type: object + paginationHeaders: + properties: + link: + description: |- + The link header contains pagination links. + + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + + in: header + type: string + x-total-count: + description: |- + The total number of clients. + + in: header + type: string + type: object + rejectOAuth2Request: + properties: + error: + description: |- + The error should follow the OAuth2 error format (e.g. `invalid_request`, `login_required`). + + Defaults to `request_denied`. + type: string + error_debug: + description: |- + Debug contains information to help resolve the problem as a developer. Usually not exposed + to the public but only in the server logs. + type: string + error_description: + description: Description of the error in a human readable format. + type: string + error_hint: + description: Hint to help resolve the error. + type: string + status_code: + description: |- + Represents the HTTP status code of the error (e.g. 401 or 403) + + Defaults to 400 + format: int64 + type: integer + title: The request payload used to accept a login or consent request. + type: object + tokenPagination: + properties: + page_size: + default: 250 + description: |- + Items per page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + format: int64 + maximum: 1000 + minimum: 1 + type: integer + page_token: + default: '1' + description: |- + Next Page Token + + The next page token. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + minimum: 1 + type: string + type: object + tokenPaginationHeaders: + properties: + link: + description: |- + The link header contains pagination links. + + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + + in: header + type: string + x-total-count: + description: |- + The total number of clients. + + in: header + type: string + type: object + tokenPaginationRequestParameters: description: |- - It includes links to several endpoints (e.g. /oauth2/token) and exposes information on supported signature algorithms - among others. + The `Link` HTTP header contains multiple links (`first`, `next`, `last`, `previous`) formatted as: + `; rel="{page}"` + + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + properties: + page_size: + default: 250 + description: |- + Items per Page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + format: int64 + maximum: 500 + minimum: 1 + type: integer + page_token: + default: '1' + description: |- + Next Page Token + + The next page token. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + minimum: 1 + type: string + title: Pagination Request Parameters + type: object + tokenPaginationResponseHeaders: + description: |- + The `Link` HTTP header contains multiple links (`first`, `next`, `last`, `previous`) formatted as: + `; rel="{page}"` + + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + properties: + link: + description: |- + The Link HTTP Header + + The `Link` header contains a comma-delimited list of links to the following pages: + + first: The first page of results. + next: The next page of results. + prev: The previous page of results. + last: The last page of results. + + Pages are omitted if they do not exist. For example, if there is no next page, the `next` link is omitted. Examples: + + ; rel="first",; rel="next",; rel="prev",; rel="last" + type: string + x-total-count: + description: |- + The X-Total-Count HTTP Header + + The `X-Total-Count` header contains the total number of items in the collection. + format: int64 + type: integer + title: Pagination Response Header + type: object + trustOAuth2JwtGrantIssuer: + description: Trust OAuth2 JWT Bearer Grant Type Issuer Request Body + properties: + allow_any_subject: + description: The "allow_any_subject" indicates that the issuer is allowed to have any principal as the subject of the JWT. + type: boolean + expires_at: + description: The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + format: date-time + type: string + issuer: + description: The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + example: https://jwt-idp.example.com + type: string + jwk: + $ref: '#/components/schemas/jsonWebKey' + scope: + description: The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + example: + - openid + - offline + items: + type: string + type: array + subject: + description: The "subject" identifies the principal that is the subject of the JWT. + example: mike@example.com + type: string + required: + - issuer + - scope + - jwk + - expires_at + type: object + trustedOAuth2JwtGrantIssuer: + description: OAuth2 JWT Bearer Grant Type Issuer Trust Relationship + properties: + allow_any_subject: + description: The "allow_any_subject" indicates that the issuer is allowed to have any principal as the subject of the JWT. + type: boolean + created_at: + description: The "created_at" indicates, when grant was created. + format: date-time + type: string + expires_at: + description: The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + format: date-time + type: string + id: + example: 9edc811f-4e28-453c-9b46-4de65f00217f + type: string + issuer: + description: The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + example: https://jwt-idp.example.com + type: string + public_key: + $ref: '#/components/schemas/trustedOAuth2JwtGrantJsonWebKey' + scope: + description: The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + example: + - openid + - offline + items: + type: string + type: array + subject: + description: The "subject" identifies the principal that is the subject of the JWT. + example: mike@example.com + type: string + type: object + trustedOAuth2JwtGrantIssuers: + description: OAuth2 