Milliways/lenticular_cloud2
4
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: Milliways:deb73d06e64371b6947d2479b0e9ab2a5eab12d6
Branches Tags
Milliways:master
...
compare: Milliways:4498be544b054aa35d742bff347c62ba12789f7a
Branches Tags
Milliways:master

10 commits
deb73d06e6 ... 4498be544b

Author SHA1 Message Date
tuxcoder
4498be544b changes to app_token 2023-10-22 19:45:37 +02:00
tuxcoder
5bda9e8d83 change column name from apptoken 2023-10-20 10:05:30 +02:00
tuxcoder
52f1e84c43 flake improvements 2023-10-20 09:58:32 +02:00
tuxcoder
eee18c1785 update 
add nix flake
make a restart
 2023-10-09 21:58:44 +02:00
tuxcoder
536668d8b9 update packages / nix packaging 2023-09-30 12:58:24 +02:00
TuxCoder
230d3e5fe8 fix error messages 2023-04-15 15:52:08 +02:00
TuxCoder
415ffc9bc4 add nix flake 2023-03-18 12:00:49 +01:00
TuxCoder
14d219eef7 more oauth2 fixes 2023-03-18 12:00:40 +01:00
TuxCoder
65ceb2abbd ory hydra update to version 2 2023-03-17 08:52:33 +01:00
TuxCoder
4a31250bca update to new version of openapi-python-client 
now: 0.13.0
 2023-01-13 19:21:38 +01:00
196 changed files with 14652 additions and 11893 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -10,3 +10,6 @@ node_modules
*.egg-info *.egg-info
/.tox /.tox
/dist /dist
build
result
nixos.qcow2

6
.vscode/settings.json vendored Normal file
View file

@ -0,0 +1,6 @@
{
"nixEnvSelector.suggestion": false,
"nixEnvSelector.nixFile": "${workspaceRoot}/shell.nix",
"python.linting.mypyEnabled": true,
"python.linting.enabled": true
}

2
MANIFEST.in
View file

@ -1,5 +1,5 @@
recursive-include lenticular_cloud/template * recursive-include lenticular_cloud/template *
recursive-include lenticular_cloud/static ** recursive-include lenticular_cloud/static **
recursive-include lenticular_cloud/migrations ** recursive-include lenticular_cloud/migrations **
include lenticular_cloud/*.cfg include lenticular_cloud/*.toml

173
default.nix
View file

@ -1,164 +1,11 @@
{
pkgs,
python ? pkgs.python310,
nodejs ? pkgs.nodejs,
...}:
let
nixNodePackage = builtins.fetchGit {
url = "https://github.com/mkg20001/nix-node-package.git";
rev = "03285e212016db5f28530563b58cfcc5706ff73f";
};
makeNode = import "${nixNodePackage}/nix/default.nix" pkgs {
root = ./.;
install = false;
nodejs = nodejs;
};
node-env = makeNode { };
urlobject = with python.pkgs; buildPythonPackage rec { (import
pname = "URLObject"; (
version = "2.4.3"; let lock = builtins.fromJSON (builtins.readFile ./flake.lock); in
src = fetchPypi { fetchTarball {
inherit pname version; url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = "47b2e20e6ab9c8366b2f4a3566b6ff4053025dad311c4bb71279bbcfa2430caa"; sha256 = lock.nodes.flake-compat.locked.narHash;
}; }
doCheck = true; )
propagatedBuildInputs = [ { src = ./.; }
]; ).defaultNix
};
python_attrs = with python.pkgs; buildPythonPackage rec {
pname = "attrs";
version = "21.4.0";
src = fetchPypi {
inherit pname version;
sha256 = "626ba8234211db98e869df76230a137c4c40a12d72445c45d5f5b716f076e2fd";
};
#doCheck = true;
doCheck = false;
propagatedBuildInputs = [
];
};
flask-dance = with python.pkgs; buildPythonPackage rec {
pname = "Flask-Dance";
version = "6.0.0";
src = fetchPypi {
inherit pname version;
sha256 = "15bb3c412eb789a2d904bfd0fd44aac2d94f82703a51d14123fd336136d55db0";
};
doCheck = false;
propagatedBuildInputs = [
requests
oauthlib
requests_oauthlib
flask
urlobject
];
checkInputs = [
pytest
nose
pytest-mock
responses
freezegun
coverage
# testing sqlalchemy support
sqlalchemy
flask_sqlalchemy
# testing integration with other extensions
flask_login
flask-caching
betamax
# we need the `signedtoken` extra for `oauthlib`
# oauthlib[signedtoken]
];
};
ldap3-orm = with python.pkgs; buildPythonPackage rec {
pname = "ldap3-orm";
version = "2.7.0";
src = fetchPypi {
inherit pname version;
sha256 = "8783886d4ce90d66da61ce24619593a265b50f0de1fbebe86df95c6788661664";
};
doCheck = false;
propagatedBuildInputs = [
ldap3
six
];
};
u2flib-server = {};
ory-hydra-client-old = with python.pkgs; buildPythonPackage rec {
pname = "ory-hydra-client";
version = "1.10.6";
src = fetchPypi {
inherit pname version;
sha256 = "57f877e55a8f202db27f5cbae9c55a1b1a91848ef46d0cbd3b710ef77882095c";
};
doCheck = false;
propagatedBuildInputs = [
urllib3
python-dateutil
];
};
ory-hydra-client = with python.pkgs; buildPythonPackage rec {
pname = "ory-hydra-client";
version = "1.9.2";
src = ./libs/ory-hydra-client;
# doCheck = false;
propagatedBuildInputs = [
urllib3
python-dateutil
#python_attrs
attrs
httpx
];
};
in
{
nativeBuildInputs = with python.pkgs; [
flask
flask-restful
flask_sqlalchemy
flask_wtf
flask-babel
flask_login
requests
requests_oauthlib
ldap3
ldap3-orm
pyotp
cryptography
blinker
ory-hydra-client
authlib # as oauth client lib
fido2 # for webauthn
flask_migrate # db migrations
nodejs
#node-env
gunicorn
flask-dance
#python-u2flib-server
#flask-debug
];
testBuildInputs = with python.pkgs; [
pytest
pytest-mypy
flask_testing
tox
types-dateutil
nose
mypy
];
}

118
flake.lock generated Normal file
View file

@ -0,0 +1,118 @@
{
"nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nix-node-package": {
"flake": false,
"locked": {
"lastModified": 1694372307,
"narHash": "sha256-18dhHWJfa0QB0fPsaYvRwGd86BVn6xMkN6mDmiDKack=",
"owner": "mkg20001",
"repo": "nix-node-package",
"rev": "97ac59276f12f768062e4eb336fc77079d5fb6a0",
"type": "github"
},
"original": {
"owner": "mkg20001",
"repo": "nix-node-package",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1697059129,
"narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"root": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nix-node-package": "nix-node-package",
"nixpkgs": "nixpkgs",
"tuxpkgs": "tuxpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tuxpkgs": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1696700871,
"narHash": "sha256-9VFEJEfnfnCS1+kLznxd+OiDYdMnLP00+XR53iPfnK4=",
"ref": "refs/heads/master",
"rev": "a25f5792a256beaed2a9f944fccdea8ea7a8d44b",
"revCount": 6,
"type": "git",
"url": "ssh://git@git.o-g.at/nixpkg/tuxpkgs.git"
},
"original": {
"type": "git",
"url": "ssh://git@git.o-g.at/nixpkg/tuxpkgs.git"
}
}
},
"root": "root",
"version": 7
}

67
flake.nix Normal file
View file

@ -0,0 +1,67 @@
{
description = "Lenticular cloud interface";
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
flake-compat = { # for shell.nix
url = "github:edolstra/flake-compat";
flake = false;
};
nix-node-package = {
url = "github:mkg20001/nix-node-package";
flake = false;
};
tuxpkgs = {
url = "git+ssh://git@git.o-g.at/nixpkg/tuxpkgs.git";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
};
outputs = { self, nixpkgs, nix-node-package, flake-utils, tuxpkgs, ... }:
flake-utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages.${system}.extend (import ./overlay.nix);
in rec {
formatter = pkgs.nixpkgs-fmt;
devShells.default = pkgs.mkShell {packages = [
(pkgs.python3.withPackages (ps: (
pkgs.lenticular-cloud.propagatedBuildInputs ++
pkgs.lenticular-cloud.testBuildInputs
)))
];};
packages.default = pkgs.lenticular-cloud;
checks = {
package = packages.default;
devShells = devShells.default;
};
}) // {
nixosModules = {
default = import ./module.nix;
};
overlays.default = import ./overlay.nix;
nixosConfigurations.testSystem = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
self.nixosModules.default
tuxpkgs.nixosModules.ory-hydra
"${nixpkgs}/nixos/modules/virtualisation/qemu-vm.nix"
({...}:{
security.acme.acceptTerms = true;
security.acme.defaults.email = "acme@example.com";
services.lenticular-cloud = {
enable = true;
domain = "example.com";
};
services.ory-hydra = {
enable = true;
admin_domain = "admin-hydra.local";
};
networking.hosts = {"::1" = [ "admin-hydra.local" ]; };
services.getty.autologinUser = "root";
virtualisation.qemu.options = ["-vga none"];
})
];
};
};
}

51
lenticular_cloud/app.py
View file

@ -1,11 +1,14 @@
from flask.app import Flask from flask.app import Flask
from flask import g, redirect, request from flask import g
from flask.helpers import url_for from flask.json.provider import DefaultJSONProvider
import time import time
import subprocess import subprocess
from lenticular_cloud.lenticular_services import lenticular_services from lenticular_cloud.lenticular_services import lenticular_services
from ory_hydra_client import Client
import os import os
import toml
import json
import logging
from uuid import UUID
from pathlib import Path from pathlib import Path
@ -15,6 +18,7 @@ from .translations import init_babel
from .model import db, migrate from .model import db, migrate
from .views import auth_views, frontend_views, init_login_manager, api_views, pki_views, admin_views, oauth2_views from .views import auth_views, frontend_views, init_login_manager, api_views, pki_views, admin_views, oauth2_views
logger = logging.getLogger(__name__)
def get_git_hash(): def get_git_hash():
try: try:
@ -23,13 +27,33 @@ def get_git_hash():
return '' return ''
def create_app() -> Flask:
class CustomJSONEncoder(DefaultJSONProvider):
def default(self, obj):
if isinstance(obj, UUID):
# if the obj is uuid, we simply return the value of uuid
return obj.hex
return super().default(obj)
def create_app_raw(config_files: list[Path]) -> Flask:
name = "lenticular_cloud" name = "lenticular_cloud"
app = Flask(name, template_folder='template') app = Flask(name, template_folder='template')
app.config.from_pyfile('application.cfg') app.json_provider_class = CustomJSONEncoder
active_cfg = os.getenv('CONFIG_FILE', 'production.cfg')
app.config.from_pyfile(active_cfg)
# config
app.config.from_file('config_development.toml', toml.load)
for config_file in config_files:
active_cfg = str(config_file.absolute())
if active_cfg.endswith(".toml"):
logger.info(f"load toml config file from {active_cfg}")
app.config.from_file(active_cfg, toml.load)
elif active_cfg.endswith(".json"):
logger.info(f"load json config file from {active_cfg}")
app.config.from_file(active_cfg, json.load)
else:
logger.info(f"load pyfile config file from {active_cfg}")
app.config.from_pyfile(active_cfg)
app.jinja_env.globals['GIT_HASH'] = get_git_hash() app.jinja_env.globals['GIT_HASH'] = get_git_hash()
db.init_app(app) db.init_app(app)
@ -45,9 +69,9 @@ def create_app() -> Flask:
# host=app.config['HYDRA_ADMIN_URL'], # host=app.config['HYDRA_ADMIN_URL'],
# username=app.config['HYDRA_ADMIN_USER'], # username=app.config['HYDRA_ADMIN_USER'],
# password=app.config['HYDRA_ADMIN_PASSWORD']) # password=app.config['HYDRA_ADMIN_PASSWORD'])
hydra_service.set_hydra_client(Client(base_url=app.config['HYDRA_ADMIN_URL'])) hydra_service.init_app(app)
init_login_manager(app) init_login_manager(app) # has to be after hydra_service
app.register_blueprint(auth_views) app.register_blueprint(auth_views)
app.register_blueprint(frontend_views) app.register_blueprint(frontend_views)
app.register_blueprint(api_views) app.register_blueprint(api_views)
@ -66,3 +90,12 @@ def create_app() -> Flask:
return app return app
def create_app() -> Flask:
evn_var = os.getenv('CONFIG_FILE', None)
if isinstance(evn_var, str):
active_cfgs = list(map(Path, evn_var.split(':')))
else:
active_cfgs = [ Path() / 'production.toml' ]
return create_app_raw(active_cfgs)

5
lenticular_cloud/cli.py
View file

@ -1,4 +1,5 @@
import argparse import argparse
from typing import Optional
from .model import db, User from .model import db, User
from .app import create_app from .app import create_app
from werkzeug.middleware.proxy_fix import ProxyFix from werkzeug.middleware.proxy_fix import ProxyFix
@ -64,7 +65,7 @@ def cli_signup(args) -> None:
if args.signup_id is not None: if args.signup_id is not None:
user = User.query.get(args.signup_id) user = User.query.get(args.signup_id)
if user == None: if user is None:
print("user not found") print("user not found")
return return
user.enabled = True user.enabled = True
@ -87,7 +88,7 @@ def cli_run(app: Flask, args) -> None:
def cli_db_upgrade(args) -> None: def cli_db_upgrade(args) -> None:
app = create_app() app = create_app()
migration_dir = Path(app.root_path) / 'migrations' migration_dir = Path(app.root_path) / 'migrations'
upgrade( str(migration_dir) ) upgrade( str(migration_dir), revision='head' )
if __name__ == "__main__": if __name__ == "__main__":

44
lenticular_cloud/application.cfg → lenticular_cloud/config_development.toml
View file

@ -6,16 +6,11 @@ PREFERRED_URL_SCHEME = 'https'
DATA_FOLDER = "../data" DATA_FOLDER = "../data"
SCRIPT_LOCATION="lenticular_cloud:migrations" SCRIPT_LOCATION="lenticular_cloud:migrations"
SQLALCHEMY_DATABASE_URI = f'sqlite:///{DATA_FOLDER}/db.sqlite' SQLALCHEMY_DATABASE_URI = 'sqlite:///../data/db.sqlite'
SQLALCHEMY_TRACK_MODIFICATIONS=False SQLALCHEMY_TRACK_MODIFICATIONS = false
LDAP_URL = 'ldaps://ldap.example.org'
LDAP_BASE_DN = 'dc=example,dc=com'
LDAP_BIND_DN = 'cn=admin,' + LDAP_BASE_DN
LDAP_BIND_PW = '123456'
PKI_PATH = f'{DATA_FOLDER}/pki' PKI_PATH = "../data/pki"
DOMAIN = 'example.com' DOMAIN = 'example.com'
#SERVER_NAME = f'account.{ DOMAIN }:9090' #SERVER_NAME = f'account.{ DOMAIN }:9090'
@ -30,17 +25,24 @@ OAUTH_ID = 'identiy_provider'
OAUTH_SECRET = 'ThisIsNotSafe' OAUTH_SECRET = 'ThisIsNotSafe'
[LENTICULAR_CLOUD_SERVICES.jabber]
app_token = true
# client_cert= true
LENTICULAR_CLOUD_SERVICES = {
'jabber': { [LENTICULAR_CLOUD_SERVICES.mail-cardav]
'client_cert': True, app_token = true
'pki_config':{
'email': '{username}@jabber.{domain}' # LENTICULAR_CLOUD_SERVICES = {
}, # 'jabber': {
'app_token': True # 'client_cert': True,
}, # 'pki_config':{
'mail-cardav': { # 'email': '{username}@jabber.{domain}'
'client_cert': False, # },
'app_token': True # 'app_token': True
} # },
} # 'mail-cardav': {
# 'client_cert': False,
# 'app_token': True
# }
# }

1
lenticular_cloud/form/frontend.py
View file

@ -35,6 +35,7 @@ class TOTPDeleteForm(FlaskForm):
class AppTokenForm(FlaskForm): class AppTokenForm(FlaskForm):
name = StringField(gettext('name'), validators=[DataRequired(),Length(min=1, max=255) ]) name = StringField(gettext('name'), validators=[DataRequired(),Length(min=1, max=255) ])
scopes = StringField(gettext('scopes'), validators=[DataRequired(),Length(min=1, max=255) ])
submit = SubmitField(gettext('Activate')) submit = SubmitField(gettext('Activate'))
class AppTokenDeleteForm(FlaskForm): class AppTokenDeleteForm(FlaskForm):

50
lenticular_cloud/hydra.py
View file

@ -1,13 +1,55 @@
from flask import Flask
from ory_hydra_client import Client from ory_hydra_client import Client
from typing import Optional from typing import Optional
from ory_hydra_client.api.o_auth_2 import list_o_auth_2_clients, create_o_auth_2_client
from ory_hydra_client.models.o_auth_20_client import OAuth20Client
class HydraService: class HydraService:
def __init__(self): def __init__(self) -> None:
self._hydra_client = None # type: Optional[Client] self._hydra_client: Optional[Client] = None
self._oauth_client = None # type: Optional[Client] self._oauth_client: Optional[Client] = None
self.client_id = ''
self.client_secret = ''
def init_app(self, app: Flask) -> None:
self.set_hydra_client(Client(base_url=app.config['HYDRA_ADMIN_URL']))
client_name = app.config['OAUTH_ID']
client_secret = app.config['OAUTH_SECRET']
clients = list_o_auth_2_clients.sync_detailed(_client=self.hydra_client).parsed
if clients is None:
raise RuntimeError("could not get clients list")
client: Optional[OAuth20Client] = None
for c in clients:
if c.client_name == client_name:
client = c
break
if client is None:
domain = app.config['DOMAIN']
client = OAuth20Client(
client_name="identiy_provider",
# client_id=client_id,
client_secret=client_secret,
response_types=["code", "id_token"],
scope="openid profile manage",
grant_types=["authorization_code", "refresh_token"],
redirect_uris=[ f"https://{domain}/oauth/authorized" ],
token_endpoint_auth_method="client_secret_basic",
)
ret = create_o_auth_2_client.sync(json_body=client, _client=self.hydra_client)
if ret is None:
raise RuntimeError("could not crate account")
if type(client.client_id) is not str:
raise RuntimeError("could not parse client_id from ory-hydra")
self.client_id = client.client_id
self.client_secret = client_secret
@property @property
def hydra_client(self) -> Client: def hydra_client(self) -> Client:

63
lenticular_cloud/migrations/versions/a74320a5d7a1_init.py Normal file
View file

@ -0,0 +1,63 @@
"""init
Revision ID: a74320a5d7a1
Revises:
Create Date: 2023-10-01 20:15:53.795636
"""
from alembic import op
import sqlalchemy as sa
# revision identifiers, used by Alembic.
revision = 'a74320a5d7a1'
down_revision = None
branch_labels = None
depends_on = None
def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.create_table('group',
sa.Column('id', sa.Integer(), autoincrement=True, nullable=False),
sa.Column('name', sa.String(), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('modified_at', sa.DateTime(), nullable=False),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('name')
)
op.create_table('user',
sa.Column('id', sa.Uuid(), nullable=False),
sa.Column('username', sa.String(), nullable=False),
sa.Column('password_hashed', sa.String(), nullable=False),
sa.Column('alternative_email', sa.String(), nullable=True),
sa.Column('last_login', sa.DateTime(), nullable=True),
sa.Column('enabled', sa.Boolean(), nullable=False),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('modified_at', sa.DateTime(), nullable=False),
sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('username')
)
op.create_table('app_token',
sa.Column('id', sa.Integer(), autoincrement=True, nullable=False),
sa.Column('scopes', sa.String(), nullable=False),
sa.Column('user_id', sa.Uuid(), nullable=False),
sa.Column('token', sa.String(), nullable=False),
sa.Column('name', sa.String(), nullable=False),
sa.Column('last_used', sa.DateTime(), nullable=True),
sa.Column('created_at', sa.DateTime(), nullable=False),
sa.Column('modified_at', sa.DateTime(), nullable=False),
sa.ForeignKeyConstraint(['user_id'], ['user.id'], ),
sa.PrimaryKeyConstraint('id')
)
# ### end Alembic commands ###
def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
op.drop_table('webauthn_credential')
op.drop_table('totp')
op.drop_table('app_token')
op.drop_table('user')
op.drop_table('group')
# ### end Alembic commands ###

52
lenticular_cloud/migrations/versions/0518a8625b50_remove_ldap_add_rest_to_db.py → lenticular_cloud/migrations/versions/old/0518a8625b50_remove_ldap_add_rest_to_db.py
View file

@ -9,9 +9,6 @@ from alembic import op
import sqlalchemy as sa import sqlalchemy as sa
from flask import current_app from flask import current_app
from lenticular_cloud.model import User from lenticular_cloud.model import User
from ldap3_orm import AttrDef, EntryBase as _EntryBase, ObjectDef, EntryType
from ldap3_orm import Reader
from ldap3 import Connection, Server, ALL
import logging import logging
@ -23,14 +20,6 @@ depends_on = None
def upgrade(): def upgrade():
app = current_app
server = Server(app.config['LDAP_URL'], get_info=ALL)
ldap_conn = Connection(server, app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PW'], auto_bind=True) # TODO auto_bind read docu
base_dn = app.config['LDAP_BASE_DN']
object_def = ObjectDef(["inetOrgPerson"], ldap_conn)
user_base_dn = f"ou=users,{base_dn}"
# ### commands auto generated by Alembic - please adjust! ### # ### commands auto generated by Alembic - please adjust! ###
op.create_table('app_token', op.create_table('app_token',
sa.Column('id', sa.Integer(), nullable=False), sa.Column('id', sa.Integer(), nullable=False),
@ -49,21 +38,36 @@ def upgrade():
op.add_column('user', sa.Column('password_hashed', sa.String(), server_default="", nullable=False)) op.add_column('user', sa.Column('password_hashed', sa.String(), server_default="", nullable=False))
op.add_column('user', sa.Column('enabled', sa.Boolean(), server_default="false", nullable=True)) op.add_column('user', sa.Column('enabled', sa.Boolean(), server_default="false", nullable=True))
# ### end Alembic commands ### # ### end Alembic commands ###
try:
from ldap3_orm import AttrDef, EntryBase as _EntryBase, ObjectDef, EntryType
from ldap3_orm import Reader
from ldap3 import Connection, Server, ALL
op.execute(User.__table__.update().values({'enabled': True})) app = current_app
conn = op.get_bind() server = Server(app.config['LDAP_URL'], get_info=ALL)
users = conn.execute(User.__table__.select()) ldap_conn = Connection(server, app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PW'], auto_bind=True) # TODO auto_bind read docu
base_dn = app.config['LDAP_BASE_DN']
object_def = ObjectDef(["inetOrgPerson"], ldap_conn)
user_base_dn = f"ou=users,{base_dn}"
for user in users:
print(f"migrating user {user.username}")
reader = Reader(ldap_conn, object_def, user_base_dn, f'(uid={user.username})') op.execute(User.__table__.update().values({'enabled': True}))
result = reader.search() conn = op.get_bind()
if len(result) == 0: users = conn.execute(User.__table__.select())
print(f"WARNING: could not migrate user {user.username}")
continue for user in users:
ldap_object = result[0] print(f"migrating user {user.username}")
password_hashed = ldap_object.userPassword[0].decode().replace('{CRYPT}','') reader = Reader(ldap_conn, object_def, user_base_dn, f'(uid={user.username})')
op.execute(User.__table__.update().values({'password_hashed': password_hashed}).where(User.id == user.id)) result = reader.search()
if len(result) == 0:
print(f"WARNING: could not migrate user {user.username}")
continue
ldap_object = result[0]
password_hashed = ldap_object.userPassword[0].decode().replace('{CRYPT}','')
op.execute(User.__table__.update().values({'password_hashed': password_hashed}).where(User.id == user.id))
except ModuleNotFoundError:
print("ignore import warning")

6
lenticular_cloud/migrations/versions/0f217e90cd07_fix_app_token.py → lenticular_cloud/migrations/versions/old/0f217e90cd07_fix_app_token.py
View file

@ -18,10 +18,10 @@ depends_on = None
def upgrade(): def upgrade():
# ### commands auto generated by Alembic - please adjust! ### # ### commands auto generated by Alembic - please adjust! ###
op.add_column('app_token', sa.Column('user_id', sa.String(length=36), nullable=False)) with op.batch_alter_table('app_token') as batch_op:
op.add_column('app_token', sa.Column('last_used', sa.DateTime(), nullable=True)) batch_op.add_column(sa.Column('user_id', sa.Uuid, nullable=False))
batch_op.add_column(sa.Column('last_used', sa.DateTime(), nullable=True))
op.create_foreign_key(None, 'app_token', 'user', ['user_id'], ['id']) op.create_foreign_key(None, 'app_token', 'user', ['user_id'], ['id'])
op.add_column('totp', sa.Column('last_used', sa.DateTime(), nullable=True))
tmp_table = sa.Table('_alembic_tmp_user', sa.MetaData()) tmp_table = sa.Table('_alembic_tmp_user', sa.MetaData())
op.execute(sa.schema.DropTable(tmp_table, if_exists=True)) op.execute(sa.schema.DropTable(tmp_table, if_exists=True))
with op.batch_alter_table('user') as batch_op: with op.batch_alter_table('user') as batch_op:

2
lenticular_cloud/migrations/versions/52a21983d2a8_add_webauthn.py → lenticular_cloud/migrations/versions/old/52a21983d2a8_add_webauthn.py
View file

@ -20,7 +20,7 @@ def upgrade():
# ### commands auto generated by Alembic - please adjust! ### # ### commands auto generated by Alembic - please adjust! ###
op.create_table('webauthn_credential', op.create_table('webauthn_credential',
sa.Column('id', sa.Integer(), nullable=False), sa.Column('id', sa.Integer(), nullable=False),
sa.Column('user_id', sa.String(length=36), nullable=False), sa.Column('user_id', sa.Uuid(), nullable=False),
sa.Column('user_handle', sa.String(length=64), nullable=False), sa.Column('user_handle', sa.String(length=64), nullable=False),
sa.Column('credential_data', sa.LargeBinary(), nullable=False), sa.Column('credential_data', sa.LargeBinary(), nullable=False),
sa.Column('name', sa.String(length=250), nullable=True), sa.Column('name', sa.String(length=250), nullable=True),

0
lenticular_cloud/migrations/versions/ff2f2e871dfc_init.py → lenticular_cloud/migrations/versions/old/ff2f2e871dfc_init.py
View file

138
lenticular_cloud/model.py
View file

@ -11,12 +11,15 @@ import logging
import crypt import crypt
import secrets import secrets
import string import string
from flask_sqlalchemy import SQLAlchemy, orm from sqlalchemy import null
from sqlalchemy.orm import DeclarativeBase, MappedAsDataclass, Mapped, mapped_column, relationship, declarative_base
from flask_sqlalchemy import SQLAlchemy
from flask_sqlalchemy.model import Model, DefaultMeta
from flask_sqlalchemy.extension import _FSAModel
from flask_migrate import Migrate from flask_migrate import Migrate
from datetime import datetime from datetime import datetime
import uuid import uuid
import pyotp from typing import Iterator, Optional, List, Dict, Tuple, Any, Type, TYPE_CHECKING
from typing import Optional, Callable
from cryptography.x509 import Certificate as CertificateObj from cryptography.x509 import Certificate as CertificateObj
from sqlalchemy.ext.declarative import DeclarativeMeta from sqlalchemy.ext.declarative import DeclarativeMeta
@ -28,8 +31,18 @@ logger = logging.getLogger(__name__)
db = SQLAlchemy() db = SQLAlchemy()
migrate = Migrate() migrate = Migrate()
class BaseModelIntern(MappedAsDataclass, DeclarativeBase):
pass
BaseModel: DeclarativeMeta = db.Model if TYPE_CHECKING:
class BaseModel (_FSAModel,BaseModelIntern):
pass
else:
BaseModel: Type[_FSAModel] = db.Model
class ModelUpdatedMixin:
created_at: Mapped[datetime] = mapped_column(db.DateTime, default=datetime.now(), nullable=False)
modified_at: Mapped[datetime] = mapped_column(db.DateTime, default=datetime.now(), onupdate=datetime.now, nullable=False)
class SecurityUser(UserMixin): class SecurityUser(UserMixin):
@ -140,28 +153,27 @@ def generate_uuid():
return str(uuid.uuid4()) return str(uuid.uuid4())
class User(BaseModel): class User(BaseModel, ModelUpdatedMixin):
id = db.Column( id: Mapped[uuid.UUID] = mapped_column(db.Uuid, primary_key=True, default=uuid.uuid4)
db.String(length=36), primary_key=True, default=generate_uuid) username: Mapped[str] = mapped_column(db.String, unique=True, nullable=False)
username = db.Column( password_hashed: Mapped[str] = mapped_column(db.String, nullable=False)
db.String, unique=True, nullable=False) alternative_email: Mapped[Optional[str]] = mapped_column( db.String, nullable=True)
password_hashed = db.Column( last_login: Mapped[Optional[datetime]] = mapped_column(db.DateTime, nullable=True)
db.String, nullable=False)
alternative_email = db.Column(
db.String, nullable=True)
created_at = db.Column(db.DateTime, nullable=False,
default=datetime.now)
modified_at = db.Column(db.DateTime, nullable=False,
default=datetime.now, onupdate=datetime.now)
last_login = db.Column(db.DateTime, nullable=True)
enabled = db.Column(db.Boolean, nullable=False, default=False) enabled: Mapped[bool] = mapped_column(db.Boolean, nullable=False, default=False)
app_tokens = db.relationship('AppToken', back_populates='user') app_tokens: Mapped[List['AppToken']] = relationship('AppToken', back_populates='user')
totps = db.relationship('Totp', back_populates='user') # totps: Mapped[List['Totp']] = relationship('Totp', back_populates='user', default_factory=list)
webauthn_credentials = db.relationship('WebauthnCredential', back_populates='user', cascade='delete,delete-orphan', passive_deletes=True) # webauthn_credentials: Mapped[List['WebauthnCredential']] = relationship('WebauthnCredential', back_populates='user', cascade='delete,delete-orphan', passive_deletes=True, default_factory=list)
def __init__(self, **kwargs): @property
def totps(self) -> List['Totp']:
return []
@property
def webauthn_credentials(self) -> List['WebauthnCredential']:
return []
def __init__(self, **kwargs) -> None:
super().__init__(**kwargs) super().__init__(**kwargs)
@property @property
@ -186,66 +198,66 @@ class User(BaseModel):
def change_password(self, password_new: str) -> None: def change_password(self, password_new: str) -> None:
self.password_hashed = crypt.crypt(password_new) self.password_hashed = crypt.crypt(password_new)
def get_tokens_by_service(self, service: Service) -> list['AppToken']: def get_token_by_name(self, name: str) -> Optional['AppToken']:
return [ token for token in self.app_tokens if token.service_name == service.name ]
def get_token(self, service: Service, name: str) -> Optional['AppToken']:
for token in self.app_tokens: for token in self.app_tokens:
if token.service_name == service.name and token.name == name: if token.name == name:
return token # type: ignore return token
return None return None
class AppToken(BaseModel): def get_token_by_scope(self, scope: str) -> Iterator['AppToken']:
id = db.Column(db.Integer, primary_key=True) for token in self.app_tokens:
service_name = db.Column(db.String, nullable=False) if scope in token.scopes.split():
user_id = db.Column( yield token # type: ignore
db.String(length=36),
class AppToken(BaseModel, ModelUpdatedMixin):
id: Mapped[int] = mapped_column(primary_key=True, autoincrement=True)
scopes: Mapped[str] = mapped_column(nullable=False) # string of a list seperated by `,`
user_id: Mapped[uuid.UUID] = mapped_column(
db.Uuid,
db.ForeignKey(User.id), nullable=False) db.ForeignKey(User.id), nullable=False)
user = db.relationship(User) user: Mapped[User] = relationship(User, back_populates="app_tokens")
token = db.Column(db.String, nullable=False) token: Mapped[str] = mapped_column(nullable=False)
name = db.Column(db.String, nullable=False) name: Mapped[str] = mapped_column(nullable=False)
last_used = db.Column(db.DateTime, nullable=True) last_used: Mapped[Optional[datetime]] = mapped_column(db.DateTime, nullable=True, default=None)
@staticmethod @staticmethod
def new(service: Service): def new(user: User, scopes: str, name: str):
app_token = AppToken()
app_token.service_name = service.name
alphabet = string.ascii_letters + string.digits alphabet = string.ascii_letters + string.digits
app_token.token = ''.join(secrets.choice(alphabet) for i in range(12)) token = ''.join(secrets.choice(alphabet) for i in range(12))
return app_token return AppToken(scopes=scopes, token=token, user=user, name=name)
class Totp(BaseModel): class Totp(BaseModel, ModelUpdatedMixin):
id = db.Column(db.Integer, primary_key=True) id: Mapped[int] = mapped_column(primary_key=True, autoincrement=True)
secret = db.Column(db.String, nullable=False) secret: Mapped[str] = mapped_column(db.String, nullable=False)
name = db.Column(db.String, nullable=False) name: Mapped[str] = mapped_column(db.String, nullable=False)
created_at = db.Column(db.DateTime, default=datetime.now, nullable=False)
last_used = db.Column(db.DateTime, nullable=True)
user_id = db.Column( user_id: Mapped[uuid.UUID] = mapped_column(
db.String(length=36), db.Uuid,
db.ForeignKey(User.id), nullable=False) db.ForeignKey(User.id), nullable=False)
user = db.relationship(User) # user: Mapped[User] = relationship(User, back_populates="totp")
last_used: Mapped[Optional[datetime]] = mapped_column(db.DateTime, nullable=True, default=None)
def verify(self, token: str) -> bool: def verify(self, token: str) -> bool:
totp = pyotp.TOTP(self.secret) totp = pyotp.TOTP(self.secret)
return totp.verify(token) return totp.verify(token)
class WebauthnCredential(BaseModel): # pylint: disable=too-few-public-methods class WebauthnCredential(BaseModel, ModelUpdatedMixin): # pylint: disable=too-few-public-methods
"""Webauthn credential model""" """Webauthn credential model"""
id = db.Column(db.Integer, primary_key=True) id: Mapped[int] = mapped_column(primary_key=True, autoincrement=True)
user_id = db.Column(db.String(length=36), db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False) user_id: Mapped[uuid.UUID] = mapped_column(db.Uuid, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
user_handle = db.Column(db.String(64), nullable=False) user_handle: Mapped[str] = mapped_column(db.String(64), nullable=False)
credential_data = db.Column(db.LargeBinary, nullable=False) credential_data: Mapped[bytes] = mapped_column(db.LargeBinary, nullable=False)
name = db.Column(db.String(250)) name: Mapped[str] = mapped_column(db.String(250), nullable=False)
registered = db.Column(db.DateTime, default=datetime.utcnow) registered: Mapped[datetime] = mapped_column(db.DateTime, default=datetime.utcnow, nullable=False)
user = db.relationship('User', back_populates='webauthn_credentials') # user = db.relationship('User', back_populates='webauthn_credentials')
class Group(BaseModel): class Group(BaseModel, ModelUpdatedMixin):
id = db.Column(db.Integer, primary_key=True) id: Mapped[int] = mapped_column(primary_key=True, autoincrement=True)
name = db.Column(db.String(), nullable=False, unique=True) name: Mapped[str] = mapped_column(db.String(), nullable=False, unique=True)

5
lenticular_cloud/pki.py
View file

@ -3,7 +3,7 @@ from cryptography import x509
from cryptography.hazmat.backends import default_backend from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa from cryptography.hazmat.primitives.asymmetric import rsa, dh
from cryptography.x509.oid import NameOID, ExtendedKeyUsageOID from cryptography.x509.oid import NameOID, ExtendedKeyUsageOID
from cryptography.x509 import ObjectIdentifier from cryptography.x509 import ObjectIdentifier
from pathlib import Path from pathlib import Path
@ -109,6 +109,9 @@ class Pki(object):
_public_key = serialization.load_pem_public_key( _public_key = serialization.load_pem_public_key(
publickey.encode(), backend=default_backend()) publickey.encode(), backend=default_backend())
if isinstance(_public_key, dh.DHPublicKey):
raise AssertionError('key can not be a dsa key')
ca_private_key, ca_cert = self._init_ca(service) ca_private_key, ca_cert = self._init_ca(service)
ca_name = service.name ca_name = service.name
username = str(user.username) username = str(user.username)

2
lenticular_cloud/template/auth/consent.html.j2
View file

@ -5,7 +5,7 @@
{% block content %} {% block content %}
<p> <p>
The application "{{ client.client_id }}" requested the following scopes: {{ requested_scope }} The application "{{ client.client_name }}" (id: {{ client.client_id }}) requested the following scopes: {{ requested_scope }}
</p> </p>
<p> Allow this app to access that data?</p> <p> Allow this app to access that data?</p>

67
lenticular_cloud/template/frontend/app_token.html.j2
View file

@ -4,47 +4,36 @@
{% block content %} {% block content %}
<ul class="nav nav-tabs" id="myTab" role="tablist"> <div>
{% for service in services.values() if service.app_token %} <table class="table">
<li class="nav-item"> <thead>
<a class="nav-link{{' active' if loop.first else ''}}" id="home-tab" data-toggle="tab" href="#{{ service.name }}" role="tab" aria-controls="home" aria-selected="true">{{ service.name }}</a> <tr>
</li> <th>name</th>
{% endfor %} <th>scopes</th>
</ul> <th>last used</th>
<th>created at<th>
<div class="tab-content" id="myTabContent"> <th> <th>
{% for service in services.values() if service.app_token %} </tr>
</thead>
<div class="tab-pane fade{{ ' show active' if loop.first else '' }}" id="{{ service.name }}" role="tabpanel" aria-labelledby="{{ service.name }}-tab"> <tbody>
<table class="table"> {% for app_token in current_user.app_tokens %}
<thead> <tr>
<tr> <td>{{ app_token.name }}</td>
<th>name</th> <td>{{ app_token.scopes }}</td>
<th>last used</th> <td>{{ app_token.last_used }}</td>
<th>created at<th> <td>{{ app_token.created_at }}</td>
<th> <th> <td>
</tr> {{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', app_token_name=app_token.name)) }}
</thead> {#
<tbody> <a title="{{ gettext('Revoke')}}" href="{{ url_for('.app_token_revoce', id=app_token.id) }}" onclick="client_cert.revoke_certificate(this.href, '{{ cert.serial_number_hex }}'); return false;"><i class="fas fa-ban"></i></a>
{% for app_token in current_user.get_tokens_by_service(service) %} #}
<tr> </td>
<td>{{ app_token.name }}</td> </tr>
<td>{{ app_token.last_used }}</td> {% endfor %}
<td>{{ app_token.created_at }}</td>
<td>
{{ render_form(delete_form, action_url=url_for('frontend.app_token_delete', service_name=service.name,app_token_name=app_token.name)) }}
{#
<a title="{{ gettext('Revoke')}}" href="{{ url_for('.app_token_revoce', id=app_token.id) }}" onclick="client_cert.revoke_certificate(this.href, '{{ cert.serial_number_hex }}'); return false;"><i class="fas fa-ban"></i></a>
#}
</td>
</tr>
{% endfor %}
</table> </table>
<a class="btn btn-primary" href="{{ url_for('frontend.app_token_new', service_name=service.name) }}"> <a class="btn btn-primary" href="{{ url_for('frontend.app_token_new') }}">
New Token New Token
</a> </a>
</div>
{% endfor %}
</div> </div>
{% endblock %} {% endblock %}

2
lenticular_cloud/template/frontend/app_token_new.html.j2
View file

@ -1,6 +1,6 @@
{% extends 'frontend/base.html.j2' %} {% extends 'frontend/base.html.j2' %}
{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %} {% block title %}{{ gettext('new app token') }}{% endblock %}
{% block content %} {% block content %}

4
lenticular_cloud/template/frontend/app_token_new_show.html.j2
View file

@ -1,12 +1,12 @@
{% extends 'frontend/base.html.j2' %} {% extends 'frontend/base.html.j2' %}
{% block title %}{{ gettext('new app token for {service_name}').format(service_name=service.name) }}{% endblock %} {% block title %}{{ gettext('new app token') }}{% endblock %}
{% block content %} {% block content %}
<div> <div>
<p> <p>
Your new App Token for {{ service.name }}: Your new App Token for scopes: {app_token.scopes}:
</p> </p>
<p> <p>

51
lenticular_cloud/translations/__init__.py
View file

@ -3,44 +3,61 @@ from flask_babel import Babel
from flask_login import current_user from flask_login import current_user
from typing import Optional from typing import Optional
from lenticular_cloud.model import db, User from lenticular_cloud.model import db, User
from importlib.metadata import version
LANGUAGES = { LANGUAGES = {
'en': 'English', 'en': 'English',
'de': 'Deutsch' 'de': 'Deutsch'
} }
babel = Babel()
@babel.localeselector
def get_locale() -> str: def get_locale() -> str:
# if a user is logged in, use the locale from the user settings # if a user is logged in, use the locale from the user settings
user = current_user # type: Optional[User] #user = current_user # type: Optional[User]
return 'de' return 'de'
# prefer lang argument # prefer lang argument
if 'lang' in request.args: # if 'lang' in request.args:
lang = request.args['lang'] # type: str # lang = request.args['lang'] # type: str
if lang in LANGUAGES: # if lang in LANGUAGES:
if not isinstance(user, User): # if not isinstance(user, User):
return lang # return lang
user.locale = lang # user.locale = lang
db.session.commit() # db.session.commit()
if isinstance(user, User): # if isinstance(user, User):
return user.locale # return user.locale
# otherwise try to guess the language from the user accept # # otherwise try to guess the language from the user accept
# header the browser transmits. We support de/fr/en in this # # header the browser transmits. We support de/fr/en in this
# example. The best match wins. # # example. The best match wins.
return request.accept_languages.best_match(['de']) # return request.accept_languages.best_match(['de'])
@babel.timezoneselector
def get_timezone() -> Optional[str]: def get_timezone() -> Optional[str]:
# user = getattr(g, 'user', None) # user = getattr(g, 'user', None)
# if user is not None: # if user is not None:
# return user.timezone # return user.timezone
return None return None
flask_babel_version = version('flask_babel')
kwargs = {}
if flask_babel_version >= "3.0.0":
kwargs = {
'locale_selector': get_locale,
#'timezone_selector': get_timezone,
}
babel = Babel(**kwargs)
if flask_babel_version < "3.0.0":
@babel.localeselector
def _get_locale() -> str:
return get_locale()
@babel.timezoneselector
def _get_timezone() -> Optional[str]:
return get_timezone()
def init_babel(app: Flask) -> None: def init_babel(app: Flask) -> None:
babel.init_app(app) babel.init_app(app)

22
lenticular_cloud/views/admin.py
View file

@ -6,10 +6,12 @@ from flask.typing import ResponseReturnValue
from flask_login import current_user, logout_user from flask_login import current_user, logout_user
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
from authlib.integrations.base_client.errors import InvalidTokenError from authlib.integrations.base_client.errors import InvalidTokenError
from ory_hydra_client.api.admin import list_o_auth_2_clients, get_o_auth_2_client, update_o_auth_2_client, create_o_auth_2_client from ory_hydra_client.api.o_auth_2 import list_o_auth_2_clients, get_o_auth_2_client, set_o_auth_2_client, create_o_auth_2_client
from ory_hydra_client.models import OAuth2Client, GenericError from ory_hydra_client.models import OAuth20Client, GenericError
from typing import Optional from typing import Optional, List
from collections.abc import Iterable from collections.abc import Iterable
from http import HTTPStatus
import httpx
import logging import logging
from ..model import db, User from ..model import db, User
@ -44,7 +46,7 @@ async def index() -> ResponseReturnValue:
@admin_views.route('/user', methods=['GET']) @admin_views.route('/user', methods=['GET'])
async def users(): async def users() -> ResponseReturnValue:
users = User.query.all() # type: Iterable[User] users = User.query.all() # type: Iterable[User]
return render_template('admin/users.html.j2', users=users) return render_template('admin/users.html.j2', users=users)
@ -77,7 +79,11 @@ def registration_accept(registration_id) -> ResponseReturnValue:
@admin_views.route('/clients') @admin_views.route('/clients')
async def clients() -> ResponseReturnValue: async def clients() -> ResponseReturnValue:
clients = await list_o_auth_2_clients.asyncio(_client=hydra_service.hydra_client) response = await list_o_auth_2_clients.asyncio_detailed(_client=hydra_service.hydra_client)
clients = response.parsed
if clients is None:
logger.error(f"could not fetch client list response {response}")
return 'internal error', 500
return render_template('admin/clients.html.j2', clients=clients) return render_template('admin/clients.html.j2', clients=clients)
@admin_views.route('/client/<client_id>', methods=['GET', 'POST']) @admin_views.route('/client/<client_id>', methods=['GET', 'POST'])
@ -92,7 +98,7 @@ async def client(client_id: str) -> ResponseReturnValue:
if form.validate_on_submit(): if form.validate_on_submit():
form.populate_obj(client) form.populate_obj(client)
client = await update_o_auth_2_client.asyncio(id=client_id ,json_body=client, _client=hydra_service.hydra_client) client = await set_o_auth_2_client.asyncio(id=client_id ,json_body=client, _client=hydra_service.hydra_client)
if client is None or isinstance(client, GenericError): if client is None or isinstance(client, GenericError):
logger.error(f"oauth2 client update failed: '{client_id}'") logger.error(f"oauth2 client update failed: '{client_id}'")
return 'client update failed', 500 return 'client update failed', 500
@ -105,7 +111,7 @@ async def client(client_id: str) -> ResponseReturnValue:
@admin_views.route('/client_new', methods=['GET','POST']) @admin_views.route('/client_new', methods=['GET','POST'])
async def client_new() -> ResponseReturnValue: async def client_new() -> ResponseReturnValue:
client = OAuth2Client() client = OAuth20Client()
form = OAuth2ClientForm() form = OAuth2ClientForm()
if form.validate_on_submit(): if form.validate_on_submit():
@ -113,7 +119,7 @@ async def client_new() -> ResponseReturnValue:
resp_client = await create_o_auth_2_client.asyncio(json_body=client, _client=hydra_service.hydra_client) resp_client = await create_o_auth_2_client.asyncio(json_body=client, _client=hydra_service.hydra_client)
if resp_client is None: if resp_client is None:
logger.error(f"oauth2 client update failed: '{client.client_id}'") logger.error(f"oauth2 client created failed: '{client.client_id}'")
return 'internal error', 500 return 'internal error', 500
return redirect(url_for('.client', client_id=client.client_id)) return redirect(url_for('.client', client_id=client.client_id))

52
lenticular_cloud/views/api.py
View file

@ -16,7 +16,7 @@ import secrets
from ..model import db, User from ..model import db, User
from ..hydra import hydra_service from ..hydra import hydra_service
from ..lenticular_services import lenticular_services from ..lenticular_services import lenticular_services
from ory_hydra_client.api.admin import introspect_o_auth_2_token from ory_hydra_client.api.o_auth_2 import introspect_o_auth_2_token
from ory_hydra_client.models import GenericError from ory_hydra_client.models import GenericError
@ -58,36 +58,36 @@ def introspect() -> ResponseReturnValue:
return jsonify(token_info) return jsonify(token_info)
@api_views.route('/login/<service_name>', methods=['POST']) # @api_views.route('/login/<service_name>', methods=['POST'])
def email_login(service_name: str) -> ResponseReturnValue: # def email_login(service_name: str) -> ResponseReturnValue:
if service_name not in lenticular_services: # if service_name not in lenticular_services:
return '', 404 # return '', 404
service = lenticular_services[service_name] # service = lenticular_services[service_name]
if not request.is_json: # if not request.is_json:
return jsonify({}), 400 # return jsonify({}), 400
req_payload = request.get_json() # type: Any # req_payload = request.get_json() # type: Any
if not isinstance(req_payload, dict): # if not isinstance(req_payload, dict):
return 'bad request', 400 # return 'bad request', 400
password = req_payload["password"] # password = req_payload["password"]
username = req_payload["username"] # username = req_payload["username"]
if '@' in username: # if '@' in username:
username = username.split('@')[0] # username = username.split('@')[0]
user = User.query.filter_by(username=username.lower()).first() # type: Optional[User] # user = User.query.filter_by(username=username.lower()).first() # type: Optional[User]
if user is None: # if user is None:
logger.warning(f'login with invalid username') # logger.warning(f'login with invalid username')
return jsonify({}), 403 # return jsonify({}), 403
for app_token in user.get_tokens_by_service(service): # for app_token in user.get_token_by_name(service):
if secrets.compare_digest(password, app_token.token): # if secrets.compare_digest(password, app_token.token):
app_token.last_used = datetime.now() # app_token.last_used = datetime.now()
db.session.commit() # db.session.commit()
return jsonify({'username': user.username}), 200 # return jsonify({'username': user.username}), 200
logger.warning(f'login with invalid password for {username}') # logger.warning(f'login with invalid password for {username}')
return jsonify({}), 403 # return jsonify({}), 403