JWT Bearer Grant Type Issuer Trust Relationships + items: + $ref: '#/components/schemas/trustedOAuth2JwtGrantIssuer' + type: array + trustedOAuth2JwtGrantJsonWebKey: + description: OAuth2 JWT Bearer Grant Type Issuer Trusted JSON Web Key + properties: + kid: + description: The "key_id" is key unique identifier (same as kid header in jws/jwt). + example: 123e4567-e89b-12d3-a456-426655440000 + type: string + set: + description: The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. + example: https://jwt-idp.example.com + type: string + type: object + version: + properties: + version: + description: Version is the service's version. + type: string + type: object securitySchemes: basic: - type: http scheme: basic + type: http + bearer: + scheme: bearer + type: http oauth2: - type: oauth2 flows: authorizationCode: authorizationUrl: https://hydra.demo.ory.sh/oauth2/auth - tokenUrl: https://hydra.demo.ory.sh/oauth2/token scopes: offline: A scope required when requesting refresh tokens (alias for `offline_access`) offline_access: A scope required when requesting refresh tokens openid: Request an OpenID Connect ID Token + tokenUrl: https://hydra.demo.ory.sh/oauth2/token + type: oauth2 +info: + contact: + email: hi@ory.sh + description: | + Documentation for all of Ory Hydra's APIs. + license: + name: Apache 2.0 + title: Ory Hydra + version: '2.0.3' +openapi: 3.0.3 +paths: + /.well-known/jwks.json: + get: + description: |- + This endpoint returns JSON Web Keys required to verifying OpenID Connect ID Tokens and, + if enabled, OAuth 2.0 JWT Access Tokens. This endpoint can be used with client libraries like + [node-jwks-rsa](https://github.com/auth0/node-jwks-rsa) among others. + operationId: discoverJsonWebKeys + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKeySet' + description: jsonWebKeySet + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Discover Well-Known JSON Web Keys + tags: + - wellknown + /.well-known/openid-configuration: + get: + description: |- + A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations. + + Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang), and others. + For a full list of clients go here: https://openid.net/developers/certified/ + operationId: discoverOidcConfiguration + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oidcConfiguration' + description: oidcConfiguration + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: OpenID Connect Discovery + tags: + - oidc + /admin/clients: + get: + description: |- + This endpoint lists all clients in the database, and never returns client secrets. + As a default it lists the first 100 clients. + operationId: listOAuth2Clients + parameters: + - description: |- + Items per Page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + in: query + name: page_size + schema: + default: 250 + format: int64 + maximum: 500 + minimum: 1 + type: integer + - description: |- + Next Page Token + + The next page token. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + in: query + name: page_token + schema: + default: '1' + minimum: 1 + type: string + - description: The name of the clients to filter by. + in: query + name: client_name + schema: + type: string + - description: The owner of the clients to filter by. + in: query + name: owner + schema: + type: string + responses: + '200': + $ref: '#/components/responses/listOAuth2Clients' + default: + $ref: '#/components/responses/errorOAuth2Default' + summary: List OAuth 2.0 Clients + tags: + - oAuth2 + post: + description: |- + Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random secret + is generated. The secret is echoed in the response. It is not possible to retrieve it later on. + operationId: createOAuth2Client + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: OAuth 2.0 Client Request Body + required: true + x-originalParamName: Body + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + '400': + $ref: '#/components/responses/errorOAuth2BadRequest' + default: + $ref: '#/components/responses/errorOAuth2Default' + summary: Create OAuth 2.0 Client + tags: + - oAuth2 + /admin/clients/{id}: + delete: + description: |- + Delete an existing OAuth 2.0 Client by its ID. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + + Make sure that this endpoint is well protected and only callable by first-party components. + operationId: deleteOAuth2Client + parameters: + - description: The id of the OAuth 2.0 Client. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: Delete OAuth 2.0 Client + tags: + - oAuth2 + get: + description: |- + Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + operationId: getOAuth2Client + parameters: + - description: The id of the OAuth 2.0 Client. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + default: + $ref: '#/components/responses/errorOAuth2Default' + summary: Get an OAuth 2.0 Client + tags: + - oAuth2 + patch: + description: |- + Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret` + the secret will be updated and returned via the API. This is the + only time you will be able to retrieve the client secret, so write it down and keep it safe. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + operationId: patchOAuth2Client + parameters: + - description: The id of the OAuth 2.0 Client. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/jsonPatchDocument' + description: OAuth 2.0 Client JSON Patch Body + required: true + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + '404': + $ref: '#/components/responses/errorOAuth2NotFound' + default: + $ref: '#/components/responses/errorOAuth2Default' + summary: Patch OAuth 2.0 Client + tags: + - oAuth2 + put: + description: |- + Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the secret is used, + otherwise the existing secret is used. + + If set, the secret is echoed in the response. It is not possible to retrieve it later on. + + OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + operationId: setOAuth2Client + parameters: + - description: OAuth 2.0 Client ID + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: OAuth 2.0 Client Request Body + required: true + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + '400': + $ref: '#/components/responses/errorOAuth2BadRequest' + '404': + $ref: '#/components/responses/errorOAuth2NotFound' + default: + $ref: '#/components/responses/errorOAuth2Default' + summary: Set OAuth 2.0 Client + tags: + - oAuth2 + /admin/clients/{id}/lifespans: + put: + description: Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other fields. + operationId: setOAuth2ClientLifespans + parameters: + - description: OAuth 2.0 Client ID + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2ClientTokenLifespans' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: Set OAuth2 Client Token Lifespans + tags: + - oAuth2 + /admin/keys/{set}: + delete: + description: |- + Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. + operationId: deleteJsonWebKeySet + parameters: + - description: The JSON Web Key Set + in: path + name: set + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Delete JSON Web Key Set + tags: + - jwk + get: + description: |- + This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. + operationId: getJsonWebKeySet + parameters: + - description: JSON Web Key Set ID + in: path + name: set + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKeySet' + description: jsonWebKeySet + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Retrieve a JSON Web Key Set + tags: + - jwk + post: + description: |- + This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys (RS256, ECDSA). If the specified JSON Web Key Set does not exist, it will be created. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. + operationId: createJsonWebKeySet + parameters: + - description: The JSON Web Key Set ID + in: path + name: set + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/createJsonWebKeySet' + required: true + x-originalParamName: Body + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKeySet' + description: jsonWebKeySet + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Create JSON Web Key + tags: + - jwk + put: + description: |- + Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. + operationId: setJsonWebKeySet + parameters: + - description: The JSON Web Key Set ID + in: path + name: set + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKeySet' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKeySet' + description: jsonWebKeySet + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Update a JSON Web Key Set + tags: + - jwk + /admin/keys/{set}/{kid}: + delete: + description: |- + Use this endpoint to delete a single JSON Web Key. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A + JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses + this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), + and allows storing user-defined keys as well. + operationId: deleteJsonWebKey + parameters: + - description: The JSON Web Key Set + in: path + name: set + required: true + schema: + type: string + - description: The JSON Web Key ID (kid) + in: path + name: kid + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Delete JSON Web Key + tags: + - jwk + get: + description: This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and the specific key ID (kid). + operationId: getJsonWebKey + parameters: + - description: JSON Web Key Set ID + in: path + name: set + required: true + schema: + type: string + - description: JSON Web Key ID + in: path + name: kid + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKeySet' + description: jsonWebKeySet + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Get JSON Web Key + tags: + - jwk + put: + description: |- + Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your own. + + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined keys as well. + operationId: setJsonWebKey + parameters: + - description: The JSON Web Key Set ID + in: path + name: set + required: true + schema: + type: string + - description: JSON Web Key ID + in: path + name: kid + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKey' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/jsonWebKey' + description: jsonWebKey + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Set JSON Web Key + tags: + - jwk + /admin/oauth2/auth/requests/consent: + get: + description: |- + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted + or rejected the request. + + The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please + head over to the OAuth 2.0 documentation. + operationId: getOAuth2ConsentRequest + parameters: + - description: OAuth 2.0 Consent Request Challenge + in: query + name: consent_challenge + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2ConsentRequest' + description: oAuth2ConsentRequest + '410': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Get OAuth 2.0 Consent Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/consent/accept: + put: + description: |- + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted + or rejected the request. + + This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on his/her behalf. + The consent provider includes additional information, such as session data for access and ID tokens, and if the + consent request should be used as basis for future requests. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please + head over to the OAuth 2.0 documentation. + operationId: acceptOAuth2ConsentRequest + parameters: + - description: OAuth 2.0 Consent Request Challenge + in: query + name: consent_challenge + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/acceptOAuth2ConsentRequest' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Accept OAuth 2.0 Consent Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/consent/reject: + put: + description: |- + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider + to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she must now be asked if + the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the subject's behalf. + + The consent challenge is appended to the consent provider's URL to which the subject's user-agent (browser) is redirected to. The consent + provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the subject accepted + or rejected the request. + + This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources on his/her behalf. + The consent provider must include a reason why the consent was not granted. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + + The default consent provider is available via the Ory Managed Account Experience. To customize the consent provider, please + head over to the OAuth 2.0 documentation. + operationId: rejectOAuth2ConsentRequest + parameters: + - description: OAuth 2.0 Consent Request Challenge + in: query + name: consent_challenge + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/rejectOAuth2Request' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Reject OAuth 2.0 Consent Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/login: + get: + description: |- + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + Per default, the login provider is Ory itself. You may use a different login provider which needs to be a web-app + you write and host, and it must be able to authenticate ("show the subject a login screen") + a subject (in OAuth2 the proper name for subject is "resource owner"). + + The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. + operationId: getOAuth2LoginRequest + parameters: + - description: OAuth 2.0 Login Request Challenge + in: query + name: login_challenge + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2LoginRequest' + description: oAuth2LoginRequest + '410': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Get OAuth 2.0 Login Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/login/accept: + put: + description: |- + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. + + This endpoint tells Ory that the subject has successfully authenticated and includes additional information such as + the subject's ID and if Ory should remember the subject's subject agent for future authentication attempts by setting + a cookie. + + The response contains a redirect URL which the login provider should redirect the user-agent to. + operationId: acceptOAuth2LoginRequest + parameters: + - description: OAuth 2.0 Login Request Challenge + in: query + name: login_challenge + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/acceptOAuth2LoginRequest' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Accept OAuth 2.0 Login Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/login/reject: + put: + description: |- + When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login provider + to authenticate the subject and then tell the Ory OAuth2 Service about it. + + The authentication challenge is appended to the login provider URL to which the subject's user-agent (browser) is redirected to. The login + provider uses that challenge to fetch information on the OAuth2 request and then accept or reject the requested authentication process. + + This endpoint tells Ory that the subject has not authenticated and includes a reason why the authentication + was denied. + + The response contains a redirect URL which the login provider should redirect the user-agent to. + operationId: rejectOAuth2LoginRequest + parameters: + - description: OAuth 2.0 Login Request Challenge + in: query + name: login_challenge + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/rejectOAuth2Request' + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Reject OAuth 2.0 Login Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/logout: + get: + description: Use this endpoint to fetch an Ory OAuth 2.0 logout request. + operationId: getOAuth2LogoutRequest + parameters: + - in: query + name: logout_challenge + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2LogoutRequest' + description: oAuth2LogoutRequest + '410': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Get OAuth 2.0 Session Logout Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/logout/accept: + put: + description: |- + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to confirm that logout request. + + The response contains a redirect URL which the consent provider should redirect the user-agent to. + operationId: acceptOAuth2LogoutRequest + parameters: + - description: OAuth 2.0 Logout Request Challenge + in: query + name: logout_challenge + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2RedirectTo' + description: oAuth2RedirectTo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Accept OAuth 2.0 Session Logout Request + tags: + - oAuth2 + /admin/oauth2/auth/requests/logout/reject: + put: + description: |- + When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this endpoint is used to deny that logout request. + No HTTP request body is required. + + The response is empty as the logout