56
lenticular_cloud/views/auth.py
View file

@ -17,9 +17,11 @@ import crypt
from datetime import datetime from datetime import datetime
import logging import logging
import json import json
from ory_hydra_client.api.admin import get_consent_request, accept_consent_request, accept_login_request, get_login_request, accept_login_request, accept_logout_request, get_login_request from ory_hydra_client.api.o_auth_2 import get_o_auth_2_consent_request, accept_o_auth_2_consent_request, accept_o_auth_2_login_request, get_o_auth_2_login_request, accept_o_auth_2_login_request, accept_o_auth_2_logout_request, get_o_auth_2_login_request
from ory_hydra_client.models import AcceptLoginRequest, AcceptConsentRequest, ConsentRequestSession, GenericError, ConsentRequestSessionAccessToken, ConsentRequestSessionIdToken from ory_hydra_client import models as ory_hydra_m
from ory_hydra_client.models import TheRequestPayloadUsedToAcceptALoginOrConsentRequest, TheRequestPayloadUsedToAcceptAConsentRequest, GenericError
from typing import Optional from typing import Optional
from uuid import uuid4
from ..model import db, User, SecurityUser from ..model import db, User, SecurityUser
from ..form.auth import ConsentForm, LoginForm, RegistrationForm from ..form.auth import ConsentForm, LoginForm, RegistrationForm
@ -43,19 +45,11 @@ async def consent() -> ResponseReturnValue:
remember_for = 60*60*24*30 # remember for 30 days remember_for = 60*60*24*30 # remember for 30 days
#try: #try:
consent_request = await get_consent_request.asyncio(consent_challenge=request.args['consent_challenge'],_client=hydra_service.hydra_client) consent_request = await get_o_auth_2_consent_request.asyncio(consent_challenge=request.args['consent_challenge'],_client=hydra_service.hydra_client)
if consent_request is None or isinstance( consent_request, GenericError): if consent_request is None or isinstance( consent_request, ory_hydra_m.OAuth20RedirectBrowserTo):
return redirect(url_for('frontend.index')) return redirect(url_for('frontend.index'))
# except ory_hydra_client.exceptions.ApiValueError:
# logger.info('ory exception - could not fetch user data ApiValueError')
# return redirect(url_for('frontend.index'))
# except ory_hydra_client.exceptions.ApiException:
# logger.exception('ory exception - could not fetch user data')
# return redirect(url_for('frontend.index'))
requested_scope = consent_request.requested_scope requested_scope = consent_request.requested_scope
requested_audiences = consent_request.requested_access_token_audience requested_audiences = consent_request.requested_access_token_audience
@ -63,7 +57,7 @@ async def consent() -> ResponseReturnValue:
user = User.query.get(consent_request.subject) # type: Optional[User] user = User.query.get(consent_request.subject) # type: Optional[User]
if user is None: if user is None:
return 'internal error', 500 return 'internal error', 500
token_data = { access_token = {
'name': str(user.username), 'name': str(user.username),
'preferred_username': str(user.username), 'preferred_username': str(user.username),
'username': str(user.username), 'username': str(user.username),
@ -73,22 +67,20 @@ async def consent() -> ResponseReturnValue:
#'family_name': '-', #'family_name': '-',
'groups': [group.name for group in user.groups] 'groups': [group.name for group in user.groups]
} }
id_token_data = {} id_token = {}
if isinstance(requested_scope, list) and 'openid' in requested_scope: if isinstance(requested_scope, list) and 'openid' in requested_scope:
id_token_data = token_data id_token = access_token
access_token=ConsentRequestSessionAccessToken.from_dict(token_data) body = TheRequestPayloadUsedToAcceptAConsentRequest(
id_token=ConsentRequestSessionIdToken.from_dict(id_token_data)
body = AcceptConsentRequest(
grant_scope= requested_scope, grant_scope= requested_scope,
grant_access_token_audience= requested_audiences, grant_access_token_audience= requested_audiences,
remember= form.data['remember'], remember= form.data['remember'],
remember_for= remember_for, remember_for= remember_for,
session= ConsentRequestSession( session= ory_hydra_m.PassSessionDataToAConsentRequest(
access_token= access_token, access_token= access_token,
id_token= id_token id_token= id_token
) )
) )
resp = await accept_consent_request.asyncio(_client=hydra_service.hydra_client, resp = await accept_o_auth_2_consent_request.asyncio(_client=hydra_service.hydra_client,
json_body=body, json_body=body,
consent_challenge=consent_request.challenge) consent_challenge=consent_request.challenge)
if resp is None or isinstance( resp, GenericError): if resp is None or isinstance( resp, GenericError):
@ -107,15 +99,15 @@ async def login() -> ResponseReturnValue:
login_challenge = request.args.get('login_challenge') login_challenge = request.args.get('login_challenge')
if login_challenge is None: if login_challenge is None:
return 'login_challenge missing', 400 return 'login_challenge missing', 400
login_request = await get_login_request.asyncio(_client=hydra_service.hydra_client, login_challenge=login_challenge) login_request = await get_o_auth_2_login_request.asyncio(_client=hydra_service.hydra_client, login_challenge=login_challenge)
if login_request is None or isinstance( login_request, GenericError): if login_request is None or isinstance( login_request, ory_hydra_m.OAuth20RedirectBrowserTo):
logger.exception("could not fetch login request") logger.exception("could not fetch login request")
return redirect(url_for('frontend.index')) return redirect(url_for('frontend.index'))
if login_request.skip: if login_request.skip:
resp = await accept_login_request.asyncio(_client=hydra_service.hydra_client, resp = await accept_o_auth_2_login_request.asyncio(_client=hydra_service.hydra_client,
login_challenge=login_challenge, login_challenge=login_challenge,
json_body=AcceptLoginRequest(subject=login_request.subject)) json_body=ory_hydra_m.HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest(subject=login_request.subject))
if resp is None or isinstance( resp, GenericError): if resp is None or isinstance( resp, GenericError):
return 'internal error, could not forward request', 503 return 'internal error, could not forward request', 503
@ -138,14 +130,14 @@ async def login_auth() -> ResponseReturnValue:
login_challenge = request.args.get('login_challenge') login_challenge = request.args.get('login_challenge')
if login_challenge is None: if login_challenge is None:
return 'missing login_challenge, bad request', 400 return 'missing login_challenge, bad request', 400
login_request = await get_login_request.asyncio(_client=hydra_service.hydra_client, login_challenge=login_challenge) login_request = await get_o_auth_2_login_request.asyncio(_client=hydra_service.hydra_client, login_challenge=login_challenge)
if login_request is None: if login_request is None:
return redirect(url_for('frontend.index')) return redirect(url_for('frontend.index'))
if 'username' not in session: if 'username' not in session:
return redirect(url_for('auth.login')) return redirect(url_for('auth.login'))
auth_forms = {} auth_forms = {}
user = User.query.filter_by(username=session['username']).first() # Optional[User] user = User.query.filter_by(username=session['username']).first_or_404()
for auth_provider in AUTH_PROVIDER_LIST: for auth_provider in AUTH_PROVIDER_LIST:
form = auth_provider.get_form() form = auth_provider.get_form()
if auth_provider.get_name() not in session['auth_providers'] and\ if auth_provider.get_name() not in session['auth_providers'] and\
@ -163,11 +155,11 @@ async def login_auth() -> ResponseReturnValue:
# db.session.add(db_user) # db.session.add(db_user)
# db.session.commit() # db.session.commit()
subject = user.id subject = str(user.id)
user.last_login = datetime.now() user.last_login = datetime.now()
db.session.commit() db.session.commit()
resp = await accept_login_request.asyncio(_client=hydra_service.hydra_client, resp = await accept_o_auth_2_login_request.asyncio(_client=hydra_service.hydra_client,
login_challenge=login_challenge, json_body=AcceptLoginRequest( login_challenge=login_challenge, json_body=ory_hydra_m.HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest(
subject=subject, subject=subject,
remember=remember_me, remember=remember_me,
)) ))
@ -179,8 +171,9 @@ async def login_auth() -> ResponseReturnValue:
@auth_views.route('/webauthn/pkcro', methods=['POST']) @auth_views.route('/webauthn/pkcro', methods=['POST'])
def webauthn_pkcro_route(): def webauthn_pkcro_route() -> ResponseReturnValue:
"""login webauthn pkcro route""" """login webauthn pkcro route"""
return '', 404
user = User.query.filter(User.id == session.get('webauthn_login_user_id')).one() #type: User user = User.query.filter(User.id == session.get('webauthn_login_user_id')).one() #type: User
form = ButtonForm() form = ButtonForm()
@ -198,7 +191,7 @@ async def logout() -> ResponseReturnValue:
if logout_challenge is None: if logout_challenge is None:
return 'invalid request, logout_challenge not set', 400 return 'invalid request, logout_challenge not set', 400
# TODO confirm # TODO confirm
resp = await accept_logout_request.asyncio(_client=hydra_service.hydra_client, logout_challenge=logout_challenge) resp = await accept_o_auth_2_logout_request.asyncio(_client=hydra_service.hydra_client, logout_challenge=logout_challenge)
if resp is None or isinstance( resp, GenericError): if resp is None or isinstance( resp, GenericError):
return 'internal error, could not forward request', 503 return 'internal error, could not forward request', 503
return redirect(resp.redirect_to) return redirect(resp.redirect_to)
@ -222,6 +215,7 @@ def sign_up_submit():
form = RegistrationForm() form = RegistrationForm()
if form.validate_on_submit(): if form.validate_on_submit():
user = User() user = User()
user.id = uuid4()
user.username = form.data['username'] user.username = form.data['username']
user.password_hashed = crypt.crypt(form.data['password']) user.password_hashed = crypt.crypt(form.data['password'])
user.alternative_email = form.data['alternative_email'] user.alternative_email = form.data['alternative_email']

90
lenticular_cloud/views/frontend.py
View file

@ -2,7 +2,7 @@
from authlib.integrations.base_client.errors import MissingTokenError, InvalidTokenError from authlib.integrations.base_client.errors import MissingTokenError, InvalidTokenError
from base64 import b64encode, b64decode from base64 import b64encode, b64decode
from fido2 import cbor from fido2 import cbor
from fido2.webauthn import AttestationObject, AttestedCredentialData, AuthenticatorData from fido2.webauthn import CollectedClientData, AttestationObject, AttestedCredentialData, AuthenticatorData, PublicKeyCredentialUserEntity
from flask import Blueprint, Response, redirect, request from flask import Blueprint, Response, redirect, request
from flask import current_app from flask import current_app
from flask import jsonify, session, flash from flask import jsonify, session, flash
@ -15,13 +15,13 @@ from datetime import timedelta
from base64 import b64decode from base64 import b64decode
from flask.typing import ResponseReturnValue from flask.typing import ResponseReturnValue
from oauthlib.oauth2.rfc6749.errors import TokenExpiredError from oauthlib.oauth2.rfc6749.errors import TokenExpiredError
from ory_hydra_client.api.admin import list_subject_consent_sessions, revoke_consent_sessions from ory_hydra_client.api.o_auth_2 import list_o_auth_2_consent_sessions, revoke_o_auth_2_consent_sessions
from ory_hydra_client.models import GenericError from ory_hydra_client.models import GenericError
from urllib.parse import urlencode, parse_qs from urllib.parse import urlencode, parse_qs
from random import SystemRandom from random import SystemRandom
import string import string
from collections.abc import Iterable from collections.abc import Iterable
from typing import Optional from typing import Optional, Mapping, Iterator, List, Any
from ..model import db, User, SecurityUser, Totp, AppToken, WebauthnCredential from ..model import db, User, SecurityUser, Totp, AppToken, WebauthnCredential
from ..form.frontend import ClientCertForm, TOTPForm, \ from ..form.frontend import ClientCertForm, TOTPForm, \
@ -38,11 +38,16 @@ from ..lenticular_services import lenticular_services
frontend_views = Blueprint('frontend', __name__, url_prefix='') frontend_views = Blueprint('frontend', __name__, url_prefix='')
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
def get_current_user() -> User:
user_any: Any = current_user
user: User = user_any
return user
def before_request() -> Optional[ResponseReturnValue]: def before_request() -> Optional[ResponseReturnValue]:
try: try:
resp = oauth2.custom.get('/userinfo') resp = oauth2.custom.get('/userinfo')
if not current_user.is_authenticated or resp.status_code != 200: if not get_current_user().is_authenticated or resp.status_code != 200:
logger.info('user not logged in redirect') logger.info('user not logged in redirect')
return redirect_login() return redirect_login()
except MissingTokenError: except MissingTokenError:
@ -79,7 +84,7 @@ def client_cert() -> ResponseReturnValue:
client_certs = {} client_certs = {}
for service in lenticular_services.values(): for service in lenticular_services.values():
client_certs[str(service.name)] = \ client_certs[str(service.name)] = \
pki.get_client_certs(current_user, service) pki.get_client_certs(get_current_user(), service)
return render_template( return render_template(
'frontend/client_cert.html.j2', 'frontend/client_cert.html.j2',
@ -91,7 +96,7 @@ def client_cert() -> ResponseReturnValue:
def get_client_cert(service_name, serial_number) -> ResponseReturnValue: def get_client_cert(service_name, serial_number) -> ResponseReturnValue:
service = lenticular_services[service_name] service = lenticular_services[service_name]
cert = pki.get_client_cert( cert = pki.get_client_cert(
current_user, service, serial_number) get_current_user(), service, serial_number)
return jsonify({ return jsonify({
'data': { 'data': {
'pem': cert.pem()} 'pem': cert.pem()}
@ -103,7 +108,7 @@ def get_client_cert(service_name, serial_number) -> ResponseReturnValue:
def revoke_client_cert(service_name, serial_number) -> ResponseReturnValue: def revoke_client_cert(service_name, serial_number) -> ResponseReturnValue:
service = lenticular_services[service_name] service = lenticular_services[service_name]
cert = pki.get_client_cert( cert = pki.get_client_cert(
current_user, service, serial_number) get_current_user(), service, serial_number)
pki.revoke_certificate(cert) pki.revoke_certificate(cert)
return jsonify({}) return jsonify({})
@ -119,7 +124,7 @@ def client_cert_new(service_name) -> ResponseReturnValue:
if form.validate_on_submit(): if form.validate_on_submit():
valid_time = int(form.data['valid_time']) * timedelta(1, 0, 0) valid_time = int(form.data['valid_time']) * timedelta(1, 0, 0)
cert = pki.signing_publickey( cert = pki.signing_publickey(
current_user, get_current_user(),
service, service,
form.data['publickey'], form.data['publickey'],
valid_time=valid_time) valid_time=valid_time)
@ -148,39 +153,33 @@ def app_token() -> ResponseReturnValue:
delete_form=delete_form, delete_form=delete_form,
services=lenticular_services) services=lenticular_services)
@frontend_views.route('/app_token/<service_name>/new', methods=['GET','POST']) @frontend_views.route('/app_token/new', methods=['GET','POST'])
def app_token_new(service_name: str) -> ResponseReturnValue: def app_token_new() -> ResponseReturnValue:
if service_name not in lenticular_services:
return '', 404
service = lenticular_services[service_name]
form = AppTokenForm() form = AppTokenForm()
if form.validate_on_submit(): if form.validate_on_submit():
app_token = AppToken.new(service) user_any = get_current_user() # type: Any
user = user_any # type: User
app_token = AppToken.new(user, name="",scopes="")
form.populate_obj(app_token) form.populate_obj(app_token)
# check for duplicate names # check for duplicate names
for user_app_token in current_user.app_tokens: for user_app_token in user.app_tokens:
if user_app_token.name == app_token.name: if user_app_token.name == app_token.name:
return 'name already exist', 400 return 'name already exist', 400
current_user.app_tokens.append(app_token) user.app_tokens.append(app_token)
db.session.commit() db.session.commit()
return render_template('frontend/app_token_new_show.html.j2', service=service, app_token=app_token) return render_template('frontend/app_token_new_show.html.j2', app_token=app_token)
return render_template('frontend/app_token_new.html.j2', return render_template('frontend/app_token_new.html.j2',
form=form, form=form)
service=service)
@frontend_views.route('/app_token/<service_name>/<app_token_name>', methods=["POST"]) @frontend_views.route('/app_token/<app_token_name>', methods=["POST"])
def app_token_delete(service_name: str, app_token_name: str) -> ResponseReturnValue: def app_token_delete(app_token_name: str) -> ResponseReturnValue:
form = AppTokenDeleteForm() form = AppTokenDeleteForm()
if service_name not in lenticular_services:
return '', 404
service = lenticular_services[service_name]
if form.validate_on_submit(): if form.validate_on_submit():
app_token = current_user.get_token(service, app_token_name) app_token = get_current_user().get_token_by_name(app_token_name)
if app_token is None: if app_token is None:
return 'not found', 404 return 'not found', 404
db.session.delete(app_token) db.session.delete(app_token)
@ -199,9 +198,9 @@ def totp_new() -> ResponseReturnValue:
form = TOTPForm() form = TOTPForm()
if form.validate_on_submit(): if form.validate_on_submit():
totp = Totp(name=form.data['name'], secret=form.data['secret']) totp = Totp(name=form.data['name'], secret=form.data['secret'], user=get_current_user())
if totp.verify(form.data['token']): if totp.verify(form.data['token']):
current_user.totps.append(totp) get_current_user().totps.append(totp)
db.session.commit() db.session.commit()
return jsonify({ return jsonify({
'status': 'ok'}) 'status': 'ok'})
@ -247,9 +246,17 @@ def webauthn_delete_route(webauthn_id: str) -> ResponseReturnValue:
def webauthn_credentials(user: User) -> list[AttestedCredentialData]: def webauthn_credentials(user: User) -> list[AttestedCredentialData]:
"""get and decode all credentials for given user""" """get and decode all credentials for given user"""
return [AttestedCredentialData.create(**cbor.decode(cred.credential_data)) for cred in user.webauthn_credentials]
def decode(creds: List[WebauthnCredential]) -> Iterator[AttestedCredentialData]:
for cred in creds:
data = cbor.decode(cred.credential_data)
if isinstance(data, Mapping):
yield AttestedCredentialData.create(**data)
return list(decode(user.webauthn_credentials))
def random_string(length=32) -> str: def random_string(length=32) -> str:
@ -261,14 +268,15 @@ def random_string(length=32) -> str:
def webauthn_pkcco_route() -> ResponseReturnValue: def webauthn_pkcco_route() -> ResponseReturnValue:
"""get publicKeyCredentialCreationOptions""" """get publicKeyCredentialCreationOptions"""
user = User.query.get(current_user.id) #type: Optional[User] user = User.query.get(get_current_user().id) #type: Optional[User]
if user is None: if user is None:
return 'internal error', 500 return 'internal error', 500
user_handle = random_string() user_handle = random_string()
exclude_credentials = webauthn_credentials(user) exclude_credentials = webauthn_credentials(user)
pkcco, state = webauthn.register_begin( pkcco, state = webauthn.register_begin(
{'id': user_handle.encode('utf-8'), 'name': user.username, 'displayName': user.username}, user=PublicKeyCredentialUserEntity(id=user_handle.encode('utf-8'), name=user.username, display_name=user.username),
exclude_credentials) credentials=exclude_credentials
)
session['webauthn_register_user_handle'] = user_handle session['webauthn_register_user_handle'] = user_handle
session['webauthn_register_state'] = state session['webauthn_register_state'] = state
return Response(b64encode(cbor.encode(pkcco)).decode('utf-8'), mimetype='text/plain') return Response(b64encode(cbor.encode(pkcco)).decode('utf-8'), mimetype='text/plain')
@ -278,18 +286,20 @@ def webauthn_pkcco_route() -> ResponseReturnValue:
def webauthn_register_route() -> ResponseReturnValue: def webauthn_register_route() -> ResponseReturnValue:
"""register credential for current user""" """register credential for current user"""
user = current_user # type: User user = get_current_user() # type: User
form = WebauthnRegisterForm() form = WebauthnRegisterForm()
if form.validate_on_submit(): if form.validate_on_submit():
try: try:
attestation = cbor.decode(b64decode(form.attestation.data)) attestation = cbor.decode(b64decode(form.attestation.data))
if not isinstance(attestation, Mapping) or 'clientDataJSON' not in attestation or 'attestationObject' not in attestation:
return 'invalid attestion data', 400
auth_data = webauthn.register_complete( auth_data = webauthn.register_complete(
session.pop('webauthn_register_state'), session.pop('webauthn_register_state'),
ClientData(attestation['clientDataJSON']), CollectedClientData(attestation['clientDataJSON']),
AttestationObject(attestation['attestationObject'])) AttestationObject(attestation['attestationObject']))
db.session.add(WebauthnCredential( db.session.add(WebauthnCredential(
user_id=user.id, user=user,
user_handle=session.pop('webauthn_register_user_handle'), user_handle=session.pop('webauthn_register_user_handle'),
credential_data=cbor.encode(auth_data.credential_data.__dict__), credential_data=cbor.encode(auth_data.credential_data.__dict__),
name=form.name.data)) name=form.name.data))
@ -316,12 +326,12 @@ def password_change_post() -> ResponseReturnValue:
password_old = str(form.data['password_old']) password_old = str(form.data['password_old'])
password_new = str(form.data['password_new']) password_new = str(form.data['password_new'])
if not PasswordAuthProvider.check_auth_internal( if not PasswordAuthProvider.check_auth_internal(
current_user, password_old): get_current_user(), password_old):
return jsonify( return jsonify(
{'errors': {'password_old': 'Old Password is invalid'}}) {'errors': {'password_old': 'Old Password is invalid'}})
current_user.change_password(password_new) get_current_user().change_password(password_new)
logger.info(f"user {current_user.username} changed password") logger.info(f"user {get_current_user().username} changed password")
db.session.commit() db.session.commit()
return jsonify({}) return jsonify({})
return jsonify({'errors': form.errors}) return jsonify({'errors': form.errors})
@ -331,7 +341,7 @@ def password_change_post() -> ResponseReturnValue:
async def oauth2_tokens() -> ResponseReturnValue: async def oauth2_tokens() -> ResponseReturnValue:
subject = oauth2.custom.get('/userinfo').json()['sub'] subject = oauth2.custom.get('/userinfo').json()['sub']
consent_sessions = await list_subject_consent_sessions.asyncio(subject=subject, _client=hydra_service.hydra_client) consent_sessions = await list_o_auth_2_consent_sessions.asyncio(subject=subject, _client=hydra_service.hydra_client)
if consent_sessions is None or isinstance( consent_sessions, GenericError): if consent_sessions is None or isinstance( consent_sessions, GenericError):
return 'internal error, could not fetch sessions', 500 return 'internal error, could not fetch sessions', 500
return render_template( return render_template(
@ -342,7 +352,7 @@ async def oauth2_tokens() -> ResponseReturnValue:
@frontend_views.route('/oauth2_token/<client_id>', methods=['DELETE']) @frontend_views.route('/oauth2_token/<client_id>', methods=['DELETE'])
async def oauth2_token_revoke(client_id: str) -> ResponseReturnValue: async def oauth2_token_revoke(client_id: str) -> ResponseReturnValue:
subject = oauth2.session.get('/userinfo').json()['sub'] subject = oauth2.session.get('/userinfo').json()['sub']
await revoke_consent_sessions.asyncio( _client=hydra_service.hydra_client, await revoke_o_auth_2_consent_sessions.asyncio_detailed( _client=hydra_service.hydra_client,
subject=subject, subject=subject,
client=client_id) client=client_id)

6
lenticular_cloud/views/oauth2.py
View file

@ -9,6 +9,7 @@ from werkzeug.wrappers.response import Response as WerkzeugResponse
import logging import logging
from ..model import User, SecurityUser from ..model import User, SecurityUser
from ..hydra import hydra_service
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -90,13 +91,14 @@ def init_login_manager(app: Flask) -> None:
oauth2.register( oauth2.register(
name="custom", name="custom",
client_id=app.config['OAUTH_ID'], client_id=hydra_service.client_id,
client_secret=app.config['OAUTH_SECRET'], client_secret=app.config['OAUTH_SECRET'],
server_metadata_url=f'{base_url}/.well-known/openid-configuration',
access_token_url=f"{base_url}/oauth2/token", access_token_url=f"{base_url}/oauth2/token",
authorize_url=f"{base_url}/oauth2/auth", authorize_url=f"{base_url}/oauth2/auth",
api_base_url=base_url, api_base_url=base_url,
client_kwargs={'scope': ' '.join(['openid', 'profile', 'manage'])} client_kwargs={'scope': ' '.join(['openid', 'profile', 'manage'])},
) )
oauth2.init_app(app) oauth2.init_app(app)
login_manager.init_app(app) login_manager.init_app(app)

8
libs/ory-hydra-client/README.md
View file

@ -1,5 +1,5 @@
# ory-hydra-client # ory-hydra-client
A client library for accessing ORY Hydra A client library for accessing Ory Hydra
## Usage ## Usage
First, create a client: First, create a client:
@ -61,12 +61,14 @@ client = AuthenticatedClient(
) )
``` ```
There are more settings on the generated `Client` class which let you control more runtime behavior, check out the docstring on that class for more info.
Things to know: Things to know:
1. Every path/method combo becomes a Python module with four functions: 1. Every path/method combo becomes a Python module with four functions:
1. `sync`: Blocking request that returns parsed data (if successful) or `None` 1. `sync`: Blocking request that returns parsed data (if successful) or `None`
1. `sync_detailed`: Blocking request that always returns a `Request`, optionally with `parsed` set if the request was successful. 1. `sync_detailed`: Blocking request that always returns a `Request`, optionally with `parsed` set if the request was successful.
1. `asyncio`: Like `sync` but the async instead of blocking 1. `asyncio`: Like `sync` but async instead of blocking
1. `asyncio_detailed`: Like `sync_detailed` by async instead of blocking 1. `asyncio_detailed`: Like `sync_detailed` but async instead of blocking
1. All path/query params, and bodies become method arguments. 1. All path/query params, and bodies become method arguments.
1. If your endpoint had any tags on it, the first tag will be used as a module name for the function (my_tag above) 1. If your endpoint had any tags on it, the first tag will be used as a module name for the function (my_tag above)

7
libs/ory-hydra-client/ory_hydra_client/__init__.py
View file

@ -1,2 +1,7 @@
""" A client library for accessing ORY Hydra """ """ A client library for accessing Ory Hydra """
from .client import AuthenticatedClient, Client from .client import AuthenticatedClient, Client
__all__ = (
"AuthenticatedClient",
"Client",
)

298
libs/ory-hydra-client/ory_hydra_client/api/admin/accept_login_request.py
View file

@ -1,298 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from typing import Dict
from typing import cast
from ...models.completed_request import CompletedRequest
from ...models.generic_error import GenericError
from ...models.accept_login_request import AcceptLoginRequest
def _get_kwargs(
*,
_client: Client,
json_body: AcceptLoginRequest,
login_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/login/accept".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["login_challenge"] = login_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]:
if response.status_code == HTTPStatus.OK:
response_200 = CompletedRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = GenericError.from_dict(response.json())
return response_400
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: AcceptLoginRequest,
login_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]:
"""Accept a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells ORY Hydra that the subject has successfully authenticated and includes
additional information such as
the subject's ID and if ORY Hydra should remember the subject's subject agent for future
authentication attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (AcceptLoginRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
json_body: AcceptLoginRequest,
login_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]:
"""Accept a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells ORY Hydra that the subject has successfully authenticated and includes
additional information such as
the subject's ID and if ORY Hydra should remember the subject's subject agent for future
authentication attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (AcceptLoginRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: AcceptLoginRequest,
login_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]:
"""Accept a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells ORY Hydra that the subject has successfully authenticated and includes
additional information such as
the subject's ID and if ORY Hydra should remember the subject's subject agent for future
authentication attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (AcceptLoginRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
json_body: AcceptLoginRequest,
login_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]:
"""Accept a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells ORY Hydra that the subject has successfully authenticated and includes
additional information such as
the subject's ID and if ORY Hydra should remember the subject's subject agent for future
authentication attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (AcceptLoginRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
)).parsed

209
libs/ory-hydra-client/ory_hydra_client/api/admin/accept_logout_request.py
View file

@ -1,209 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from ...models.completed_request import CompletedRequest
from typing import Dict
def _get_kwargs(
*,
_client: Client,
logout_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/logout/accept".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["logout_challenge"] = logout_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]:
if response.status_code == HTTPStatus.OK:
response_200 = CompletedRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]:
"""Accept a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm
that logout request.
No body is required.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
logout_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]:
"""Accept a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm
that logout request.
No body is required.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
return sync_detailed(
_client=_client,
logout_challenge=logout_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]:
"""Accept a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm
that logout request.
No body is required.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
logout_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]:
"""Accept a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to confirm
that logout request.
No body is required.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
logout_challenge=logout_challenge,
)).parsed

223
libs/ory-hydra-client/ory_hydra_client/api/admin/create_o_auth_2_client.py
View file

@ -1,223 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from ...models.o_auth_2_client import OAuth2Client
from typing import Dict
def _get_kwargs(
*,
_client: Client,
json_body: OAuth2Client,
) -> Dict[str, Any]:
url = "{}/clients".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2Client]]:
if response.status_code == HTTPStatus.CREATED:
response_201 = OAuth2Client.from_dict(response.json())
return response_201
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = GenericError.from_dict(response.json())
return response_400
if response.status_code == HTTPStatus.CONFLICT:
response_409 = GenericError.from_dict(response.json())
return response_409
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2Client]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: OAuth2Client,
) -> Response[Union[GenericError, OAuth2Client]]:
"""Create an OAuth 2.0 Client
Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a
random secret will be generated. The secret will be returned in the response and you will not be
able to retrieve it later on. Write the secret down and keep it somwhere safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
json_body: OAuth2Client,
) -> Optional[Union[GenericError, OAuth2Client]]:
"""Create an OAuth 2.0 Client
Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a
random secret will be generated. The secret will be returned in the response and you will not be
able to retrieve it later on. Write the secret down and keep it somwhere safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: OAuth2Client,
) -> Response[Union[GenericError, OAuth2Client]]:
"""Create an OAuth 2.0 Client
Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a
random secret will be generated. The secret will be returned in the response and you will not be
able to retrieve it later on. Write the secret down and keep it somwhere safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
json_body: OAuth2Client,
) -> Optional[Union[GenericError, OAuth2Client]]:
"""Create an OAuth 2.0 Client
Create a new OAuth 2.0 client If you pass `client_secret` the secret will be used, otherwise a
random secret will be generated. The secret will be returned in the response and you will not be
able to retrieve it later on. Write the secret down and keep it somwhere safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
)).parsed

225
libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key.py
View file

@ -1,225 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
set_: str,
kid: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/keys/{set}/{kid}".format(
_client.base_url,set=set_,kid=kid)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.FORBIDDEN:
response_403 = GenericError.from_dict(response.json())
return response_403
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[Union[Any, GenericError]]:
"""Delete a JSON Web Key
Use this endpoint to delete a single JSON Web Key.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
kid (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
set_: str,
kid: str,
*,
_client: Client,
) -> Optional[Union[Any, GenericError]]:
"""Delete a JSON Web Key
Use this endpoint to delete a single JSON Web Key.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
kid (str):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
set_=set_,
kid=kid,
_client=_client,
).parsed
async def asyncio_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[Union[Any, GenericError]]:
"""Delete a JSON Web Key
Use this endpoint to delete a single JSON Web Key.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
kid (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
set_: str,
kid: str,
*,
_client: Client,
) -> Optional[Union[Any, GenericError]]:
"""Delete a JSON Web Key
Use this endpoint to delete a single JSON Web Key.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
kid (str):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
set_=set_,
kid=kid,
_client=_client,
)).parsed

212
libs/ory-hydra-client/ory_hydra_client/api/admin/delete_json_web_key_set.py
View file

@ -1,212 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
set_: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/keys/{set}".format(
_client.base_url,set=set_)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.FORBIDDEN:
response_403 = GenericError.from_dict(response.json())
return response_403
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
set_: str,
*,
_client: Client,
) -> Response[Union[Any, GenericError]]:
"""Delete a JSON Web Key Set
Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
set_=set_,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
set_: str,
*,
_client: Client,
) -> Optional[Union[Any, GenericError]]:
"""Delete a JSON Web Key Set
Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
set_=set_,
_client=_client,
).parsed
async def asyncio_detailed(
set_: str,
*,
_client: Client,
) -> Response[Union[Any, GenericError]]:
"""Delete a JSON Web Key Set
Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
set_=set_,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
set_: str,
*,
_client: Client,
) -> Optional[Union[Any, GenericError]]:
"""Delete a JSON Web Key Set
Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
set_=set_,
_client=_client,
)).parsed

202
libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_client.py
View file

@ -1,202 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
id: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
) -> Response[Union[Any, GenericError]]:
"""Deletes an OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
id: str,
*,
_client: Client,
) -> Optional[Union[Any, GenericError]]:
"""Deletes an OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
id=id,
_client=_client,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
) -> Response[Union[Any, GenericError]]:
"""Deletes an OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
id: str,
*,
_client: Client,
) -> Optional[Union[Any, GenericError]]:
"""Deletes an OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
)).parsed

189
libs/ory-hydra-client/ory_hydra_client/api/admin/delete_o_auth_2_token.py
View file

@ -1,189 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
client_id: str,
) -> Dict[str, Any]:
url = "{}/oauth2/tokens".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["client_id"] = client_id
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
client_id: str,
) -> Response[Union[Any, GenericError]]:
"""Delete OAuth2 Access Tokens from a Client
This endpoint deletes OAuth2 access tokens issued for a client from the database
Args:
client_id (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
client_id=client_id,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
client_id: str,
) -> Optional[Union[Any, GenericError]]:
"""Delete OAuth2 Access Tokens from a Client
This endpoint deletes OAuth2 access tokens issued for a client from the database
Args:
client_id (str):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
_client=_client,
client_id=client_id,
).parsed
async def asyncio_detailed(
*,
_client: Client,
client_id: str,
) -> Response[Union[Any, GenericError]]:
"""Delete OAuth2 Access Tokens from a Client
This endpoint deletes OAuth2 access tokens issued for a client from the database
Args:
client_id (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
client_id=client_id,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
client_id: str,
) -> Optional[Union[Any, GenericError]]:
"""Delete OAuth2 Access Tokens from a Client
This endpoint deletes OAuth2 access tokens issued for a client from the database
Args:
client_id (str):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
client_id=client_id,
)).parsed

202
libs/ory-hydra-client/ory_hydra_client/api/admin/flush_inactive_o_auth_2_tokens.py
View file

@ -1,202 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.flush_inactive_o_auth_2_tokens_request import FlushInactiveOAuth2TokensRequest
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
json_body: FlushInactiveOAuth2TokensRequest,
) -> Dict[str, Any]:
url = "{}/oauth2/flush".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: FlushInactiveOAuth2TokensRequest,
) -> Response[Union[Any, GenericError]]:
"""Flush Expired OAuth2 Access Tokens
This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which
no tokens will be
not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be
flushed as they are deleted
automatically when performing the refresh flow.
Args:
json_body (FlushInactiveOAuth2TokensRequest):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
json_body: FlushInactiveOAuth2TokensRequest,
) -> Optional[Union[Any, GenericError]]:
"""Flush Expired OAuth2 Access Tokens
This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which
no tokens will be
not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be
flushed as they are deleted
automatically when performing the refresh flow.
Args:
json_body (FlushInactiveOAuth2TokensRequest):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: FlushInactiveOAuth2TokensRequest,
) -> Response[Union[Any, GenericError]]:
"""Flush Expired OAuth2 Access Tokens
This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which
no tokens will be
not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be
flushed as they are deleted
automatically when performing the refresh flow.
Args:
json_body (FlushInactiveOAuth2TokensRequest):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
json_body: FlushInactiveOAuth2TokensRequest,
) -> Optional[Union[Any, GenericError]]:
"""Flush Expired OAuth2 Access Tokens
This endpoint flushes expired OAuth2 access tokens from the database. You can set a time after which
no tokens will be
not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be
flushed as they are deleted
automatically when performing the refresh flow.
Args:
json_body (FlushInactiveOAuth2TokensRequest):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
)).parsed

263
libs/ory-hydra-client/ory_hydra_client/api/admin/get_consent_request.py
View file

@ -1,263 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from ...models.consent_request import ConsentRequest
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
consent_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/consent".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["consent_challenge"] = consent_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[ConsentRequest, GenericError]]:
if response.status_code == HTTPStatus.OK:
response_200 = ConsentRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.CONFLICT:
response_409 = GenericError.from_dict(response.json())
return response_409
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[ConsentRequest, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
consent_challenge: str,
) -> Response[Union[ConsentRequest, GenericError]]:
"""Get Consent Request Information
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
Args:
consent_challenge (str):
Returns:
Response[Union[ConsentRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
consent_challenge=consent_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
consent_challenge: str,
) -> Optional[Union[ConsentRequest, GenericError]]:
"""Get Consent Request Information
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
Args:
consent_challenge (str):
Returns:
Response[Union[ConsentRequest, GenericError]]
"""
return sync_detailed(
_client=_client,
consent_challenge=consent_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
consent_challenge: str,
) -> Response[Union[ConsentRequest, GenericError]]:
"""Get Consent Request Information
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
Args:
consent_challenge (str):
Returns:
Response[Union[ConsentRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
consent_challenge=consent_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
consent_challenge: str,
) -> Optional[Union[ConsentRequest, GenericError]]:
"""Get Consent Request Information
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
Args:
consent_challenge (str):
Returns:
Response[Union[ConsentRequest, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
consent_challenge=consent_challenge,
)).parsed

199
libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key.py
View file

@ -1,199 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from ...models.json_web_key_set import JSONWebKeySet
from typing import cast
from typing import Dict
def _get_kwargs(
set_: str,
kid: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/keys/{set}/{kid}".format(
_client.base_url,set=set_,kid=kid)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]:
if response.status_code == HTTPStatus.OK:
response_200 = JSONWebKeySet.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[Union[GenericError, JSONWebKeySet]]:
"""Fetch a JSON Web Key
This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid).
Args:
set_ (str):
kid (str):
Returns:
Response[Union[GenericError, JSONWebKeySet]]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
set_: str,
kid: str,
*,
_client: Client,
) -> Optional[Union[GenericError, JSONWebKeySet]]:
"""Fetch a JSON Web Key
This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid).
Args:
set_ (str):
kid (str):
Returns:
Response[Union[GenericError, JSONWebKeySet]]
"""
return sync_detailed(
set_=set_,
kid=kid,
_client=_client,
).parsed
async def asyncio_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[Union[GenericError, JSONWebKeySet]]:
"""Fetch a JSON Web Key
This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid).
Args:
set_ (str):
kid (str):
Returns:
Response[Union[GenericError, JSONWebKeySet]]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
set_: str,
kid: str,
*,
_client: Client,
) -> Optional[Union[GenericError, JSONWebKeySet]]:
"""Fetch a JSON Web Key
This endpoint returns a singular JSON Web Key, identified by the set and the specific key ID (kid).
Args:
set_ (str):
kid (str):
Returns:
Response[Union[GenericError, JSONWebKeySet]]
"""
return (await asyncio_detailed(
set_=set_,
kid=kid,
_client=_client,
)).parsed

249
libs/ory-hydra-client/ory_hydra_client/api/admin/get_login_request.py
View file

@ -1,249 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.login_request import LoginRequest
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
login_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/login".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["login_challenge"] = login_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, LoginRequest]]:
if response.status_code == HTTPStatus.OK:
response_200 = LoginRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = GenericError.from_dict(response.json())
return response_400
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.CONFLICT:
response_409 = GenericError.from_dict(response.json())
return response_409
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, LoginRequest]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
login_challenge: str,
) -> Response[Union[GenericError, LoginRequest]]:
"""Get a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Returns:
Response[Union[GenericError, LoginRequest]]
"""
kwargs = _get_kwargs(
_client=_client,
login_challenge=login_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
login_challenge: str,
) -> Optional[Union[GenericError, LoginRequest]]:
"""Get a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Returns:
Response[Union[GenericError, LoginRequest]]
"""
return sync_detailed(
_client=_client,
login_challenge=login_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
login_challenge: str,
) -> Response[Union[GenericError, LoginRequest]]:
"""Get a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Returns:
Response[Union[GenericError, LoginRequest]]
"""
kwargs = _get_kwargs(
_client=_client,
login_challenge=login_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
login_challenge: str,
) -> Optional[Union[GenericError, LoginRequest]]:
"""Get a Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Returns:
Response[Union[GenericError, LoginRequest]]
"""
return (await asyncio_detailed(
_client=_client,
login_challenge=login_challenge,
)).parsed

193
libs/ory-hydra-client/ory_hydra_client/api/admin/get_logout_request.py
View file

@ -1,193 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from ...models.logout_request import LogoutRequest
from typing import Dict
def _get_kwargs(
*,
_client: Client,
logout_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/logout".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["logout_challenge"] = logout_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, LogoutRequest]]:
if response.status_code == HTTPStatus.OK:
response_200 = LogoutRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, LogoutRequest]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Union[GenericError, LogoutRequest]]:
"""Get a Logout Request
Use this endpoint to fetch a logout request.
Args:
logout_challenge (str):
Returns:
Response[Union[GenericError, LogoutRequest]]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
logout_challenge: str,
) -> Optional[Union[GenericError, LogoutRequest]]:
"""Get a Logout Request
Use this endpoint to fetch a logout request.
Args:
logout_challenge (str):
Returns:
Response[Union[GenericError, LogoutRequest]]
"""
return sync_detailed(
_client=_client,
logout_challenge=logout_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Union[GenericError, LogoutRequest]]:
"""Get a Logout Request
Use this endpoint to fetch a logout request.
Args:
logout_challenge (str):
Returns:
Response[Union[GenericError, LogoutRequest]]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
logout_challenge: str,
) -> Optional[Union[GenericError, LogoutRequest]]:
"""Get a Logout Request
Use this endpoint to fetch a logout request.
Args:
logout_challenge (str):
Returns:
Response[Union[GenericError, LogoutRequest]]
"""
return (await asyncio_detailed(
_client=_client,
logout_challenge=logout_challenge,
)).parsed

206
libs/ory-hydra-client/ory_hydra_client/api/admin/get_o_auth_2_client.py
View file

@ -1,206 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from ...models.o_auth_2_client import OAuth2Client
from typing import Dict
def _get_kwargs(
id: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2Client]]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth2Client.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2Client]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
) -> Response[Union[GenericError, OAuth2Client]]:
"""Get an OAuth 2.0 Client.
Get an OAUth 2.0 client by its ID. This endpoint never returns passwords.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
id: str,
*,
_client: Client,
) -> Optional[Union[GenericError, OAuth2Client]]:
"""Get an OAuth 2.0 Client.
Get an OAUth 2.0 client by its ID. This endpoint never returns passwords.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
return sync_detailed(
id=id,
_client=_client,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
) -> Response[Union[GenericError, OAuth2Client]]:
"""Get an OAuth 2.0 Client.
Get an OAUth 2.0 client by its ID. This endpoint never returns passwords.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
id: str,
*,
_client: Client,
) -> Optional[Union[GenericError, OAuth2Client]]:
"""Get an OAuth 2.0 Client.
Get an OAUth 2.0 client by its ID. This endpoint never returns passwords.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
)).parsed

164
libs/ory-hydra-client/ory_hydra_client/api/admin/get_version.py
View file

@ -1,164 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.version import Version
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/version".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Version]:
if response.status_code == HTTPStatus.OK:
response_200 = Version.from_dict(response.json())
return response_200
return None
def _build_response(*, response: httpx.Response) -> Response[Version]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
) -> Response[Version]:
"""Get Service Version
This endpoint returns the service version typically notated using semantic versioning.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Returns:
Response[Version]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
) -> Optional[Version]:
"""Get Service Version
This endpoint returns the service version typically notated using semantic versioning.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Returns:
Response[Version]
"""
return sync_detailed(
_client=_client,
).parsed
async def asyncio_detailed(
*,
_client: Client,
) -> Response[Version]:
"""Get Service Version
This endpoint returns the service version typically notated using semantic versioning.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Returns:
Response[Version]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
) -> Optional[Version]:
"""Get Service Version
This endpoint returns the service version typically notated using semantic versioning.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Returns:
Response[Version]
"""
return (await asyncio_detailed(
_client=_client,
)).parsed

194
libs/ory-hydra-client/ory_hydra_client/api/admin/introspect_o_auth_2_token.py
View file

@ -1,194 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.introspect_o_auth_2_token_data import IntrospectOAuth2TokenData
from ...models.o_auth_2_token_introspection import OAuth2TokenIntrospection
from typing import Dict
from typing import cast
from ...models.generic_error import GenericError
def _get_kwargs(
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/oauth2/introspect".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2TokenIntrospection]]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth2TokenIntrospection.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2TokenIntrospection]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
) -> Response[Union[GenericError, OAuth2TokenIntrospection]]:
"""Introspect OAuth2 Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `accessTokenExtra` during the consent flow.
For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection-
endpoint/).
Returns:
Response[Union[GenericError, OAuth2TokenIntrospection]]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
) -> Optional[Union[GenericError, OAuth2TokenIntrospection]]:
"""Introspect OAuth2 Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `accessTokenExtra` during the consent flow.
For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection-
endpoint/).
Returns:
Response[Union[GenericError, OAuth2TokenIntrospection]]
"""
return sync_detailed(
_client=_client,
).parsed
async def asyncio_detailed(
*,
_client: Client,
) -> Response[Union[GenericError, OAuth2TokenIntrospection]]:
"""Introspect OAuth2 Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `accessTokenExtra` during the consent flow.
For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection-
endpoint/).
Returns:
Response[Union[GenericError, OAuth2TokenIntrospection]]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
) -> Optional[Union[GenericError, OAuth2TokenIntrospection]]:
"""Introspect OAuth2 Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `accessTokenExtra` during the consent flow.
For more information [read this blog post](https://www.oauth.com/oauth2-servers/token-introspection-
endpoint/).
Returns:
Response[Union[GenericError, OAuth2TokenIntrospection]]
"""
return (await asyncio_detailed(
_client=_client,
)).parsed

260
libs/ory-hydra-client/ory_hydra_client/api/admin/list_o_auth_2_clients.py
View file

@ -1,260 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from typing import Dict
from typing import Union
from typing import cast
from ...types import UNSET, Unset
from ...models.generic_error import GenericError
from typing import cast, List
from ...models.o_auth_2_client import OAuth2Client
from typing import Optional
def _get_kwargs(
*,
_client: Client,
limit: Union[Unset, None, int] = UNSET,
offset: Union[Unset, None, int] = UNSET,
) -> Dict[str, Any]:
url = "{}/clients".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["limit"] = limit
params["offset"] = offset
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, List['OAuth2Client']]]:
if response.status_code == HTTPStatus.OK:
response_200 = []
_response_200 = response.json()
for response_200_item_data in (_response_200):
response_200_item = OAuth2Client.from_dict(response_200_item_data)
response_200.append(response_200_item)
return response_200
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, List['OAuth2Client']]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
limit: Union[Unset, None, int] = UNSET,
offset: Union[Unset, None, int] = UNSET,
) -> Response[Union[GenericError, List['OAuth2Client']]]:
"""List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets. As a default it
lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has
an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-url/admin/clients?limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
limit (Union[Unset, None, int]):
offset (Union[Unset, None, int]):
Returns:
Response[Union[GenericError, List['OAuth2Client']]]
"""
kwargs = _get_kwargs(
_client=_client,
limit=limit,
offset=offset,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
limit: Union[Unset, None, int] = UNSET,
offset: Union[Unset, None, int] = UNSET,
) -> Optional[Union[GenericError, List['OAuth2Client']]]:
"""List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets. As a default it
lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has
an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-url/admin/clients?limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
limit (Union[Unset, None, int]):
offset (Union[Unset, None, int]):
Returns:
Response[Union[GenericError, List['OAuth2Client']]]
"""
return sync_detailed(
_client=_client,
limit=limit,
offset=offset,
).parsed
async def asyncio_detailed(
*,
_client: Client,
limit: Union[Unset, None, int] = UNSET,
offset: Union[Unset, None, int] = UNSET,
) -> Response[Union[GenericError, List['OAuth2Client']]]:
"""List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets. As a default it
lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has
an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-url/admin/clients?limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
limit (Union[Unset, None, int]):
offset (Union[Unset, None, int]):
Returns:
Response[Union[GenericError, List['OAuth2Client']]]
"""
kwargs = _get_kwargs(
_client=_client,
limit=limit,
offset=offset,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
limit: Union[Unset, None, int] = UNSET,
offset: Union[Unset, None, int] = UNSET,
) -> Optional[Union[GenericError, List['OAuth2Client']]]:
"""List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets. As a default it
lists the first 100 clients. The `limit` parameter can be used to retrieve more clients, but it has
an upper bound at 500 objects. Pagination should be used to retrieve more than 500 objects.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-url/admin/clients?limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
limit (Union[Unset, None, int]):
offset (Union[Unset, None, int]):
Returns:
Response[Union[GenericError, List['OAuth2Client']]]
"""
return (await asyncio_detailed(
_client=_client,
limit=limit,
offset=offset,
)).parsed

239
libs/ory-hydra-client/ory_hydra_client/api/admin/list_subject_consent_sessions.py
View file

@ -1,239 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from typing import Dict
from ...models.previous_consent_session import PreviousConsentSession
from typing import cast
from ...models.generic_error import GenericError
from typing import cast, List
def _get_kwargs(
*,
_client: Client,
subject: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/sessions/consent".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["subject"] = subject