provider has to chose what action to perform next. + operationId: rejectOAuth2LogoutRequest + parameters: + - in: query + name: logout_challenge + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Reject OAuth 2.0 Session Logout Request + tags: + - oAuth2 + /admin/oauth2/auth/sessions/consent: + delete: + description: |- + This endpoint revokes a subject's granted consent sessions and invalidates all + associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0 Client ID. + operationId: revokeOAuth2ConsentSessions + parameters: + - description: |- + OAuth 2.0 Consent Subject + + The subject whose consent sessions should be deleted. + in: query + name: subject + required: true + schema: + type: string + - description: |- + OAuth 2.0 Client ID + + If set, deletes only those consent sessions that have been granted to the specified OAuth 2.0 Client ID. + in: query + name: client + schema: + type: string + - description: |- + Revoke All Consent Sessions + + If set to `true` deletes all consent sessions by the Subject that have been granted. + in: query + name: all + schema: + type: boolean + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Revoke OAuth 2.0 Consent Sessions of a Subject + tags: + - oAuth2 + get: + description: |- + This endpoint lists all subject's granted consent sessions, including client and granted scope. + If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an + empty JSON array with status code 200 OK. + operationId: listOAuth2ConsentSessions + parameters: + - description: |- + Items per Page + + This is the number of items per page to return. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + in: query + name: page_size + schema: + default: 250 + format: int64 + maximum: 500 + minimum: 1 + type: integer + - description: |- + Next Page Token + + The next page token. + For details on pagination please head over to the [pagination documentation](https://www.ory.sh/docs/ecosystem/api-design#pagination). + in: query + name: page_token + schema: + default: '1' + minimum: 1 + type: string + - description: The subject to list the consent sessions for. + in: query + name: subject + required: true + schema: + type: string + - description: The login session id to list the consent sessions for. + in: query + name: login_session_id + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2ConsentSessions' + description: oAuth2ConsentSessions + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: List OAuth 2.0 Consent Sessions of a Subject + tags: + - oAuth2 + /admin/oauth2/auth/sessions/login: + delete: + description: |- + This endpoint invalidates a subject's authentication session. After revoking the authentication session, the subject + has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and + does not work with OpenID Connect Front- or Back-channel logout. + operationId: revokeOAuth2LoginSessions + parameters: + - description: |- + OAuth 2.0 Subject + + The subject to revoke authentication sessions for. + in: query + name: subject + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Revokes All OAuth 2.0 Login Sessions of a Subject + tags: + - oAuth2 + /admin/oauth2/introspect: + post: + description: |- + The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token + is neither expired nor revoked. If a token is active, additional information on the token will be included. You can + set additional data for a token by setting `session.access_token` during the consent flow. + operationId: introspectOAuth2Token + requestBody: + content: + application/x-www-form-urlencoded: + schema: + properties: + scope: + description: |- + An optional, space separated list of required scopes. If the access token was not granted one of the + scopes, the result of active will be false. + type: string + x-formData-name: scope + token: + description: |- + The string value of the token. For access tokens, this + is the "access_token" value returned from the token endpoint + defined in OAuth 2.0. For refresh tokens, this is the "refresh_token" + value returned. + required: + - token + type: string + x-formData-name: token + required: + - token + type: object + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/introspectedOAuth2Token' + description: introspectedOAuth2Token + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Introspect OAuth2 Access and Refresh Tokens + tags: + - oAuth2 + /admin/oauth2/tokens: + delete: + description: This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database. + operationId: deleteOAuth2Token + parameters: + - description: OAuth 2.0 Client ID + in: query + name: client_id + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client + tags: + - oAuth2 + /admin/trust/grants/jwt-bearer/issuers: + get: + description: Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. + operationId: listTrustedOAuth2JwtGrantIssuers + parameters: + - in: query + name: MaxItems + schema: + format: int64 + type: integer + - in: query + name: DefaultItems + schema: + format: int64 + type: integer + - description: If optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. + in: query + name: issuer + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/trustedOAuth2JwtGrantIssuers' + description: trustedOAuth2JwtGrantIssuers + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: List Trusted OAuth2 JWT Bearer Grant Type Issuers + tags: + - oAuth2 + post: + description: |- + Use this endpoint to establish a trust relationship for a JWT issuer + to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication + and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). + operationId: trustOAuth2JwtGrantIssuer + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/trustOAuth2JwtGrantIssuer' + x-originalParamName: Body + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/trustedOAuth2JwtGrantIssuer' + description: trustedOAuth2JwtGrantIssuer + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: Trust OAuth2 JWT Bearer Grant Type Issuer + tags: + - oAuth2 + /admin/trust/grants/jwt-bearer/issuers/{id}: + delete: + description: |- + Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you + created the trust relationship. + + Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile + for OAuth 2.0 Client Authentication and Authorization Grant. + operationId: deleteTrustedOAuth2JwtGrantIssuer + parameters: + - description: The id of the desired grant + in: path + name: id + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: Delete Trusted OAuth2 JWT Bearer Grant Type Issuer + tags: + - oAuth2 + get: + description: |- + Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you + created the trust relationship. + operationId: getTrustedOAuth2JwtGrantIssuer + parameters: + - description: The id of the desired grant + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/trustedOAuth2JwtGrantIssuer' + description: trustedOAuth2JwtGrantIssuer + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: Get Trusted OAuth2 JWT Bearer Grant Type Issuer + tags: + - oAuth2 + /health/alive: + get: + description: |- + This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming + HTTP requests. This status does currently not include checks whether the database connection is working. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of this service, the health status will never + refer to the cluster state, only to a single instance. + operationId: isAlive + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/healthStatus' + description: Ory Hydra is ready to accept connections. + '500': + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + summary: Check HTTP Server Status + tags: + - metadata + /health/ready: + get: + description: |- + This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment dependencies (e.g. + the database) are responsive as well. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of Ory Hydra, the health status will never + refer to the cluster state, only to a single instance. + operationId: isReady + responses: + '200': + content: + application/json: + schema: + properties: + status: + description: Always "ok". + type: string + type: object + description: Ory Hydra is ready to accept requests. + '503': + content: + application/json: + schema: + properties: + errors: + additionalProperties: + type: string + description: Errors contains a list of errors that caused the not ready status. + type: object + type: object + description: Ory Kratos is not yet ready to accept requests. + summary: Check HTTP Server and Database Status + tags: + - metadata + /oauth2/auth: + get: + description: |- + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries at https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + operationId: oAuth2Authorize + responses: + '302': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + summary: OAuth 2.0 Authorize Endpoint + tags: + - oAuth2 + /oauth2/register: + post: + description: |- + This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint + is disabled by default. It can be enabled by an administrator. + + Please note that using this endpoint you are not able to choose the `client_secret` nor the `client_id` as those + values will be server generated when specifying `token_endpoint_auth_method` as `client_secret_basic` or + `client_secret_post`. + + The `client_secret` will be returned in the response and you will not be able to retrieve it later on. + Write the secret down and keep it somewhere safe. + operationId: createOidcDynamicClient + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: Dynamic Client Registration Request Body + required: true + x-originalParamName: Body + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + '400': + $ref: '#/components/responses/errorOAuth2BadRequest' + default: + $ref: '#/components/responses/errorOAuth2Default' + summary: Register OAuth2 Client using OpenID Dynamic Client Registration + tags: + - oidc + /oauth2/register/{id}: + delete: + description: |- + This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This endpoint + is disabled by default. It can be enabled by an administrator. + + To use this endpoint, you will need to present the client's authentication credentials. If the OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + operationId: deleteOidcDynamicClient + parameters: + - description: The id of the OAuth 2.0 Client. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/genericError' + description: genericError + security: + - bearer: [] + summary: Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol + tags: + - oidc + get: + description: |- + This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of facing the + public internet directly and can be used in self-service. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + To use this endpoint, you will need to present the client's authentication credentials. If the OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. + operationId: getOidcDynamicClient + parameters: + - description: The id of the OAuth 2.0 Client. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + default: + $ref: '#/components/responses/errorOAuth2Default' + security: + - bearer: [] + summary: Get OAuth2 Client using OpenID Dynamic Client Registration + tags: + - oidc + put: + description: |- + This endpoint behaves like the administrative counterpart (`setOAuth2Client`) but is capable of facing the + public internet directly to be used by third parties. It implements the OpenID Connect + Dynamic Client Registration Protocol. + + This feature is disabled per default. It can be enabled by a system administrator. + + If you pass `client_secret` the secret is used, otherwise the existing secret is used. If set, the secret is echoed in the response. + It is not possible to retrieve it later on. + + To use this endpoint, you will need to present the client's authentication credentials. If the OAuth2 Client + uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client secret in the URL query. + If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization header. + + OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are + generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. + operationId: setOidcDynamicClient + parameters: + - description: OAuth 2.0 Client ID + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: OAuth 2.0 Client Request Body + required: true + x-originalParamName: Body + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2Client' + description: oAuth2Client + '404': + $ref: '#/components/responses/errorOAuth2NotFound' + default: + $ref: '#/components/responses/errorOAuth2Default' + security: + - bearer: [] + summary: Set OAuth2 Client using OpenID Dynamic Client Registration + tags: + - oidc + /oauth2/revoke: + post: + description: |- + Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no + longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. + Revoking a refresh token also invalidates the access token that was created with it. A token may only be revoked by + the client the token was generated for. + operationId: revokeOAuth2Token + requestBody: + content: + application/x-www-form-urlencoded: + schema: + properties: + client_id: + type: string + x-formData-name: client_id + client_secret: + type: string + x-formData-name: client_secret + token: + required: + - token + type: string + x-formData-name: token + required: + - token + type: object + responses: + '200': + $ref: '#/components/responses/emptyResponse' + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + security: + - basic: [] + - oauth2: [] + summary: Revoke OAuth 2.0 Access or Refresh Token + tags: + - oAuth2 + /oauth2/sessions/logout: + get: + description: |- + This endpoint initiates and completes user logout at the Ory OAuth2 & OpenID provider and initiates OpenID Connect Front- / Back-channel logout: + + https://openid.net/specs/openid-connect-frontchannel-1_0.html + https://openid.net/specs/openid-connect-backchannel-1_0.html + + Back-channel logout is performed asynchronously and does not affect logout flow. + operationId: revokeOidcSession + responses: + '302': + $ref: '#/components/responses/emptyResponse' + summary: OpenID Connect Front- and Back-channel Enabled Logout + tags: + - oidc + /oauth2/token: + post: + description: |- + Use open source libraries to perform OAuth 2.0 and OpenID Connect + available for any programming language. You can find a list of libraries here https://oauth.net/code/ + + The Ory SDK is not yet able to this endpoint properly. + operationId: oauth2TokenExchange + requestBody: + content: + application/x-www-form-urlencoded: + schema: + properties: + client_id: + type: string + x-formData-name: client_id + code: + type: string + x-formData-name: code + grant_type: + required: + - grant_type + type: string + x-formData-name: grant_type + redirect_uri: + type: string + x-formData-name: redirect_uri + refresh_token: + type: string + x-formData-name: refresh_token + required: + - grant_type + type: object + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oAuth2TokenExchange' + description: oAuth2TokenExchange + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + security: + - basic: [] + - oauth2: [] + summary: The OAuth 2.0 Token Endpoint + tags: + - oAuth2 + /userinfo: + get: + description: |- + This endpoint returns the payload of the ID Token, including `session.id_token` values, of + the provided OAuth 2.0 Access Token's consent request. + + In the case of authentication error, a WWW-Authenticate header might be set in the response + with more information about the error. See [the spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3) + for more details about header format. + operationId: getOidcUserInfo + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/oidcUserInfo' + description: oidcUserInfo + default: + content: + application/json: + schema: + $ref: '#/components/schemas/errorOAuth2' + description: errorOAuth2 + security: + - oauth2: [] + summary: OpenID Connect Userinfo + tags: + - oidc + /version: + get: + description: |- + This endpoint returns the version of Ory Hydra. + + If the service supports TLS Edge Termination, this endpoint does not require the + `X-Forwarded-Proto` header to be set. + + Be aware that if you are running multiple nodes of this service, the version will never + refer to the cluster state, only to a single instance. + operationId: getVersion + responses: + '200': + content: + application/json: + schema: + properties: + version: + description: The version of Ory Hydra. + type: string + type: object + description: Returns the Ory Hydra version. + summary: Return Running Software Version. + tags: + - metadata +tags: + - description: OAuth 2.0 + name: oAuth2 + - description: OpenID Connect + name: oidc + - description: JSON Web Keys + name: jwk + - description: Well-Known Endpoints + name: wellknown + - description: Service Metadata + name: metadata x-forwarded-proto: string x-request-id: string - -