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, List['PreviousConsentSession']]]:
if response.status_code == HTTPStatus.OK:
response_200 = []
_response_200 = response.json()
for response_200_item_data in (_response_200):
response_200_item = PreviousConsentSession.from_dict(response_200_item_data)
response_200.append(response_200_item)
return response_200
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = GenericError.from_dict(response.json())
return response_400
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, List['PreviousConsentSession']]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
subject: str,
) -> Response[Union[GenericError, List['PreviousConsentSession']]]:
"""Lists All Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-
url/admin/oauth2/auth/sessions/consent?subject={user}&limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
subject (str):
Returns:
Response[Union[GenericError, List['PreviousConsentSession']]]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
subject: str,
) -> Optional[Union[GenericError, List['PreviousConsentSession']]]:
"""Lists All Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-
url/admin/oauth2/auth/sessions/consent?subject={user}&limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
subject (str):
Returns:
Response[Union[GenericError, List['PreviousConsentSession']]]
"""
return sync_detailed(
_client=_client,
subject=subject,
).parsed
async def asyncio_detailed(
*,
_client: Client,
subject: str,
) -> Response[Union[GenericError, List['PreviousConsentSession']]]:
"""Lists All Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-
url/admin/oauth2/auth/sessions/consent?subject={user}&limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
subject (str):
Returns:
Response[Union[GenericError, List['PreviousConsentSession']]]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
subject: str,
) -> Optional[Union[GenericError, List['PreviousConsentSession']]]:
"""Lists All Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
The \"Link\" header is also included in successful responses, which contains one or more links for
pagination, formatted like so: '<https://hydra-
url/admin/oauth2/auth/sessions/consent?subject={user}&limit={limit}&offset={offset}>;
rel=\"{page}\"', where page is one of the following applicable pages: 'first', 'next', 'last', and
'previous'.
Multiple links can be included in this header, and will be separated by a comma.
Args:
subject (str):
Returns:
Response[Union[GenericError, List['PreviousConsentSession']]]
"""
return (await asyncio_detailed(
_client=_client,
subject=subject,
)).parsed

125
libs/ory-hydra-client/ory_hydra_client/api/admin/prometheus.py
View file

@ -1,125 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
def _get_kwargs(
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/metrics/prometheus".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _build_response(*, response: httpx.Response) -> Response[Any]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=None,
)
def sync_detailed(
*,
_client: Client,
) -> Response[Any]:
"""Get Snapshot Metrics from the Hydra Service.
If you're using k8s, you can then add annotations to your deployment like so:
```
metadata:
annotations:
prometheus.io/port: \"4445\"
prometheus.io/path: \"/metrics/prometheus\"
```
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
async def asyncio_detailed(
*,
_client: Client,
) -> Response[Any]:
"""Get Snapshot Metrics from the Hydra Service.
If you're using k8s, you can then add annotations to your deployment like so:
```
metadata:
annotations:
prometheus.io/port: \"4445\"
prometheus.io/path: \"/metrics/prometheus\"
```
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)

298
libs/ory-hydra-client/ory_hydra_client/api/admin/reject_consent_request.py
View file

@ -1,298 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from typing import Dict
from typing import cast
from ...models.reject_request import RejectRequest
from ...models.completed_request import CompletedRequest
from ...models.generic_error import GenericError
def _get_kwargs(
*,
_client: Client,
json_body: RejectRequest,
consent_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/consent/reject".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["consent_challenge"] = consent_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]:
if response.status_code == HTTPStatus.OK:
response_200 = CompletedRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: RejectRequest,
consent_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]:
"""Reject a Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access
resources on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
consent_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
json_body: RejectRequest,
consent_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]:
"""Reject a Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access
resources on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
consent_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: RejectRequest,
consent_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]:
"""Reject a Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access
resources on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
consent_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
json_body: RejectRequest,
consent_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]:
"""Reject a Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the
login provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated,
he/she must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if
the subject accepted
or rejected the request.
This endpoint tells ORY Hydra that the subject has not authorized the OAuth 2.0 client to access
resources on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
consent_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[CompletedRequest, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
)).parsed

222
libs/ory-hydra-client/ory_hydra_client/api/admin/reject_logout_request.py
View file

@ -1,222 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from ...models.reject_request import RejectRequest
from typing import Dict
def _get_kwargs(
*,
_client: Client,
json_body: RejectRequest,
logout_challenge: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/logout/reject".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["logout_challenge"] = logout_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: RejectRequest,
logout_challenge: str,
) -> Response[Union[Any, GenericError]]:
"""Reject a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny
that logout request.
No body is required.
The response is empty as the logout provider has to chose what action to perform next.
Args:
logout_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
logout_challenge=logout_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
json_body: RejectRequest,
logout_challenge: str,
) -> Optional[Union[Any, GenericError]]:
"""Reject a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny
that logout request.
No body is required.
The response is empty as the logout provider has to chose what action to perform next.
Args:
logout_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
logout_challenge=logout_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: RejectRequest,
logout_challenge: str,
) -> Response[Union[Any, GenericError]]:
"""Reject a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny
that logout request.
No body is required.
The response is empty as the logout provider has to chose what action to perform next.
Args:
logout_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
logout_challenge=logout_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
json_body: RejectRequest,
logout_challenge: str,
) -> Optional[Union[Any, GenericError]]:
"""Reject a Logout Request
When a user or an application requests ORY Hydra to log out a user, this endpoint is used to deny
that logout request.
No body is required.
The response is empty as the logout provider has to chose what action to perform next.
Args:
logout_challenge (str):
json_body (RejectRequest):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
logout_challenge=logout_challenge,
)).parsed

215
libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_authentication_session.py
View file

@ -1,215 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
subject: str,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/sessions/login".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["subject"] = subject
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = GenericError.from_dict(response.json())
return response_400
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
subject: str,
) -> Response[Union[Any, GenericError]]:
"""Invalidates All Login Sessions of a Certain User
Invalidates a Subject's Authentication Session
This endpoint invalidates a subject's authentication session. After revoking the authentication
session, the subject
has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work
with OpenID Connect
Front- or Back-channel logout.
Args:
subject (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
subject: str,
) -> Optional[Union[Any, GenericError]]:
"""Invalidates All Login Sessions of a Certain User
Invalidates a Subject's Authentication Session
This endpoint invalidates a subject's authentication session. After revoking the authentication
session, the subject
has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work
with OpenID Connect
Front- or Back-channel logout.
Args:
subject (str):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
_client=_client,
subject=subject,
).parsed
async def asyncio_detailed(
*,
_client: Client,
subject: str,
) -> Response[Union[Any, GenericError]]:
"""Invalidates All Login Sessions of a Certain User
Invalidates a Subject's Authentication Session
This endpoint invalidates a subject's authentication session. After revoking the authentication
session, the subject
has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work
with OpenID Connect
Front- or Back-channel logout.
Args:
subject (str):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
subject: str,
) -> Optional[Union[Any, GenericError]]:
"""Invalidates All Login Sessions of a Certain User
Invalidates a Subject's Authentication Session
This endpoint invalidates a subject's authentication session. After revoking the authentication
session, the subject
has to re-authenticate at ORY Hydra. This endpoint does not invalidate any tokens and does not work
with OpenID Connect
Front- or Back-channel logout.
Args:
subject (str):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
subject=subject,
)).parsed

238
libs/ory-hydra-client/ory_hydra_client/api/admin/revoke_consent_sessions.py
View file

@ -1,238 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from typing import Dict
from typing import Union
from typing import cast
from ...types import UNSET, Unset
from ...models.generic_error import GenericError
from typing import Optional
def _get_kwargs(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Dict[str, Any]:
url = "{}/oauth2/auth/sessions/consent".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["subject"] = subject
params["client"] = client
params["all"] = all_
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[Any, GenericError]]:
if response.status_code == HTTPStatus.NO_CONTENT:
response_204 = cast(Any, None)
return response_204
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = GenericError.from_dict(response.json())
return response_400
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[Any, GenericError]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Response[Union[Any, GenericError]]:
"""Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client
This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and
invalidates all
associated OAuth 2.0 Access Tokens.
Args:
subject (str):
client (Union[Unset, None, str]):
all_ (Union[Unset, None, bool]):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
client=client,
all_=all_,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Optional[Union[Any, GenericError]]:
"""Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client
This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and
invalidates all
associated OAuth 2.0 Access Tokens.
Args:
subject (str):
client (Union[Unset, None, str]):
all_ (Union[Unset, None, bool]):
Returns:
Response[Union[Any, GenericError]]
"""
return sync_detailed(
_client=_client,
subject=subject,
client=client,
all_=all_,
).parsed
async def asyncio_detailed(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Response[Union[Any, GenericError]]:
"""Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client
This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and
invalidates all
associated OAuth 2.0 Access Tokens.
Args:
subject (str):
client (Union[Unset, None, str]):
all_ (Union[Unset, None, bool]):
Returns:
Response[Union[Any, GenericError]]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
client=client,
all_=all_,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Optional[Union[Any, GenericError]]:
"""Revokes Consent Sessions of a Subject for a Specific OAuth 2.0 Client
This endpoint revokes a subject's granted consent sessions for a specific OAuth 2.0 Client and
invalidates all
associated OAuth 2.0 Access Tokens.
Args:
subject (str):
client (Union[Unset, None, str]):
all_ (Union[Unset, None, bool]):
Returns:
Response[Union[Any, GenericError]]
"""
return (await asyncio_detailed(
_client=_client,
subject=subject,
client=client,
all_=all_,
)).parsed

224
libs/ory-hydra-client/ory_hydra_client/api/admin/update_o_auth_2_client.py
View file

@ -1,224 +0,0 @@
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ...models.generic_error import GenericError
from typing import cast
from ...models.o_auth_2_client import OAuth2Client
from typing import Dict
def _get_kwargs(
id: str,
*,
_client: Client,
json_body: OAuth2Client,
) -> Dict[str, Any]:
url = "{}/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, OAuth2Client]]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth2Client.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, OAuth2Client]]:
return Response(
status_code=response.status_code,
content=response.content,
headers=response.headers,
parsed=_parse_response(response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
json_body: OAuth2Client,
) -> Response[Union[GenericError, OAuth2Client]]:
"""Update an OAuth 2.0 Client
Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and
returned via the API. This is the only time you will be able to retrieve the client secret, so write
it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(response=response)
def sync(
id: str,
*,
_client: Client,
json_body: OAuth2Client,
) -> Optional[Union[GenericError, OAuth2Client]]:
"""Update an OAuth 2.0 Client
Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and
returned via the API. This is the only time you will be able to retrieve the client secret, so write
it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
return sync_detailed(
id=id,
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
json_body: OAuth2Client,
) -> Response[Union[GenericError, OAuth2Client]]:
"""Update an OAuth 2.0 Client
Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and
returned via the API. This is the only time you will be able to retrieve the client secret, so write
it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(response=response)
async def asyncio(
id: str,
*,
_client: Client,
json_body: OAuth2Client,
) -> Optional[Union[GenericError, OAuth2Client]]:
"""Update an OAuth 2.0 Client
Update an existing OAuth 2.0 Client. If you pass `client_secret` the secret will be updated and
returned via the API. This is the only time you will be able to retrieve the client secret, so write
it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well
protected and only callable by first-party components.
Args:
id (str):
json_body (OAuth2Client):
Returns:
Response[Union[GenericError, OAuth2Client]]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
json_body=json_body,
)).parsed

0
libs/ory-hydra-client/ory_hydra_client/api/admin/__init__.py → libs/ory-hydra-client/ory_hydra_client/api/jwk/__init__.py
View file

106
libs/ory-hydra-client/ory_hydra_client/api/admin/create_json_web_key_set.py → libs/ory-hydra-client/ory_hydra_client/api/jwk/create_json_web_key_set.py
View file

@ -1,15 +1,16 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast from typing import cast
from ...models.generic_error import GenericError from typing import Dict
from ...models.json_web_key_set import JSONWebKeySet from ...models.json_web_key_set import JsonWebKeySet
from ...models.json_web_key_set_generator_request import JsonWebKeySetGeneratorRequest from ...models.create_json_web_key_set import CreateJsonWebKeySet
@ -17,10 +18,10 @@ def _get_kwargs(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JsonWebKeySetGeneratorRequest, json_body: CreateJsonWebKeySet,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/keys/{set}".format( url = "{}/admin/keys/{set}".format(
_client.base_url,set=set_) _client.base_url,set=set_)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -48,40 +49,25 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]:
if response.status_code == HTTPStatus.CREATED: if response.status_code == HTTPStatus.CREATED:
response_201 = JSONWebKeySet.from_dict(response.json()) response_201 = JsonWebKeySet.from_dict(response.json())
return response_201 return response_201
if response.status_code == HTTPStatus.UNAUTHORIZED: if client.raise_on_unexpected_status:
response_401 = GenericError.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]:
return response_401
if response.status_code == HTTPStatus.FORBIDDEN:
response_403 = GenericError.from_dict(response.json())
return response_403
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
@ -89,10 +75,10 @@ def sync_detailed(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JsonWebKeySetGeneratorRequest, json_body: CreateJsonWebKeySet,
) -> Response[Union[GenericError, JSONWebKeySet]]: ) -> Response[JsonWebKeySet]:
"""Generate a New JSON Web Key """Create JSON Web Key
This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies
available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys
@ -106,10 +92,14 @@ def sync_detailed(
Args: Args:
set_ (str): set_ (str):
json_body (JsonWebKeySetGeneratorRequest): json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -125,16 +115,16 @@ json_body=json_body,
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JsonWebKeySetGeneratorRequest, json_body: CreateJsonWebKeySet,
) -> Optional[Union[GenericError, JSONWebKeySet]]: ) -> Optional[JsonWebKeySet]:
"""Generate a New JSON Web Key """Create JSON Web Key
This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies
available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys
@ -148,10 +138,14 @@ def sync(
Args: Args:
set_ (str): set_ (str):
json_body (JsonWebKeySetGeneratorRequest): json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -166,10 +160,10 @@ async def asyncio_detailed(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JsonWebKeySetGeneratorRequest, json_body: CreateJsonWebKeySet,
) -> Response[Union[GenericError, JSONWebKeySet]]: ) -> Response[JsonWebKeySet]:
"""Generate a New JSON Web Key """Create JSON Web Key
This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies
available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys
@ -183,10 +177,14 @@ async def asyncio_detailed(
Args: Args:
set_ (str): set_ (str):
json_body (JsonWebKeySetGeneratorRequest): json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -202,16 +200,16 @@ json_body=json_body,
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JsonWebKeySetGeneratorRequest, json_body: CreateJsonWebKeySet,
) -> Optional[Union[GenericError, JSONWebKeySet]]: ) -> Optional[JsonWebKeySet]:
"""Generate a New JSON Web Key """Create JSON Web Key
This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies This endpoint is capable of generating JSON Web Key Sets for you. There a different strategies
available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys available, such as symmetric cryptographic keys (HS256, HS512) and asymetric cryptographic keys
@ -225,10 +223,14 @@ async def asyncio(
Args: Args:
set_ (str): set_ (str):
json_body (JsonWebKeySetGeneratorRequest): json_body (CreateJsonWebKeySet): Create JSON Web Key Set Request Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """

156
libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key.py Normal file
View file

@ -0,0 +1,156 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
set_: str,
kid: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/keys/{set}/{kid}".format(
_client.base_url,set=set_,kid=kid)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete JSON Web Key
Use this endpoint to delete a single JSON Web Key.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A
JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its
set and key id. ORY Hydra uses
this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID
Connect ID tokens),
and allows storing user-defined keys as well.
Args:
set_ (str):
kid (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete JSON Web Key
Use this endpoint to delete a single JSON Web Key.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A
JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key is identified by its
set and key id. ORY Hydra uses
this functionality to store cryptographic keys used for TLS and JSON Web Tokens (such as OpenID
Connect ID tokens),
and allows storing user-defined keys as well.
Args:
set_ (str):
kid (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

145
libs/ory-hydra-client/ory_hydra_client/api/jwk/delete_json_web_key_set.py Normal file
View file

@ -0,0 +1,145 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
set_: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/keys/{set}".format(
_client.base_url,set=set_)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
set_: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete JSON Web Key Set
Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
set_=set_,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
set_: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete JSON Web Key Set
Use this endpoint to delete a complete JSON Web Key Set and all the keys in that set.
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
cryptographic key. A JWK Set is a JSON data structure that represents a set of JWKs. A JSON Web Key
is identified by its set and key id. ORY Hydra uses this functionality to store cryptographic keys
used for TLS and JSON Web Tokens (such as OpenID Connect ID tokens), and allows storing user-defined
keys as well.
Args:
set_ (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
set_=set_,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

211
libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key.py Normal file
View file

@ -0,0 +1,211 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import cast
from typing import Dict
from ...models.json_web_key_set import JsonWebKeySet
def _get_kwargs(
set_: str,
kid: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/keys/{set}/{kid}".format(
_client.base_url,set=set_,kid=kid)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]:
if response.status_code == HTTPStatus.OK:
response_200 = JsonWebKeySet.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[JsonWebKeySet]:
"""Get JSON Web Key
This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and
the specific key ID (kid).
Args:
set_ (str):
kid (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[JsonWebKeySet]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
set_: str,
kid: str,
*,
_client: Client,
) -> Optional[JsonWebKeySet]:
"""Get JSON Web Key
This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and
the specific key ID (kid).
Args:
set_ (str):
kid (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[JsonWebKeySet]
"""
return sync_detailed(
set_=set_,
kid=kid,
_client=_client,
).parsed
async def asyncio_detailed(
set_: str,
kid: str,
*,
_client: Client,
) -> Response[JsonWebKeySet]:
"""Get JSON Web Key
This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and
the specific key ID (kid).
Args:
set_ (str):
kid (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[JsonWebKeySet]
"""
kwargs = _get_kwargs(
set_=set_,
kid=kid,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
set_: str,
kid: str,
*,
_client: Client,
) -> Optional[JsonWebKeySet]:
"""Get JSON Web Key
This endpoint returns a singular JSON Web Key contained in a set. It is identified by the set and
the specific key ID (kid).
Args:
set_ (str):
kid (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[JsonWebKeySet]
"""
return (await asyncio_detailed(
set_=set_,
kid=kid,
_client=_client,
)).parsed

76
libs/ory-hydra-client/ory_hydra_client/api/admin/get_json_web_key_set.py → libs/ory-hydra-client/ory_hydra_client/api/jwk/get_json_web_key_set.py
View file

@ -1,14 +1,15 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from ...models.generic_error import GenericError
from ...models.json_web_key_set import JSONWebKeySet
from typing import cast from typing import cast
from typing import Dict from typing import Dict
from ...models.json_web_key_set import JsonWebKeySet
@ -18,7 +19,7 @@ def _get_kwargs(
_client: Client, _client: Client,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/keys/{set}".format( url = "{}/admin/keys/{set}".format(
_client.base_url,set=set_) _client.base_url,set=set_)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -43,40 +44,25 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = JSONWebKeySet.from_dict(response.json()) response_200 = JsonWebKeySet.from_dict(response.json())
return response_200 return response_200
if response.status_code == HTTPStatus.UNAUTHORIZED: if client.raise_on_unexpected_status:
response_401 = GenericError.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]:
return response_401
if response.status_code == HTTPStatus.FORBIDDEN:
response_403 = GenericError.from_dict(response.json())
return response_403
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
@ -85,7 +71,7 @@ def sync_detailed(
*, *,
_client: Client, _client: Client,
) -> Response[Union[GenericError, JSONWebKeySet]]: ) -> Response[JsonWebKeySet]:
"""Retrieve a JSON Web Key Set """Retrieve a JSON Web Key Set
This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. This endpoint can be used to retrieve JWK Sets stored in ORY Hydra.
@ -99,8 +85,12 @@ def sync_detailed(
Args: Args:
set_ (str): set_ (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -115,14 +105,14 @@ _client=_client,
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
) -> Optional[Union[GenericError, JSONWebKeySet]]: ) -> Optional[JsonWebKeySet]:
"""Retrieve a JSON Web Key Set """Retrieve a JSON Web Key Set
This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. This endpoint can be used to retrieve JWK Sets stored in ORY Hydra.
@ -136,8 +126,12 @@ def sync(
Args: Args:
set_ (str): set_ (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -152,7 +146,7 @@ async def asyncio_detailed(
*, *,
_client: Client, _client: Client,
) -> Response[Union[GenericError, JSONWebKeySet]]: ) -> Response[JsonWebKeySet]:
"""Retrieve a JSON Web Key Set """Retrieve a JSON Web Key Set
This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. This endpoint can be used to retrieve JWK Sets stored in ORY Hydra.
@ -166,8 +160,12 @@ async def asyncio_detailed(
Args: Args:
set_ (str): set_ (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -182,14 +180,14 @@ _client=_client,
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
) -> Optional[Union[GenericError, JSONWebKeySet]]: ) -> Optional[JsonWebKeySet]:
"""Retrieve a JSON Web Key Set """Retrieve a JSON Web Key Set
This endpoint can be used to retrieve JWK Sets stored in ORY Hydra. This endpoint can be used to retrieve JWK Sets stored in ORY Hydra.
@ -203,8 +201,12 @@ async def asyncio(
Args: Args:
set_ (str): set_ (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """

112
libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key.py → libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key.py
View file

@ -1,14 +1,15 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from ...models.generic_error import GenericError
from typing import cast
from ...models.json_web_key import JSONWebKey
from typing import Dict from typing import Dict
from ...models.json_web_key import JsonWebKey
from typing import cast
@ -17,10 +18,10 @@ def _get_kwargs(
kid: str, kid: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKey, json_body: JsonWebKey,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/keys/{set}/{kid}".format( url = "{}/admin/keys/{set}/{kid}".format(
_client.base_url,set=set_,kid=kid) _client.base_url,set=set_,kid=kid)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -48,40 +49,25 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKey]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKey]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = JSONWebKey.from_dict(response.json()) response_200 = JsonWebKey.from_dict(response.json())
return response_200 return response_200
if response.status_code == HTTPStatus.UNAUTHORIZED: if client.raise_on_unexpected_status:
response_401 = GenericError.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKey]:
return response_401
if response.status_code == HTTPStatus.FORBIDDEN:
response_403 = GenericError.from_dict(response.json())
return response_403
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKey]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
@ -90,10 +76,10 @@ def sync_detailed(
kid: str, kid: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKey, json_body: JsonWebKey,
) -> Response[Union[GenericError, JSONWebKey]]: ) -> Response[JsonWebKey]:
"""Update a JSON Web Key """Set JSON Web Key
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
own. own.
@ -107,12 +93,14 @@ def sync_detailed(
Args: Args:
set_ (str): set_ (str):
kid (str): kid (str):
json_body (JSONWebKey): It is important that this model object is named JSONWebKey for json_body (JsonWebKey):
"swagger generate spec" to generate only on definition of a
JSONWebKey. Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKey]] Response[JsonWebKey]
""" """
@ -129,17 +117,17 @@ json_body=json_body,
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
set_: str, set_: str,
kid: str, kid: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKey, json_body: JsonWebKey,
) -> Optional[Union[GenericError, JSONWebKey]]: ) -> Optional[JsonWebKey]:
"""Update a JSON Web Key """Set JSON Web Key
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
own. own.
@ -153,12 +141,14 @@ def sync(
Args: Args:
set_ (str): set_ (str):
kid (str): kid (str):
json_body (JSONWebKey): It is important that this model object is named JSONWebKey for json_body (JsonWebKey):
"swagger generate spec" to generate only on definition of a
JSONWebKey. Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKey]] Response[JsonWebKey]
""" """
@ -175,10 +165,10 @@ async def asyncio_detailed(
kid: str, kid: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKey, json_body: JsonWebKey,
) -> Response[Union[GenericError, JSONWebKey]]: ) -> Response[JsonWebKey]:
"""Update a JSON Web Key """Set JSON Web Key
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
own. own.
@ -192,12 +182,14 @@ async def asyncio_detailed(
Args: Args:
set_ (str): set_ (str):
kid (str): kid (str):
json_body (JSONWebKey): It is important that this model object is named JSONWebKey for json_body (JsonWebKey):
"swagger generate spec" to generate only on definition of a
JSONWebKey. Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKey]] Response[JsonWebKey]
""" """
@ -214,17 +206,17 @@ json_body=json_body,
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
set_: str, set_: str,
kid: str, kid: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKey, json_body: JsonWebKey,
) -> Optional[Union[GenericError, JSONWebKey]]: ) -> Optional[JsonWebKey]:
"""Update a JSON Web Key """Set JSON Web Key
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
own. own.
@ -238,12 +230,14 @@ async def asyncio(
Args: Args:
set_ (str): set_ (str):
kid (str): kid (str):
json_body (JSONWebKey): It is important that this model object is named JSONWebKey for json_body (JsonWebKey):
"swagger generate spec" to generate only on definition of a
JSONWebKey. Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, JSONWebKey]] Response[JsonWebKey]
""" """

116
libs/ory-hydra-client/ory_hydra_client/api/admin/update_json_web_key_set.py → libs/ory-hydra-client/ory_hydra_client/api/jwk/set_json_web_key_set.py
View file

@ -1,14 +1,15 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from ...models.generic_error import GenericError
from typing import Dict
from typing import cast from typing import cast
from ...models.json_web_key_set import JSONWebKeySet from typing import Dict
from ...models.json_web_key_set import JsonWebKeySet
@ -16,10 +17,10 @@ def _get_kwargs(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKeySet, json_body: JsonWebKeySet,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/keys/{set}".format( url = "{}/admin/keys/{set}".format(
_client.base_url,set=set_) _client.base_url,set=set_)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -47,40 +48,25 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, JSONWebKeySet]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[JsonWebKeySet]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = JSONWebKeySet.from_dict(response.json()) response_200 = JsonWebKeySet.from_dict(response.json())
return response_200 return response_200
if response.status_code == HTTPStatus.UNAUTHORIZED: if client.raise_on_unexpected_status:
response_401 = GenericError.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[JsonWebKeySet]:
return response_401
if response.status_code == HTTPStatus.FORBIDDEN:
response_403 = GenericError.from_dict(response.json())
return response_403
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, JSONWebKeySet]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
@ -88,9 +74,9 @@ def sync_detailed(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKeySet, json_body: JsonWebKeySet,
) -> Response[Union[GenericError, JSONWebKeySet]]: ) -> Response[JsonWebKeySet]:
"""Update a JSON Web Key Set """Update a JSON Web Key Set
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
@ -104,15 +90,14 @@ def sync_detailed(
Args: Args:
set_ (str): set_ (str):
json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet json_body (JsonWebKeySet): JSON Web Key Set
for
"swagger generate spec" to generate only on definition of a Raises:
JSONWebKeySet. Since one with the same name is previously defined as errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
client.Client.JSONWebKeys and this one is last, this one will be httpx.TimeoutException: If the request takes longer than Client.timeout.
effectively written in the swagger spec.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -128,15 +113,15 @@ json_body=json_body,
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKeySet, json_body: JsonWebKeySet,
) -> Optional[Union[GenericError, JSONWebKeySet]]: ) -> Optional[JsonWebKeySet]:
"""Update a JSON Web Key Set """Update a JSON Web Key Set
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
@ -150,15 +135,14 @@ def sync(
Args: Args:
set_ (str): set_ (str):
json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet json_body (JsonWebKeySet): JSON Web Key Set
for
"swagger generate spec" to generate only on definition of a Raises:
JSONWebKeySet. Since one with the same name is previously defined as errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
client.Client.JSONWebKeys and this one is last, this one will be httpx.TimeoutException: If the request takes longer than Client.timeout.
effectively written in the swagger spec.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -173,9 +157,9 @@ async def asyncio_detailed(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKeySet, json_body: JsonWebKeySet,
) -> Response[Union[GenericError, JSONWebKeySet]]: ) -> Response[JsonWebKeySet]:
"""Update a JSON Web Key Set """Update a JSON Web Key Set
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
@ -189,15 +173,14 @@ async def asyncio_detailed(
Args: Args:
set_ (str): set_ (str):
json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet json_body (JsonWebKeySet): JSON Web Key Set
for
"swagger generate spec" to generate only on definition of a Raises:
JSONWebKeySet. Since one with the same name is previously defined as errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
client.Client.JSONWebKeys and this one is last, this one will be httpx.TimeoutException: If the request takes longer than Client.timeout.
effectively written in the swagger spec.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """
@ -213,15 +196,15 @@ json_body=json_body,
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
set_: str, set_: str,
*, *,
_client: Client, _client: Client,
json_body: JSONWebKeySet, json_body: JsonWebKeySet,
) -> Optional[Union[GenericError, JSONWebKeySet]]: ) -> Optional[JsonWebKeySet]:
"""Update a JSON Web Key Set """Update a JSON Web Key Set
Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your Use this method if you do not want to let Hydra generate the JWKs for you, but instead save your
@ -235,15 +218,14 @@ async def asyncio(
Args: Args:
set_ (str): set_ (str):
json_body (JSONWebKeySet): It is important that this model object is named JSONWebKeySet json_body (JsonWebKeySet): JSON Web Key Set
for
"swagger generate spec" to generate only on definition of a Raises:
JSONWebKeySet. Since one with the same name is previously defined as errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
client.Client.JSONWebKeys and this one is last, this one will be httpx.TimeoutException: If the request takes longer than Client.timeout.
effectively written in the swagger spec.
Returns: Returns:
Response[Union[GenericError, JSONWebKeySet]] Response[JsonWebKeySet]
""" """

0
libs/ory-hydra-client/ory_hydra_client/api/public/__init__.py → libs/ory-hydra-client/ory_hydra_client/api/metadata/__init__.py
View file

98
libs/ory-hydra-client/ory_hydra_client/api/public/is_instance_ready.py → libs/ory-hydra-client/ory_hydra_client/api/metadata/get_version.py
View file

@ -1,14 +1,15 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from ...models.health_status import HealthStatus from ...models.get_version_response_200 import GetVersionResponse200
from typing import cast
from ...models.health_not_ready_status import HealthNotReadyStatus
from typing import Dict from typing import Dict
from typing import cast
@ -17,7 +18,7 @@ def _get_kwargs(
_client: Client, _client: Client,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/health/ready".format( url = "{}/version".format(
_client.base_url) _client.base_url)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -42,28 +43,25 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[HealthNotReadyStatus, HealthStatus]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[GetVersionResponse200]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = HealthStatus.from_dict(response.json()) response_200 = GetVersionResponse200.from_dict(response.json())
return response_200 return response_200
if response.status_code == HTTPStatus.SERVICE_UNAVAILABLE: if client.raise_on_unexpected_status:
response_503 = HealthNotReadyStatus.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[GetVersionResponse200]:
return response_503
return None
def _build_response(*, response: httpx.Response) -> Response[Union[HealthNotReadyStatus, HealthStatus]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
@ -71,21 +69,23 @@ def sync_detailed(
*, *,
_client: Client, _client: Client,
) -> Response[Union[HealthNotReadyStatus, HealthStatus]]: ) -> Response[GetVersionResponse200]:
"""Check Readiness Status """Return Running Software Version.
This endpoint returns a 200 status code when the HTTP server is up running and the environment This endpoint returns the version of Ory Hydra.
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the version will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[HealthNotReadyStatus, HealthStatus]] Response[GetVersionResponse200]
""" """
@ -99,27 +99,29 @@ def sync_detailed(
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
*, *,
_client: Client, _client: Client,
) -> Optional[Union[HealthNotReadyStatus, HealthStatus]]: ) -> Optional[GetVersionResponse200]:
"""Check Readiness Status """Return Running Software Version.
This endpoint returns a 200 status code when the HTTP server is up running and the environment This endpoint returns the version of Ory Hydra.
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the version will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[HealthNotReadyStatus, HealthStatus]] Response[GetVersionResponse200]
""" """
@ -132,21 +134,23 @@ async def asyncio_detailed(
*, *,
_client: Client, _client: Client,
) -> Response[Union[HealthNotReadyStatus, HealthStatus]]: ) -> Response[GetVersionResponse200]:
"""Check Readiness Status """Return Running Software Version.
This endpoint returns a 200 status code when the HTTP server is up running and the environment This endpoint returns the version of Ory Hydra.
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the version will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[HealthNotReadyStatus, HealthStatus]] Response[GetVersionResponse200]
""" """
@ -160,27 +164,29 @@ async def asyncio_detailed(
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
*, *,
_client: Client, _client: Client,
) -> Optional[Union[HealthNotReadyStatus, HealthStatus]]: ) -> Optional[GetVersionResponse200]:
"""Check Readiness Status """Return Running Software Version.
This endpoint returns a 200 status code when the HTTP server is up running and the environment This endpoint returns the version of Ory Hydra.
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the version will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[HealthNotReadyStatus, HealthStatus]] Response[GetVersionResponse200]
""" """

65
libs/ory-hydra-client/ory_hydra_client/api/admin/is_instance_alive.py → libs/ory-hydra-client/ory_hydra_client/api/metadata/is_alive.py
View file

@ -1,14 +1,16 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from ...models.generic_error import GenericError from ...models.generic_error import GenericError
from ...models.health_status import HealthStatus from ...models.health_status import HealthStatus
from typing import cast
from typing import Dict from typing import Dict
from typing import cast
@ -42,7 +44,7 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError, HealthStatus]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[GenericError, HealthStatus]]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = HealthStatus.from_dict(response.json()) response_200 = HealthStatus.from_dict(response.json())
@ -55,15 +57,18 @@ def _parse_response(*, response: httpx.Response) -> Optional[Union[GenericError,
return response_500 return response_500
return None if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, response: httpx.Response) -> Response[Union[GenericError, HealthStatus]]: def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[GenericError, HealthStatus]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
@ -72,10 +77,11 @@ def sync_detailed(
_client: Client, _client: Client,
) -> Response[Union[GenericError, HealthStatus]]: ) -> Response[Union[GenericError, HealthStatus]]:
"""Check Alive Status """Check HTTP Server Status
This endpoint returns a 200 status code when the HTTP server is up running. This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming
This status does currently not include checks whether the database connection is working. HTTP requests. This status does currently not include checks whether the database connection is
working.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
@ -83,6 +89,10 @@ def sync_detailed(
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the health status will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, HealthStatus]] Response[Union[GenericError, HealthStatus]]
""" """
@ -98,17 +108,18 @@ def sync_detailed(
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
*, *,
_client: Client, _client: Client,
) -> Optional[Union[GenericError, HealthStatus]]: ) -> Optional[Union[GenericError, HealthStatus]]:
"""Check Alive Status """Check HTTP Server Status
This endpoint returns a 200 status code when the HTTP server is up running. This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming
This status does currently not include checks whether the database connection is working. HTTP requests. This status does currently not include checks whether the database connection is
working.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
@ -116,6 +127,10 @@ def sync(
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the health status will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, HealthStatus]] Response[Union[GenericError, HealthStatus]]
""" """
@ -131,10 +146,11 @@ async def asyncio_detailed(
_client: Client, _client: Client,
) -> Response[Union[GenericError, HealthStatus]]: ) -> Response[Union[GenericError, HealthStatus]]:
"""Check Alive Status """Check HTTP Server Status
This endpoint returns a 200 status code when the HTTP server is up running. This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming
This status does currently not include checks whether the database connection is working. HTTP requests. This status does currently not include checks whether the database connection is
working.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
@ -142,6 +158,10 @@ async def asyncio_detailed(
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the health status will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, HealthStatus]] Response[Union[GenericError, HealthStatus]]
""" """
@ -157,17 +177,18 @@ async def asyncio_detailed(
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
*, *,
_client: Client, _client: Client,
) -> Optional[Union[GenericError, HealthStatus]]: ) -> Optional[Union[GenericError, HealthStatus]]:
"""Check Alive Status """Check HTTP Server Status
This endpoint returns a 200 status code when the HTTP server is up running. This endpoint returns a HTTP 200 status code when Ory Hydra is accepting incoming
This status does currently not include checks whether the database connection is working. HTTP requests. This status does currently not include checks whether the database connection is
working.
If the service supports TLS Edge Termination, this endpoint does not require the If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set. `X-Forwarded-Proto` header to be set.
@ -175,6 +196,10 @@ async def asyncio(
Be aware that if you are running multiple nodes of this service, the health status will never Be aware that if you are running multiple nodes of this service, the health status will never
refer to the cluster state, only to a single instance. refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[GenericError, HealthStatus]] Response[Union[GenericError, HealthStatus]]
""" """

212
libs/ory-hydra-client/ory_hydra_client/api/metadata/is_ready.py Normal file
View file

@ -0,0 +1,212 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import cast
from typing import Dict
from ...models.is_ready_response_200 import IsReadyResponse200
from ...models.is_ready_response_503 import IsReadyResponse503
def _get_kwargs(
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/health/ready".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[IsReadyResponse200, IsReadyResponse503]]:
if response.status_code == HTTPStatus.OK:
response_200 = IsReadyResponse200.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.SERVICE_UNAVAILABLE:
response_503 = IsReadyResponse503.from_dict(response.json())
return response_503
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[IsReadyResponse200, IsReadyResponse503]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
) -> Response[Union[IsReadyResponse200, IsReadyResponse503]]:
"""Check HTTP Server and Database Status
This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of Ory Hydra, the health status will never
refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[IsReadyResponse200, IsReadyResponse503]]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
) -> Optional[Union[IsReadyResponse200, IsReadyResponse503]]:
"""Check HTTP Server and Database Status
This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of Ory Hydra, the health status will never
refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[IsReadyResponse200, IsReadyResponse503]]
"""
return sync_detailed(
_client=_client,
).parsed
async def asyncio_detailed(
*,
_client: Client,
) -> Response[Union[IsReadyResponse200, IsReadyResponse503]]:
"""Check HTTP Server and Database Status
This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of Ory Hydra, the health status will never
refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[IsReadyResponse200, IsReadyResponse503]]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
) -> Optional[Union[IsReadyResponse200, IsReadyResponse503]]:
"""Check HTTP Server and Database Status
This endpoint returns a HTTP 200 status code when Ory Hydra is up running and the environment
dependencies (e.g.
the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
Be aware that if you are running multiple nodes of Ory Hydra, the health status will never
refer to the cluster state, only to a single instance.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[IsReadyResponse200, IsReadyResponse503]]
"""
return (await asyncio_detailed(
_client=_client,
)).parsed

0
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/__init__.py Normal file
View file

200
libs/ory-hydra-client/ory_hydra_client/api/admin/accept_consent_request.py → libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_consent_request.py
View file

@ -1,26 +1,27 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from typing import Dict from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from ...models.the_request_payload_used_to_accept_a_consent_request import TheRequestPayloadUsedToAcceptAConsentRequest
from typing import cast from typing import cast
from ...models.completed_request import CompletedRequest from typing import Dict
from ...models.generic_error import GenericError
from ...models.accept_consent_request import AcceptConsentRequest
def _get_kwargs( def _get_kwargs(
*, *,
_client: Client, _client: Client,
json_body: AcceptConsentRequest, json_body: TheRequestPayloadUsedToAcceptAConsentRequest,
consent_challenge: str, consent_challenge: str,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/consent/accept".format( url = "{}/admin/oauth2/auth/requests/consent/accept".format(
_client.base_url) _client.base_url)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -55,78 +56,72 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = CompletedRequest.from_dict(response.json()) response_200 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_200 return response_200
if response.status_code == HTTPStatus.NOT_FOUND: if client.raise_on_unexpected_status:
response_404 = GenericError.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]:
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
def sync_detailed( def sync_detailed(
*, *,
_client: Client, _client: Client,
json_body: AcceptConsentRequest, json_body: TheRequestPayloadUsedToAcceptAConsentRequest,
consent_challenge: str, consent_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]: ) -> Response[OAuth20RedirectBrowserTo]:
"""Accept a Consent Request """Accept OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
he/she must now be asked if must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf. subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent (browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
the subject accepted subject accepted
or rejected the request. or rejected the request.
This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on
resources on his/her behalf. his/her behalf.
The consent provider includes additional information, such as session data for access and ID tokens, The consent provider includes additional information, such as session data for access and ID tokens,
and if the and if the
consent request should be used as basis for future requests. consent request should be used as basis for future requests.
The response contains a redirect URL which the consent provider should redirect the user-agent to. The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args: Args:
consent_challenge (str): consent_challenge (str):
json_body (AcceptConsentRequest): json_body (TheRequestPayloadUsedToAcceptAConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """
@ -142,49 +137,52 @@ consent_challenge=consent_challenge,
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
*, *,
_client: Client, _client: Client,
json_body: AcceptConsentRequest, json_body: TheRequestPayloadUsedToAcceptAConsentRequest,
consent_challenge: str, consent_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]: ) -> Optional[OAuth20RedirectBrowserTo]:
"""Accept a Consent Request """Accept OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
he/she must now be asked if must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf. subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent (browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
the subject accepted subject accepted
or rejected the request. or rejected the request.
This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on
resources on his/her behalf. his/her behalf.
The consent provider includes additional information, such as session data for access and ID tokens, The consent provider includes additional information, such as session data for access and ID tokens,
and if the and if the
consent request should be used as basis for future requests. consent request should be used as basis for future requests.
The response contains a redirect URL which the consent provider should redirect the user-agent to. The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args: Args:
consent_challenge (str): consent_challenge (str):
json_body (AcceptConsentRequest): json_body (TheRequestPayloadUsedToAcceptAConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """
@ -198,44 +196,47 @@ consent_challenge=consent_challenge,
async def asyncio_detailed( async def asyncio_detailed(
*, *,
_client: Client, _client: Client,
json_body: AcceptConsentRequest, json_body: TheRequestPayloadUsedToAcceptAConsentRequest,
consent_challenge: str, consent_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]: ) -> Response[OAuth20RedirectBrowserTo]:
"""Accept a Consent Request """Accept OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
he/she must now be asked if must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf. subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent (browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
the subject accepted subject accepted
or rejected the request. or rejected the request.
This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on
resources on his/her behalf. his/her behalf.
The consent provider includes additional information, such as session data for access and ID tokens, The consent provider includes additional information, such as session data for access and ID tokens,
and if the and if the
consent request should be used as basis for future requests. consent request should be used as basis for future requests.
The response contains a redirect URL which the consent provider should redirect the user-agent to. The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args: Args:
consent_challenge (str): consent_challenge (str):
json_body (AcceptConsentRequest): json_body (TheRequestPayloadUsedToAcceptAConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """
@ -251,49 +252,52 @@ consent_challenge=consent_challenge,
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
*, *,
_client: Client, _client: Client,
json_body: AcceptConsentRequest, json_body: TheRequestPayloadUsedToAcceptAConsentRequest,
consent_challenge: str, consent_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]: ) -> Optional[OAuth20RedirectBrowserTo]:
"""Accept a Consent Request """Accept OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
to authenticate the subject and then tell ORY Hydra now about it. If the subject authenticated, to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
he/she must now be asked if must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf. subject's behalf.
The consent provider which handles this request and is a web app implemented and hosted by you. It
shows a subject interface which asks the subject to
grant or deny the client access to the requested scope (\"Application my-dropbox-app wants write
access to all your private files\").
The consent challenge is appended to the consent provider's URL to which the subject's user-agent The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent (browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells ORY Hydra if provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
the subject accepted subject accepted
or rejected the request. or rejected the request.
This endpoint tells ORY Hydra that the subject has authorized the OAuth 2.0 client to access This endpoint tells Ory that the subject has authorized the OAuth 2.0 client to access resources on
resources on his/her behalf. his/her behalf.
The consent provider includes additional information, such as session data for access and ID tokens, The consent provider includes additional information, such as session data for access and ID tokens,
and if the and if the
consent request should be used as basis for future requests. consent request should be used as basis for future requests.
The response contains a redirect URL which the consent provider should redirect the user-agent to. The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args: Args:
consent_challenge (str): consent_challenge (str):
json_body (AcceptConsentRequest): json_body (TheRequestPayloadUsedToAcceptAConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """

278
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_login_request.py Normal file
View file

@ -0,0 +1,278 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from typing import Dict
from ...models.handled_login_request_is_the_request_payload_used_to_accept_a_login_request import HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest
from typing import cast
def _get_kwargs(
*,
_client: Client,
json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest,
login_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/login/accept".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["login_challenge"] = login_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest,
login_challenge: str,
) -> Response[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells Ory that the subject has successfully authenticated and includes additional
information such as
the subject's ID and if Ory should remember the subject's subject agent for future authentication
attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest,
login_challenge: str,
) -> Optional[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells Ory that the subject has successfully authenticated and includes additional
information such as
the subject's ID and if Ory should remember the subject's subject agent for future authentication
attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest,
login_challenge: str,
) -> Response[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells Ory that the subject has successfully authenticated and includes additional
information such as
the subject's ID and if Ory should remember the subject's subject agent for future authentication
attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
json_body: HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest,
login_challenge: str,
) -> Optional[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
This endpoint tells Ory that the subject has successfully authenticated and includes additional
information such as
the subject's ID and if Ory should remember the subject's subject agent for future authentication
attempts by setting
a cookie.
The response contains a redirect URL which the login provider should redirect the user-agent to.
Args:
login_challenge (str):
json_body (HandledLoginRequestIsTheRequestPayloadUsedToAcceptALoginRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
login_challenge=login_challenge,
)).parsed

213
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/accept_o_auth_2_logout_request.py Normal file
View file

@ -0,0 +1,213 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from typing import Dict
from typing import cast
def _get_kwargs(
*,
_client: Client,
logout_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/logout/accept".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["logout_challenge"] = logout_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this
endpoint is used to confirm that logout request.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
logout_challenge: str,
) -> Optional[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this
endpoint is used to confirm that logout request.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
return sync_detailed(
_client=_client,
logout_challenge=logout_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this
endpoint is used to confirm that logout request.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
logout_challenge: str,
) -> Optional[OAuth20RedirectBrowserTo]:
"""Accept OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this
endpoint is used to confirm that logout request.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
return (await asyncio_detailed(
_client=_client,
logout_challenge=logout_challenge,
)).parsed

220
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/create_o_auth_2_client.py Normal file
View file

@ -0,0 +1,220 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
def _get_kwargs(
*,
_client: Client,
json_body: OAuth20Client,
) -> Dict[str, Any]:
url = "{}/admin/clients".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]:
if response.status_code == HTTPStatus.CREATED:
response_201 = OAuth20Client.from_dict(response.json())
return response_201
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = cast(Any, None)
return response_400
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: OAuth20Client,
) -> Response[Union[Any, OAuth20Client]]:
"""Create OAuth 2.0 Client
Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random
secret
is generated. The secret is echoed in the response. It is not possible to retrieve it later on.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
json_body: OAuth20Client,
) -> Optional[Union[Any, OAuth20Client]]:
"""Create OAuth 2.0 Client
Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random
secret
is generated. The secret is echoed in the response. It is not possible to retrieve it later on.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: OAuth20Client,
) -> Response[Union[Any, OAuth20Client]]:
"""Create OAuth 2.0 Client
Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random
secret
is generated. The secret is echoed in the response. It is not possible to retrieve it later on.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
json_body: OAuth20Client,
) -> Optional[Union[Any, OAuth20Client]]:
"""Create OAuth 2.0 Client
Create a new OAuth 2.0 client. If you pass `client_secret` the secret is used, otherwise a random
secret
is generated. The secret is echoed in the response. It is not possible to retrieve it later on.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
)).parsed

145
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_client.py Normal file
View file

@ -0,0 +1,145 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
id: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Make sure that this endpoint is well protected and only callable by first-party components.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
id: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete OAuth 2.0 Client
Delete an existing OAuth 2.0 Client by its ID.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Make sure that this endpoint is well protected and only callable by first-party components.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

140
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_o_auth_2_token.py Normal file
View file

@ -0,0 +1,140 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
*,
_client: Client,
client_id: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/tokens".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["client_id"] = client_id
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
client_id: str,
) -> Response[Any]:
"""Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client
This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database.
Args:
client_id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
client_id=client_id,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: Client,
client_id: str,
) -> Response[Any]:
"""Delete OAuth 2.0 Access Tokens from specific OAuth 2.0 Client
This endpoint deletes OAuth2 access tokens issued to an OAuth 2.0 Client from the database.
Args:
client_id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
client_id=client_id,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

145
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/delete_trusted_o_auth_2_jwt_grant_issuer.py Normal file
View file

@ -0,0 +1,145 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
id: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/trust/grants/jwt-bearer/issuers/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when
you
created the trust relationship.
Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT)
Profile
for OAuth 2.0 Client Authentication and Authorization Grant.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
id: str,
*,
_client: Client,
) -> Response[Any]:
"""Delete Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when
you
created the trust relationship.
Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT)
Profile
for OAuth 2.0 Client Authentication and Authorization Grant.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

210
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_client.py Normal file
View file

@ -0,0 +1,210 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
def _get_kwargs(
id: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20Client]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20Client.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20Client]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
) -> Response[OAuth20Client]:
"""Get an OAuth 2.0 Client
Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
id: str,
*,
_client: Client,
) -> Optional[OAuth20Client]:
"""Get an OAuth 2.0 Client
Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
return sync_detailed(
id=id,
_client=_client,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
) -> Response[OAuth20Client]:
"""Get an OAuth 2.0 Client
Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
id: str,
*,
_client: Client,
) -> Optional[OAuth20Client]:
"""Get an OAuth 2.0 Client
Get an OAuth 2.0 client by its ID. This endpoint never returns the client secret.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
)).parsed

268
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_consent_request.py Normal file
View file

@ -0,0 +1,268 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from ...models.contains_information_on_an_ongoing_consent_request import ContainsInformationOnAnOngoingConsentRequest
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
consent_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/consent".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["consent_challenge"] = consent_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]:
if response.status_code == HTTPStatus.OK:
response_200 = ContainsInformationOnAnOngoingConsentRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.GONE:
response_410 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_410
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
consent_challenge: str,
) -> Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]
"""
kwargs = _get_kwargs(
_client=_client,
consent_challenge=consent_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
consent_challenge: str,
) -> Optional[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]
"""
return sync_detailed(
_client=_client,
consent_challenge=consent_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
consent_challenge: str,
) -> Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]
"""
kwargs = _get_kwargs(
_client=_client,
consent_challenge=consent_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
consent_challenge: str,
) -> Optional[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingConsentRequest, OAuth20RedirectBrowserTo]]
"""
return (await asyncio_detailed(
_client=_client,
consent_challenge=consent_challenge,
)).parsed

256
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_login_request.py Normal file
View file

@ -0,0 +1,256 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.contains_information_on_an_ongoing_login_request import ContainsInformationOnAnOngoingLoginRequest
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from typing import Dict
from typing import cast
def _get_kwargs(
*,
_client: Client,
login_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/login".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["login_challenge"] = login_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]:
if response.status_code == HTTPStatus.OK:
response_200 = ContainsInformationOnAnOngoingLoginRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.GONE:
response_410 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_410
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
login_challenge: str,
) -> Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
Per default, the login provider is Ory itself. You may use a different login provider which needs to
be a web-app
you write and host, and it must be able to authenticate (\"show the subject a login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]
"""
kwargs = _get_kwargs(
_client=_client,
login_challenge=login_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
login_challenge: str,
) -> Optional[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
Per default, the login provider is Ory itself. You may use a different login provider which needs to
be a web-app
you write and host, and it must be able to authenticate (\"show the subject a login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]
"""
return sync_detailed(
_client=_client,
login_challenge=login_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
login_challenge: str,
) -> Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
Per default, the login provider is Ory itself. You may use a different login provider which needs to
be a web-app
you write and host, and it must be able to authenticate (\"show the subject a login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]
"""
kwargs = _get_kwargs(
_client=_client,
login_challenge=login_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
login_challenge: str,
) -> Optional[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell the Ory OAuth2 Service about it.
Per default, the login provider is Ory itself. You may use a different login provider which needs to
be a web-app
you write and host, and it must be able to authenticate (\"show the subject a login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process.
Args:
login_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationOnAnOngoingLoginRequest, OAuth20RedirectBrowserTo]]
"""
return (await asyncio_detailed(
_client=_client,
login_challenge=login_challenge,
)).parsed

208
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_o_auth_2_logout_request.py Normal file
View file

@ -0,0 +1,208 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import cast
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from typing import Dict
from ...models.contains_information_about_an_ongoing_logout_request import ContainsInformationAboutAnOngoingLogoutRequest
def _get_kwargs(
*,
_client: Client,
logout_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/logout".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["logout_challenge"] = logout_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]:
if response.status_code == HTTPStatus.OK:
response_200 = ContainsInformationAboutAnOngoingLogoutRequest.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.GONE:
response_410 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_410
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Session Logout Request
Use this endpoint to fetch an Ory OAuth 2.0 logout request.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
logout_challenge: str,
) -> Optional[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Session Logout Request
Use this endpoint to fetch an Ory OAuth 2.0 logout request.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]
"""
return sync_detailed(
_client=_client,
logout_challenge=logout_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Session Logout Request
Use this endpoint to fetch an Ory OAuth 2.0 logout request.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
logout_challenge: str,
) -> Optional[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]:
"""Get OAuth 2.0 Session Logout Request
Use this endpoint to fetch an Ory OAuth 2.0 logout request.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[ContainsInformationAboutAnOngoingLogoutRequest, OAuth20RedirectBrowserTo]]
"""
return (await asyncio_detailed(
_client=_client,
logout_challenge=logout_challenge,
)).parsed

198
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/get_trusted_o_auth_2_jwt_grant_issuer.py Normal file
View file

@ -0,0 +1,198 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast
from ...models.trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer
def _get_kwargs(
id: str,
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/admin/trust/grants/jwt-bearer/issuers/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[TrustedOAuth2JwtGrantIssuer]:
if response.status_code == HTTPStatus.OK:
response_200 = TrustedOAuth2JwtGrantIssuer.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[TrustedOAuth2JwtGrantIssuer]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
) -> Response[TrustedOAuth2JwtGrantIssuer]:
"""Get Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you
created the trust relationship.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
id: str,
*,
_client: Client,
) -> Optional[TrustedOAuth2JwtGrantIssuer]:
"""Get Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you
created the trust relationship.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
return sync_detailed(
id=id,
_client=_client,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
) -> Response[TrustedOAuth2JwtGrantIssuer]:
"""Get Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you
created the trust relationship.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
id: str,
*,
_client: Client,
) -> Optional[TrustedOAuth2JwtGrantIssuer]:
"""Get Trusted OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you
created the trust relationship.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
)).parsed

200
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/introspect_o_auth_2_token.py Normal file
View file

@ -0,0 +1,200 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.introspected_o_auth_2_token import IntrospectedOAuth2Token
from ...models.introspect_o_auth_2_token_data import IntrospectOAuth2TokenData
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
form_data: IntrospectOAuth2TokenData,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/introspect".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"data": form_data.to_dict(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[IntrospectedOAuth2Token]:
if response.status_code == HTTPStatus.OK:
response_200 = IntrospectedOAuth2Token.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[IntrospectedOAuth2Token]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
form_data: IntrospectOAuth2TokenData,
) -> Response[IntrospectedOAuth2Token]:
"""Introspect OAuth2 Access and Refresh Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `session.access_token` during the consent flow.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[IntrospectedOAuth2Token]
"""
kwargs = _get_kwargs(
_client=_client,
form_data=form_data,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
form_data: IntrospectOAuth2TokenData,
) -> Optional[IntrospectedOAuth2Token]:
"""Introspect OAuth2 Access and Refresh Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `session.access_token` during the consent flow.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[IntrospectedOAuth2Token]
"""
return sync_detailed(
_client=_client,
form_data=form_data,
).parsed
async def asyncio_detailed(
*,
_client: Client,
form_data: IntrospectOAuth2TokenData,
) -> Response[IntrospectedOAuth2Token]:
"""Introspect OAuth2 Access and Refresh Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `session.access_token` during the consent flow.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[IntrospectedOAuth2Token]
"""
kwargs = _get_kwargs(
_client=_client,
form_data=form_data,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
form_data: IntrospectOAuth2TokenData,
) -> Optional[IntrospectedOAuth2Token]:
"""Introspect OAuth2 Access and Refresh Tokens
The introspection endpoint allows to check if a token (both refresh and access) is active or not. An
active token
is neither expired nor revoked. If a token is active, additional information on the token will be
included. You can
set additional data for a token by setting `session.access_token` during the consent flow.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[IntrospectedOAuth2Token]
"""
return (await asyncio_detailed(
_client=_client,
form_data=form_data,
)).parsed

177
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_clients.py Normal file
View file

@ -0,0 +1,177 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...types import UNSET, Unset
from ...models import OAuth20Client
from typing import Optional
from typing import Union
def _get_kwargs(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
client_name: Union[Unset, None, str] = UNSET,
owner: Union[Unset, None, str] = UNSET,
) -> Dict[str, Any]:
url = "{}/admin/clients".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["page_size"] = page_size
params["page_token"] = page_token
params["client_name"] = client_name
params["owner"] = owner
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[List[OAuth20Client]]:
if response.status_code == HTTPStatus.OK:
response_200 = list([ OAuth20Client.from_dict(data) for data in response.json() ])
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[List[OAuth20Client]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
client_name: Union[Unset, None, str] = UNSET,
owner: Union[Unset, None, str] = UNSET,
) -> Response[List[OAuth20Client]]:
"""List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets.
As a default it lists the first 100 clients.
Args:
page_size (Union[Unset, None, int]): Default: 250.
page_token (Union[Unset, None, str]): Default: '1'.
client_name (Union[Unset, None, str]):
owner (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
page_size=page_size,
page_token=page_token,
client_name=client_name,
owner=owner,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
client_name: Union[Unset, None, str] = UNSET,
owner: Union[Unset, None, str] = UNSET,
) -> Response[List[OAuth20Client]]:
"""List OAuth 2.0 Clients
This endpoint lists all clients in the database, and never returns client secrets.
As a default it lists the first 100 clients.
Args:
page_size (Union[Unset, None, int]): Default: 250.
page_token (Union[Unset, None, str]): Default: '1'.
client_name (Union[Unset, None, str]):
owner (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
page_size=page_size,
page_token=page_token,
client_name=client_name,
owner=owner,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

266
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_o_auth_2_consent_sessions.py Normal file
View file

@ -0,0 +1,266 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...types import UNSET, Unset
from typing import Optional
from typing import Union
from typing import cast
from typing import Dict
from ...models.o_auth_20_consent_session import OAuth20ConsentSession
from typing import cast, List
def _get_kwargs(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
subject: str,
login_session_id: Union[Unset, None, str] = UNSET,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/sessions/consent".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["page_size"] = page_size
params["page_token"] = page_token
params["subject"] = subject
params["login_session_id"] = login_session_id
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[List['OAuth20ConsentSession']]:
if response.status_code == HTTPStatus.OK:
response_200 = []
_response_200 = response.json()
for componentsschemaso_auth_2_consent_sessions_item_data in (_response_200):
componentsschemaso_auth_2_consent_sessions_item = OAuth20ConsentSession.from_dict(componentsschemaso_auth_2_consent_sessions_item_data)
response_200.append(componentsschemaso_auth_2_consent_sessions_item)
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[List['OAuth20ConsentSession']]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
subject: str,
login_session_id: Union[Unset, None, str] = UNSET,
) -> Response[List['OAuth20ConsentSession']]:
"""List OAuth 2.0 Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
Args:
page_size (Union[Unset, None, int]): Default: 250.
page_token (Union[Unset, None, str]): Default: '1'.
subject (str):
login_session_id (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['OAuth20ConsentSession']]
"""
kwargs = _get_kwargs(
_client=_client,
page_size=page_size,
page_token=page_token,
subject=subject,
login_session_id=login_session_id,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
subject: str,
login_session_id: Union[Unset, None, str] = UNSET,
) -> Optional[List['OAuth20ConsentSession']]:
"""List OAuth 2.0 Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
Args:
page_size (Union[Unset, None, int]): Default: 250.
page_token (Union[Unset, None, str]): Default: '1'.
subject (str):
login_session_id (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['OAuth20ConsentSession']]
"""
return sync_detailed(
_client=_client,
page_size=page_size,
page_token=page_token,
subject=subject,
login_session_id=login_session_id,
).parsed
async def asyncio_detailed(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
subject: str,
login_session_id: Union[Unset, None, str] = UNSET,
) -> Response[List['OAuth20ConsentSession']]:
"""List OAuth 2.0 Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
Args:
page_size (Union[Unset, None, int]): Default: 250.
page_token (Union[Unset, None, str]): Default: '1'.
subject (str):
login_session_id (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['OAuth20ConsentSession']]
"""
kwargs = _get_kwargs(
_client=_client,
page_size=page_size,
page_token=page_token,
subject=subject,
login_session_id=login_session_id,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
page_size: Union[Unset, None, int] = 250,
page_token: Union[Unset, None, str] = '1',
subject: str,
login_session_id: Union[Unset, None, str] = UNSET,
) -> Optional[List['OAuth20ConsentSession']]:
"""List OAuth 2.0 Consent Sessions of a Subject
This endpoint lists all subject's granted consent sessions, including client and granted scope.
If the subject is unknown or has not granted any consent sessions yet, the endpoint returns an
empty JSON array with status code 200 OK.
Args:
page_size (Union[Unset, None, int]): Default: 250.
page_token (Union[Unset, None, str]): Default: '1'.
subject (str):
login_session_id (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['OAuth20ConsentSession']]
"""
return (await asyncio_detailed(
_client=_client,
page_size=page_size,
page_token=page_token,
subject=subject,
login_session_id=login_session_id,
)).parsed

242
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/list_trusted_o_auth_2_jwt_grant_issuers.py Normal file
View file

@ -0,0 +1,242 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...types import UNSET, Unset
from typing import Optional
from typing import Union
from typing import cast
from typing import Dict
from typing import cast, List
from ...models.trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer
def _get_kwargs(
*,
_client: Client,
max_items: Union[Unset, None, int] = UNSET,
default_items: Union[Unset, None, int] = UNSET,
issuer: Union[Unset, None, str] = UNSET,
) -> Dict[str, Any]:
url = "{}/admin/trust/grants/jwt-bearer/issuers".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["MaxItems"] = max_items
params["DefaultItems"] = default_items
params["issuer"] = issuer
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[List['TrustedOAuth2JwtGrantIssuer']]:
if response.status_code == HTTPStatus.OK:
response_200 = []
_response_200 = response.json()
for componentsschemastrusted_o_auth_2_jwt_grant_issuers_item_data in (_response_200):
componentsschemastrusted_o_auth_2_jwt_grant_issuers_item = TrustedOAuth2JwtGrantIssuer.from_dict(componentsschemastrusted_o_auth_2_jwt_grant_issuers_item_data)
response_200.append(componentsschemastrusted_o_auth_2_jwt_grant_issuers_item)
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[List['TrustedOAuth2JwtGrantIssuer']]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
max_items: Union[Unset, None, int] = UNSET,
default_items: Union[Unset, None, int] = UNSET,
issuer: Union[Unset, None, str] = UNSET,
) -> Response[List['TrustedOAuth2JwtGrantIssuer']]:
"""List Trusted OAuth2 JWT Bearer Grant Type Issuers
Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.
Args:
max_items (Union[Unset, None, int]):
default_items (Union[Unset, None, int]):
issuer (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['TrustedOAuth2JwtGrantIssuer']]
"""
kwargs = _get_kwargs(
_client=_client,
max_items=max_items,
default_items=default_items,
issuer=issuer,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
max_items: Union[Unset, None, int] = UNSET,
default_items: Union[Unset, None, int] = UNSET,
issuer: Union[Unset, None, str] = UNSET,
) -> Optional[List['TrustedOAuth2JwtGrantIssuer']]:
"""List Trusted OAuth2 JWT Bearer Grant Type Issuers
Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.
Args:
max_items (Union[Unset, None, int]):
default_items (Union[Unset, None, int]):
issuer (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['TrustedOAuth2JwtGrantIssuer']]
"""
return sync_detailed(
_client=_client,
max_items=max_items,
default_items=default_items,
issuer=issuer,
).parsed
async def asyncio_detailed(
*,
_client: Client,
max_items: Union[Unset, None, int] = UNSET,
default_items: Union[Unset, None, int] = UNSET,
issuer: Union[Unset, None, str] = UNSET,
) -> Response[List['TrustedOAuth2JwtGrantIssuer']]:
"""List Trusted OAuth2 JWT Bearer Grant Type Issuers
Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.
Args:
max_items (Union[Unset, None, int]):
default_items (Union[Unset, None, int]):
issuer (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['TrustedOAuth2JwtGrantIssuer']]
"""
kwargs = _get_kwargs(
_client=_client,
max_items=max_items,
default_items=default_items,
issuer=issuer,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
max_items: Union[Unset, None, int] = UNSET,
default_items: Union[Unset, None, int] = UNSET,
issuer: Union[Unset, None, str] = UNSET,
) -> Optional[List['TrustedOAuth2JwtGrantIssuer']]:
"""List Trusted OAuth2 JWT Bearer Grant Type Issuers
Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.
Args:
max_items (Union[Unset, None, int]):
default_items (Union[Unset, None, int]):
issuer (Union[Unset, None, str]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[List['TrustedOAuth2JwtGrantIssuer']]
"""
return (await asyncio_detailed(
_client=_client,
max_items=max_items,
default_items=default_items,
issuer=issuer,
)).parsed

128
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/o_auth_2_authorize.py Normal file
View file

@ -0,0 +1,128 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/oauth2/auth".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.FOUND:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
) -> Response[Any]:
"""OAuth 2.0 Authorize Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect
available for any programming language. You can find a list of libraries at https://oauth.net/code/
The Ory SDK is not yet able to this endpoint properly.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: Client,
) -> Response[Any]:
"""OAuth 2.0 Authorize Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect
available for any programming language. You can find a list of libraries at https://oauth.net/code/
The Ory SDK is not yet able to this endpoint properly.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

200
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/oauth_2_token_exchange.py Normal file
View file

@ -0,0 +1,200 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.o_auth_2_token_exchange import OAuth2TokenExchange
from typing import Dict
from typing import cast
from ...models.oauth_2_token_exchange_data import Oauth2TokenExchangeData
def _get_kwargs(
*,
_client: AuthenticatedClient,
form_data: Oauth2TokenExchangeData,
) -> Dict[str, Any]:
url = "{}/oauth2/token".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"data": form_data.to_dict(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth2TokenExchange]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth2TokenExchange.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth2TokenExchange]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: AuthenticatedClient,
form_data: Oauth2TokenExchangeData,
) -> Response[OAuth2TokenExchange]:
"""The OAuth 2.0 Token Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect
available for any programming language. You can find a list of libraries here
https://oauth.net/code/
The Ory SDK is not yet able to this endpoint properly.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth2TokenExchange]
"""
kwargs = _get_kwargs(
_client=_client,
form_data=form_data,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: AuthenticatedClient,
form_data: Oauth2TokenExchangeData,
) -> Optional[OAuth2TokenExchange]:
"""The OAuth 2.0 Token Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect
available for any programming language. You can find a list of libraries here
https://oauth.net/code/
The Ory SDK is not yet able to this endpoint properly.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth2TokenExchange]
"""
return sync_detailed(
_client=_client,
form_data=form_data,
).parsed
async def asyncio_detailed(
*,
_client: AuthenticatedClient,
form_data: Oauth2TokenExchangeData,
) -> Response[OAuth2TokenExchange]:
"""The OAuth 2.0 Token Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect
available for any programming language. You can find a list of libraries here
https://oauth.net/code/
The Ory SDK is not yet able to this endpoint properly.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth2TokenExchange]
"""
kwargs = _get_kwargs(
_client=_client,
form_data=form_data,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: AuthenticatedClient,
form_data: Oauth2TokenExchangeData,
) -> Optional[OAuth2TokenExchange]:
"""The OAuth 2.0 Token Endpoint
Use open source libraries to perform OAuth 2.0 and OpenID Connect
available for any programming language. You can find a list of libraries here
https://oauth.net/code/
The Ory SDK is not yet able to this endpoint properly.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth2TokenExchange]
"""
return (await asyncio_detailed(
_client=_client,
form_data=form_data,
)).parsed

246
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/patch_o_auth_2_client.py Normal file
View file

@ -0,0 +1,246 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
from typing import Dict
from ...models.json_patch import JsonPatch
from typing import cast, List
def _get_kwargs(
id: str,
*,
_client: Client,
json_body: List['JsonPatch'],
) -> Dict[str, Any]:
url = "{}/admin/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = []
for componentsschemasjson_patch_document_item_data in json_body:
componentsschemasjson_patch_document_item = componentsschemasjson_patch_document_item_data.to_dict()
json_json_body.append(componentsschemasjson_patch_document_item)
return {
"method": "patch",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20Client.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = cast(Any, None)
return response_404
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
json_body: List['JsonPatch'],
) -> Response[Union[Any, OAuth20Client]]:
"""Patch OAuth 2.0 Client
Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret`
the secret will be updated and returned via the API. This is the
only time you will be able to retrieve the client secret, so write it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (List['JsonPatch']): A JSONPatchDocument request
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
id: str,
*,
_client: Client,
json_body: List['JsonPatch'],
) -> Optional[Union[Any, OAuth20Client]]:
"""Patch OAuth 2.0 Client
Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret`
the secret will be updated and returned via the API. This is the
only time you will be able to retrieve the client secret, so write it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (List['JsonPatch']): A JSONPatchDocument request
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return sync_detailed(
id=id,
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
json_body: List['JsonPatch'],
) -> Response[Union[Any, OAuth20Client]]:
"""Patch OAuth 2.0 Client
Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret`
the secret will be updated and returned via the API. This is the
only time you will be able to retrieve the client secret, so write it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (List['JsonPatch']): A JSONPatchDocument request
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
id: str,
*,
_client: Client,
json_body: List['JsonPatch'],
) -> Optional[Union[Any, OAuth20Client]]:
"""Patch OAuth 2.0 Client
Patch an existing OAuth 2.0 Client using JSON Patch. If you pass `client_secret`
the secret will be updated and returned via the API. This is the
only time you will be able to retrieve the client secret, so write it down and keep it safe.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (List['JsonPatch']): A JSONPatchDocument request
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
json_body=json_body,
)).parsed

302
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_consent_request.py Normal file
View file

@ -0,0 +1,302 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from typing import Dict
from ...models.the_request_payload_used_to_accept_a_login_or_consent_request import TheRequestPayloadUsedToAcceptALoginOrConsentRequest
from typing import cast
def _get_kwargs(
*,
_client: Client,
json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
consent_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/consent/reject".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["consent_challenge"] = consent_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
consent_challenge: str,
) -> Response[OAuth20RedirectBrowserTo]:
"""Reject OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources
on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
consent_challenge: str,
) -> Optional[OAuth20RedirectBrowserTo]:
"""Reject OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources
on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
consent_challenge: str,
) -> Response[OAuth20RedirectBrowserTo]:
"""Reject OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources
on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
consent_challenge: str,
) -> Optional[OAuth20RedirectBrowserTo]:
"""Reject OAuth 2.0 Consent Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
provider
to authenticate the subject and then tell Ory now about it. If the subject authenticated, he/she
must now be asked if
the OAuth 2.0 Client which initiated the flow should be allowed to access the resources on the
subject's behalf.
The consent challenge is appended to the consent provider's URL to which the subject's user-agent
(browser) is redirected to. The consent
provider uses that challenge to fetch information on the OAuth2 request and then tells Ory if the
subject accepted
or rejected the request.
This endpoint tells Ory that the subject has not authorized the OAuth 2.0 client to access resources
on his/her behalf.
The consent provider must include a reason why the consent was not granted.
The response contains a redirect URL which the consent provider should redirect the user-agent to.
The default consent provider is available via the Ory Managed Account Experience. To customize the
consent provider, please
head over to the OAuth 2.0 documentation.
Args:
consent_challenge (str):
json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20RedirectBrowserTo]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
consent_challenge=consent_challenge,
)).parsed

166
libs/ory-hydra-client/ory_hydra_client/api/admin/reject_login_request.py → libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_login_request.py
View file

@ -1,26 +1,27 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast from typing import Any, Dict, List, Optional, Union, cast
import httpx import httpx
from ...client import AuthenticatedClient, Client from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET from ...types import Response, UNSET
from ... import errors
from ...models.o_auth_20_redirect_browser_to import OAuth20RedirectBrowserTo
from typing import Dict from typing import Dict
from ...models.the_request_payload_used_to_accept_a_login_or_consent_request import TheRequestPayloadUsedToAcceptALoginOrConsentRequest
from typing import cast from typing import cast
from ...models.reject_request import RejectRequest
from ...models.completed_request import CompletedRequest
from ...models.generic_error import GenericError
def _get_kwargs( def _get_kwargs(
*, *,
_client: Client, _client: Client,
json_body: RejectRequest, json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
login_challenge: str, login_challenge: str,
) -> Dict[str, Any]: ) -> Dict[str, Any]:
url = "{}/oauth2/auth/requests/login/reject".format( url = "{}/admin/oauth2/auth/requests/login/reject".format(
_client.base_url) _client.base_url)
headers: Dict[str, str] = _client.get_headers() headers: Dict[str, str] = _client.get_headers()
@ -55,83 +56,62 @@ def _get_kwargs(
} }
def _parse_response(*, response: httpx.Response) -> Optional[Union[CompletedRequest, GenericError]]: def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20RedirectBrowserTo]:
if response.status_code == HTTPStatus.OK: if response.status_code == HTTPStatus.OK:
response_200 = CompletedRequest.from_dict(response.json()) response_200 = OAuth20RedirectBrowserTo.from_dict(response.json())
return response_200 return response_200
if response.status_code == HTTPStatus.BAD_REQUEST: if client.raise_on_unexpected_status:
response_400 = GenericError.from_dict(response.json()) raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20RedirectBrowserTo]:
return response_400
if response.status_code == HTTPStatus.UNAUTHORIZED:
response_401 = GenericError.from_dict(response.json())
return response_401
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = GenericError.from_dict(response.json())
return response_404
if response.status_code == HTTPStatus.INTERNAL_SERVER_ERROR:
response_500 = GenericError.from_dict(response.json())
return response_500
return None
def _build_response(*, response: httpx.Response) -> Response[Union[CompletedRequest, GenericError]]:
return Response( return Response(
status_code=response.status_code, status_code=HTTPStatus(response.status_code),
content=response.content, content=response.content,
headers=response.headers, headers=response.headers,
parsed=_parse_response(response=response), parsed=_parse_response(client=client, response=response),
) )
def sync_detailed( def sync_detailed(
*, *,
_client: Client, _client: Client,
json_body: RejectRequest, json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
login_challenge: str, login_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]: ) -> Response[OAuth20RedirectBrowserTo]:
"""Reject a Login Request """Reject OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now to authenticate the subject and then tell the Ory OAuth2 Service about it.
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login (browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process. the requested authentication process.
This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the This endpoint tells Ory that the subject has not authenticated and includes a reason why the
authentication authentication
was be denied. was denied.
The response contains a redirect URL which the login provider should redirect the user-agent to. The response contains a redirect URL which the login provider should redirect the user-agent to.
Args: Args:
login_challenge (str): login_challenge (str):
json_body (RejectRequest): json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """
@ -147,42 +127,42 @@ login_challenge=login_challenge,
**kwargs, **kwargs,
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
def sync( def sync(
*, *,
_client: Client, _client: Client,
json_body: RejectRequest, json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
login_challenge: str, login_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]: ) -> Optional[OAuth20RedirectBrowserTo]:
"""Reject a Login Request """Reject OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now to authenticate the subject and then tell the Ory OAuth2 Service about it.
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login (browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process. the requested authentication process.
This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the This endpoint tells Ory that the subject has not authenticated and includes a reason why the
authentication authentication
was be denied. was denied.
The response contains a redirect URL which the login provider should redirect the user-agent to. The response contains a redirect URL which the login provider should redirect the user-agent to.
Args: Args:
login_challenge (str): login_challenge (str):
json_body (RejectRequest): json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """
@ -196,37 +176,37 @@ login_challenge=login_challenge,
async def asyncio_detailed( async def asyncio_detailed(
*, *,
_client: Client, _client: Client,
json_body: RejectRequest, json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
login_challenge: str, login_challenge: str,
) -> Response[Union[CompletedRequest, GenericError]]: ) -> Response[OAuth20RedirectBrowserTo]:
"""Reject a Login Request """Reject OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now to authenticate the subject and then tell the Ory OAuth2 Service about it.
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login (browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process. the requested authentication process.
This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the This endpoint tells Ory that the subject has not authenticated and includes a reason why the
authentication authentication
was be denied. was denied.
The response contains a redirect URL which the login provider should redirect the user-agent to. The response contains a redirect URL which the login provider should redirect the user-agent to.
Args: Args:
login_challenge (str): login_challenge (str):
json_body (RejectRequest): json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """
@ -242,42 +222,42 @@ login_challenge=login_challenge,
**kwargs **kwargs
) )
return _build_response(response=response) return _build_response(client=_client, response=response)
async def asyncio( async def asyncio(
*, *,
_client: Client, _client: Client,
json_body: RejectRequest, json_body: TheRequestPayloadUsedToAcceptALoginOrConsentRequest,
login_challenge: str, login_challenge: str,
) -> Optional[Union[CompletedRequest, GenericError]]: ) -> Optional[OAuth20RedirectBrowserTo]:
"""Reject a Login Request """Reject OAuth 2.0 Login Request
When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, ORY Hydra asks the When an authorization code, hybrid, or implicit OAuth 2.0 Flow is initiated, Ory asks the login
login provider provider
(sometimes called \"identity provider\") to authenticate the subject and then tell ORY Hydra now to authenticate the subject and then tell the Ory OAuth2 Service about it.
about it. The login
provider is an web-app you write and host, and it must be able to authenticate (\"show the subject a
login screen\")
a subject (in OAuth2 the proper name for subject is \"resource owner\").
The authentication challenge is appended to the login provider URL to which the subject's user-agent The authentication challenge is appended to the login provider URL to which the subject's user-agent
(browser) is redirected to. The login (browser) is redirected to. The login
provider uses that challenge to fetch information on the OAuth2 request and then accept or reject provider uses that challenge to fetch information on the OAuth2 request and then accept or reject
the requested authentication process. the requested authentication process.
This endpoint tells ORY Hydra that the subject has not authenticated and includes a reason why the This endpoint tells Ory that the subject has not authenticated and includes a reason why the
authentication authentication
was be denied. was denied.
The response contains a redirect URL which the login provider should redirect the user-agent to. The response contains a redirect URL which the login provider should redirect the user-agent to.
Args: Args:
login_challenge (str): login_challenge (str):
json_body (RejectRequest): json_body (TheRequestPayloadUsedToAcceptALoginOrConsentRequest):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns: Returns:
Response[Union[CompletedRequest, GenericError]] Response[OAuth20RedirectBrowserTo]
""" """

148
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/reject_o_auth_2_logout_request.py Normal file
View file

@ -0,0 +1,148 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
*,
_client: Client,
logout_challenge: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/requests/logout/reject".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["logout_challenge"] = logout_challenge
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Any]:
"""Reject OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this
endpoint is used to deny that logout request.
No HTTP request body is required.
The response is empty as the logout provider has to chose what action to perform next.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: Client,
logout_challenge: str,
) -> Response[Any]:
"""Reject OAuth 2.0 Session Logout Request
When a user or an application requests Ory OAuth 2.0 to remove the session state of a subject, this
endpoint is used to deny that logout request.
No HTTP request body is required.
The response is empty as the logout provider has to chose what action to perform next.
Args:
logout_challenge (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
logout_challenge=logout_challenge,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

167
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_consent_sessions.py Normal file
View file

@ -0,0 +1,167 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...types import UNSET, Unset
from typing import Optional
from typing import Union
def _get_kwargs(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/sessions/consent".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["subject"] = subject
params["client"] = client
params["all"] = all_
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Response[Any]:
"""Revoke OAuth 2.0 Consent Sessions of a Subject
This endpoint revokes a subject's granted consent sessions and invalidates all
associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0
Client ID.
Args:
subject (str):
client (Union[Unset, None, str]):
all_ (Union[Unset, None, bool]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
client=client,
all_=all_,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: Client,
subject: str,
client: Union[Unset, None, str] = UNSET,
all_: Union[Unset, None, bool] = UNSET,
) -> Response[Any]:
"""Revoke OAuth 2.0 Consent Sessions of a Subject
This endpoint revokes a subject's granted consent sessions and invalidates all
associated OAuth 2.0 Access Tokens. You may also only revoke sessions for a specific OAuth 2.0
Client ID.
Args:
subject (str):
client (Union[Unset, None, str]):
all_ (Union[Unset, None, bool]):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
client=client,
all_=all_,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

146
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_login_sessions.py Normal file
View file

@ -0,0 +1,146 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
*,
_client: Client,
subject: str,
) -> Dict[str, Any]:
url = "{}/admin/oauth2/auth/sessions/login".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
params: Dict[str, Any] = {}
params["subject"] = subject
params = {k: v for k, v in params.items() if v is not UNSET and v is not None}
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"params": params,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
subject: str,
) -> Response[Any]:
"""Revokes All OAuth 2.0 Login Sessions of a Subject
This endpoint invalidates a subject's authentication session. After revoking the authentication
session, the subject
has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and
does not work with OpenID Connect Front- or Back-channel logout.
Args:
subject (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: Client,
subject: str,
) -> Response[Any]:
"""Revokes All OAuth 2.0 Login Sessions of a Subject
This endpoint invalidates a subject's authentication session. After revoking the authentication
session, the subject
has to re-authenticate at the Ory OAuth2 Provider. This endpoint does not invalidate any tokens and
does not work with OpenID Connect Front- or Back-channel logout.
Args:
subject (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
subject=subject,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

143
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/revoke_o_auth_2_token.py Normal file
View file

@ -0,0 +1,143 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.revoke_o_auth_2_token_data import RevokeOAuth2TokenData
from typing import Dict
from typing import cast
def _get_kwargs(
*,
_client: AuthenticatedClient,
form_data: RevokeOAuth2TokenData,
) -> Dict[str, Any]:
url = "{}/oauth2/revoke".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"data": form_data.to_dict(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.OK:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: AuthenticatedClient,
form_data: RevokeOAuth2TokenData,
) -> Response[Any]:
"""Revoke OAuth 2.0 Access or Refresh Token
Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access
token can no
longer be used to make access requests, and a revoked refresh token can no longer be used to refresh
an access token.
Revoking a refresh token also invalidates the access token that was created with it. A token may
only be revoked by
the client the token was generated for.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
form_data=form_data,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
*,
_client: AuthenticatedClient,
form_data: RevokeOAuth2TokenData,
) -> Response[Any]:
"""Revoke OAuth 2.0 Access or Refresh Token
Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access
token can no
longer be used to make access requests, and a revoked refresh token can no longer be used to refresh
an access token.
Revoking a refresh token also invalidates the access token that was created with it. A token may
only be revoked by
the client the token was generated for.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
_client=_client,
form_data=form_data,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

260
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client.py Normal file
View file

@ -0,0 +1,260 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
def _get_kwargs(
id: str,
*,
_client: Client,
json_body: OAuth20Client,
) -> Dict[str, Any]:
url = "{}/admin/clients/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20Client.from_dict(response.json())
return response_200
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = cast(Any, None)
return response_400
if response.status_code == HTTPStatus.NOT_FOUND:
response_404 = cast(Any, None)
return response_404
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
json_body: OAuth20Client,
) -> Response[Union[Any, OAuth20Client]]:
"""Set OAuth 2.0 Client
Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the
secret is used,
otherwise the existing secret is used.
If set, the secret is echoed in the response. It is not possible to retrieve it later on.
OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
id: str,
*,
_client: Client,
json_body: OAuth20Client,
) -> Optional[Union[Any, OAuth20Client]]:
"""Set OAuth 2.0 Client
Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the
secret is used,
otherwise the existing secret is used.
If set, the secret is echoed in the response. It is not possible to retrieve it later on.
OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return sync_detailed(
id=id,
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
json_body: OAuth20Client,
) -> Response[Union[Any, OAuth20Client]]:
"""Set OAuth 2.0 Client
Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the
secret is used,
otherwise the existing secret is used.
If set, the secret is echoed in the response. It is not possible to retrieve it later on.
OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
id: str,
*,
_client: Client,
json_body: OAuth20Client,
) -> Optional[Union[Any, OAuth20Client]]:
"""Set OAuth 2.0 Client
Replaces an existing OAuth 2.0 Client with the payload you send. If you pass `client_secret` the
secret is used,
otherwise the existing secret is used.
If set, the secret is echoed in the response. It is not possible to retrieve it later on.
OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
json_body=json_body,
)).parsed

219
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/set_o_auth_2_client_lifespans.py Normal file
View file

@ -0,0 +1,219 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from ...models.o_auth_20_client_token_lifespans import OAuth20ClientTokenLifespans
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
def _get_kwargs(
id: str,
*,
_client: Client,
json_body: OAuth20ClientTokenLifespans,
) -> Dict[str, Any]:
url = "{}/admin/clients/{id}/lifespans".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "put",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20Client]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20Client.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20Client]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: Client,
json_body: OAuth20ClientTokenLifespans,
) -> Response[OAuth20Client]:
"""Set OAuth2 Client Token Lifespans
Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other
fields.
Args:
id (str):
json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for
this OAuth 2.0 Client.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
id: str,
*,
_client: Client,
json_body: OAuth20ClientTokenLifespans,
) -> Optional[OAuth20Client]:
"""Set OAuth2 Client Token Lifespans
Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other
fields.
Args:
id (str):
json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for
this OAuth 2.0 Client.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
return sync_detailed(
id=id,
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: Client,
json_body: OAuth20ClientTokenLifespans,
) -> Response[OAuth20Client]:
"""Set OAuth2 Client Token Lifespans
Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other
fields.
Args:
id (str):
json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for
this OAuth 2.0 Client.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
id: str,
*,
_client: Client,
json_body: OAuth20ClientTokenLifespans,
) -> Optional[OAuth20Client]:
"""Set OAuth2 Client Token Lifespans
Set lifespans of different token types issued for this OAuth 2.0 client. Does not modify other
fields.
Args:
id (str):
json_body (OAuth20ClientTokenLifespans): Lifespans of different token types issued for
this OAuth 2.0 Client.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
json_body=json_body,
)).parsed

210
libs/ory-hydra-client/ory_hydra_client/api/o_auth_2/trust_o_auth_2_jwt_grant_issuer.py Normal file
View file

@ -0,0 +1,210 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.trusted_o_auth_2_jwt_grant_issuer import TrustedOAuth2JwtGrantIssuer
from typing import Dict
from typing import cast
from ...models.trust_o_auth_2_jwt_grant_issuer import TrustOAuth2JwtGrantIssuer
def _get_kwargs(
*,
_client: Client,
json_body: TrustOAuth2JwtGrantIssuer,
) -> Dict[str, Any]:
url = "{}/admin/trust/grants/jwt-bearer/issuers".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[TrustedOAuth2JwtGrantIssuer]:
if response.status_code == HTTPStatus.CREATED:
response_201 = TrustedOAuth2JwtGrantIssuer.from_dict(response.json())
return response_201
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[TrustedOAuth2JwtGrantIssuer]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: TrustOAuth2JwtGrantIssuer,
) -> Response[TrustedOAuth2JwtGrantIssuer]:
"""Trust OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to establish a trust relationship for a JWT issuer
to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication
and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523).
Args:
json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request
Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
json_body: TrustOAuth2JwtGrantIssuer,
) -> Optional[TrustedOAuth2JwtGrantIssuer]:
"""Trust OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to establish a trust relationship for a JWT issuer
to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication
and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523).
Args:
json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request
Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: TrustOAuth2JwtGrantIssuer,
) -> Response[TrustedOAuth2JwtGrantIssuer]:
"""Trust OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to establish a trust relationship for a JWT issuer
to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication
and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523).
Args:
json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request
Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
json_body: TrustOAuth2JwtGrantIssuer,
) -> Optional[TrustedOAuth2JwtGrantIssuer]:
"""Trust OAuth2 JWT Bearer Grant Type Issuer
Use this endpoint to establish a trust relationship for a JWT issuer
to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication
and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523).
Args:
json_body (TrustOAuth2JwtGrantIssuer): Trust OAuth2 JWT Bearer Grant Type Issuer Request
Body
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[TrustedOAuth2JwtGrantIssuer]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
)).parsed

0
libs/ory-hydra-client/ory_hydra_client/api/oidc/__init__.py Normal file
View file

272
libs/ory-hydra-client/ory_hydra_client/api/oidc/create_oidc_dynamic_client.py Normal file
View file

@ -0,0 +1,272 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
def _get_kwargs(
*,
_client: Client,
json_body: OAuth20Client,
) -> Dict[str, Any]:
url = "{}/oauth2/register".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
json_json_body = json_body.to_dict()
return {
"method": "post",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
"json": json_json_body,
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Union[Any, OAuth20Client]]:
if response.status_code == HTTPStatus.CREATED:
response_201 = OAuth20Client.from_dict(response.json())
return response_201
if response.status_code == HTTPStatus.BAD_REQUEST:
response_400 = cast(Any, None)
return response_400
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Union[Any, OAuth20Client]]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
json_body: OAuth20Client,
) -> Response[Union[Any, OAuth20Client]]:
"""Register OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This
endpoint
is disabled by default. It can be enabled by an administrator.
Please note that using this endpoint you are not able to choose the `client_secret` nor the
`client_id` as those
values will be server generated when specifying `token_endpoint_auth_method` as
`client_secret_basic` or
`client_secret_post`.
The `client_secret` will be returned in the response and you will not be able to retrieve it later
on.
Write the secret down and keep it somewhere safe.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
json_body: OAuth20Client,
) -> Optional[Union[Any, OAuth20Client]]:
"""Register OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This
endpoint
is disabled by default. It can be enabled by an administrator.
Please note that using this endpoint you are not able to choose the `client_secret` nor the
`client_id` as those
values will be server generated when specifying `token_endpoint_auth_method` as
`client_secret_basic` or
`client_secret_post`.
The `client_secret` will be returned in the response and you will not be able to retrieve it later
on.
Write the secret down and keep it somewhere safe.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return sync_detailed(
_client=_client,
json_body=json_body,
).parsed
async def asyncio_detailed(
*,
_client: Client,
json_body: OAuth20Client,
) -> Response[Union[Any, OAuth20Client]]:
"""Register OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This
endpoint
is disabled by default. It can be enabled by an administrator.
Please note that using this endpoint you are not able to choose the `client_secret` nor the
`client_id` as those
values will be server generated when specifying `token_endpoint_auth_method` as
`client_secret_basic` or
`client_secret_post`.
The `client_secret` will be returned in the response and you will not be able to retrieve it later
on.
Write the secret down and keep it somewhere safe.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
kwargs = _get_kwargs(
_client=_client,
json_body=json_body,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
json_body: OAuth20Client,
) -> Optional[Union[Any, OAuth20Client]]:
"""Register OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`createOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This
endpoint
is disabled by default. It can be enabled by an administrator.
Please note that using this endpoint you are not able to choose the `client_secret` nor the
`client_id` as those
values will be server generated when specifying `token_endpoint_auth_method` as
`client_secret_basic` or
`client_secret_post`.
The `client_secret` will be returned in the response and you will not be able to retrieve it later
on.
Write the secret down and keep it somewhere safe.
Args:
json_body (OAuth20Client): OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID
Connect flows. Usually, OAuth 2.0 clients are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect
capabilities.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Union[Any, OAuth20Client]]
"""
return (await asyncio_detailed(
_client=_client,
json_body=json_body,
)).parsed

165
libs/ory-hydra-client/ory_hydra_client/api/oidc/delete_oidc_dynamic_client.py Normal file
View file

@ -0,0 +1,165 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
def _get_kwargs(
id: str,
*,
_client: AuthenticatedClient,
) -> Dict[str, Any]:
url = "{}/oauth2/register/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "delete",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[Any]:
if response.status_code == HTTPStatus.NO_CONTENT:
return None
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[Any]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: AuthenticatedClient,
) -> Response[Any]:
"""Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol
This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This
endpoint
is disabled by default. It can be enabled by an administrator.
To use this endpoint, you will need to present the client's authentication credentials. If the
OAuth2 Client
uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client
secret in the URL query.
If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization
header.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
async def asyncio_detailed(
id: str,
*,
_client: AuthenticatedClient,
) -> Response[Any]:
"""Delete OAuth 2.0 Client using the OpenID Dynamic Client Registration Management Protocol
This endpoint behaves like the administrative counterpart (`deleteOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol. This feature needs to be enabled in the configuration. This
endpoint
is disabled by default. It can be enabled by an administrator.
To use this endpoint, you will need to present the client's authentication credentials. If the
OAuth2 Client
uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client
secret in the URL query.
If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization
header.
OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients
are
generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[Any]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)

193
libs/ory-hydra-client/ory_hydra_client/api/oidc/discover_oidc_configuration.py Normal file
View file

@ -0,0 +1,193 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.open_id_connect_discovery_metadata import OpenIDConnectDiscoveryMetadata
from typing import cast
from typing import Dict
def _get_kwargs(
*,
_client: Client,
) -> Dict[str, Any]:
url = "{}/.well-known/openid-configuration".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OpenIDConnectDiscoveryMetadata]:
if response.status_code == HTTPStatus.OK:
response_200 = OpenIDConnectDiscoveryMetadata.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OpenIDConnectDiscoveryMetadata]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: Client,
) -> Response[OpenIDConnectDiscoveryMetadata]:
"""OpenID Connect Discovery
A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and
obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.
Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang),
and others.
For a full list of clients go here: https://openid.net/developers/certified/
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OpenIDConnectDiscoveryMetadata]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: Client,
) -> Optional[OpenIDConnectDiscoveryMetadata]:
"""OpenID Connect Discovery
A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and
obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.
Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang),
and others.
For a full list of clients go here: https://openid.net/developers/certified/
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OpenIDConnectDiscoveryMetadata]
"""
return sync_detailed(
_client=_client,
).parsed
async def asyncio_detailed(
*,
_client: Client,
) -> Response[OpenIDConnectDiscoveryMetadata]:
"""OpenID Connect Discovery
A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and
obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.
Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang),
and others.
For a full list of clients go here: https://openid.net/developers/certified/
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OpenIDConnectDiscoveryMetadata]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: Client,
) -> Optional[OpenIDConnectDiscoveryMetadata]:
"""OpenID Connect Discovery
A mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and
obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.
Popular libraries for OpenID Connect clients include oidc-client-js (JavaScript), go-oidc (Golang),
and others.
For a full list of clients go here: https://openid.net/developers/certified/
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OpenIDConnectDiscoveryMetadata]
"""
return (await asyncio_detailed(
_client=_client,
)).parsed

234
libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_dynamic_client.py Normal file
View file

@ -0,0 +1,234 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from typing import Dict
from typing import cast
from ...models.o_auth_20_client import OAuth20Client
def _get_kwargs(
id: str,
*,
_client: AuthenticatedClient,
) -> Dict[str, Any]:
url = "{}/oauth2/register/{id}".format(
_client.base_url,id=id)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OAuth20Client]:
if response.status_code == HTTPStatus.OK:
response_200 = OAuth20Client.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OAuth20Client]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
id: str,
*,
_client: AuthenticatedClient,
) -> Response[OAuth20Client]:
"""Get OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol.
To use this endpoint, you will need to present the client's authentication credentials. If the
OAuth2 Client
uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client
secret in the URL query.
If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization
header.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
id: str,
*,
_client: AuthenticatedClient,
) -> Optional[OAuth20Client]:
"""Get OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol.
To use this endpoint, you will need to present the client's authentication credentials. If the
OAuth2 Client
uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client
secret in the URL query.
If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization
header.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
return sync_detailed(
id=id,
_client=_client,
).parsed
async def asyncio_detailed(
id: str,
*,
_client: AuthenticatedClient,
) -> Response[OAuth20Client]:
"""Get OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol.
To use this endpoint, you will need to present the client's authentication credentials. If the
OAuth2 Client
uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client
secret in the URL query.
If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization
header.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
kwargs = _get_kwargs(
id=id,
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
id: str,
*,
_client: AuthenticatedClient,
) -> Optional[OAuth20Client]:
"""Get OAuth2 Client using OpenID Dynamic Client Registration
This endpoint behaves like the administrative counterpart (`getOAuth2Client`) but is capable of
facing the
public internet directly and can be used in self-service. It implements the OpenID Connect
Dynamic Client Registration Protocol.
To use this endpoint, you will need to present the client's authentication credentials. If the
OAuth2 Client
uses the Token Endpoint Authentication Method `client_secret_post`, you need to present the client
secret in the URL query.
If it uses `client_secret_basic`, present the Client ID and the Client Secret in the Authorization
header.
Args:
id (str):
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OAuth20Client]
"""
return (await asyncio_detailed(
id=id,
_client=_client,
)).parsed

197
libs/ory-hydra-client/ory_hydra_client/api/oidc/get_oidc_user_info.py Normal file
View file

@ -0,0 +1,197 @@
from http import HTTPStatus
from typing import Any, Dict, List, Optional, Union, cast
import httpx
from ...client import AuthenticatedClient, Client
from ...types import Response, UNSET
from ... import errors
from ...models.oidc_user_info import OidcUserInfo
from typing import Dict
from typing import cast
def _get_kwargs(
*,
_client: AuthenticatedClient,
) -> Dict[str, Any]:
url = "{}/userinfo".format(
_client.base_url)
headers: Dict[str, str] = _client.get_headers()
cookies: Dict[str, Any] = _client.get_cookies()
return {
"method": "get",
"url": url,
"headers": headers,
"cookies": cookies,
"timeout": _client.get_timeout(),
}
def _parse_response(*, client: Client, response: httpx.Response) -> Optional[OidcUserInfo]:
if response.status_code == HTTPStatus.OK:
response_200 = OidcUserInfo.from_dict(response.json())
return response_200
if client.raise_on_unexpected_status:
raise errors.UnexpectedStatus(f"Unexpected status code: {response.status_code}")
else:
return None
def _build_response(*, client: Client, response: httpx.Response) -> Response[OidcUserInfo]:
return Response(
status_code=HTTPStatus(response.status_code),
content=response.content,
headers=response.headers,
parsed=_parse_response(client=client, response=response),
)
def sync_detailed(
*,
_client: AuthenticatedClient,
) -> Response[OidcUserInfo]:
"""OpenID Connect Userinfo
This endpoint returns the payload of the ID Token, including `session.id_token` values, of
the provided OAuth 2.0 Access Token's consent request.
In the case of authentication error, a WWW-Authenticate header might be set in the response
with more information about the error. See [the
spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3)
for more details about header format.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OidcUserInfo]
"""
kwargs = _get_kwargs(
_client=_client,
)
response = httpx.request(
verify=_client.verify_ssl,
**kwargs,
)
return _build_response(client=_client, response=response)
def sync(
*,
_client: AuthenticatedClient,
) -> Optional[OidcUserInfo]:
"""OpenID Connect Userinfo
This endpoint returns the payload of the ID Token, including `session.id_token` values, of
the provided OAuth 2.0 Access Token's consent request.
In the case of authentication error, a WWW-Authenticate header might be set in the response
with more information about the error. See [the
spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3)
for more details about header format.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OidcUserInfo]
"""
return sync_detailed(
_client=_client,
).parsed
async def asyncio_detailed(
*,
_client: AuthenticatedClient,
) -> Response[OidcUserInfo]:
"""OpenID Connect Userinfo
This endpoint returns the payload of the ID Token, including `session.id_token` values, of
the provided OAuth 2.0 Access Token's consent request.
In the case of authentication error, a WWW-Authenticate header might be set in the response
with more information about the error. See [the
spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3)
for more details about header format.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OidcUserInfo]
"""
kwargs = _get_kwargs(
_client=_client,
)
async with httpx.AsyncClient(verify=_client.verify_ssl) as __client:
response = await __client.request(
**kwargs
)
return _build_response(client=_client, response=response)
async def asyncio(
*,
_client: AuthenticatedClient,
) -> Optional[OidcUserInfo]:
"""OpenID Connect Userinfo
This endpoint returns the payload of the ID Token, including `session.id_token` values, of
the provided OAuth 2.0 Access Token's consent request.
In the case of authentication error, a WWW-Authenticate header might be set in the response
with more information about the error. See [the
spec](https://datatracker.ietf.org/doc/html/rfc6750#section-3)
for more details about header format.
Raises:
errors.UnexpectedStatus: If the server returns an undocumented status code and Client.raise_on_unexpected_status is True.
httpx.TimeoutException: If the request takes longer than Client.timeout.
Returns:
Response[OidcUserInfo]
"""
return (await asyncio_detailed(
_client=_client,
)).parsed

Some files were not shown because too many files have changed in this diff Show more