core/oc-auth
6
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Oc Auth x Hydra x LDAP : draft of claims enrich for traefik + draft of forwarding

Browse Source
This commit is contained in:
mr
2024-10-28 14:58:11 +01:00
parent 05c4aab72a
commit 7198c40d30
37 changed files with 4181 additions and 610 deletions
Download Patch File Download Diff File Expand all files Collapse all files

539
swagger/swagger.json
View File

@@ -9,55 +9,248 @@
"email": "admin@o-cloud.io"
},
"license": {
"name": "MIT",
"url": "https://opensource.org/license/mit"
"name": "AGPL",
"url": "https://www.gnu.org/licenses/agpl-3.0.html"
}
},
"basePath": "/oc",
"paths": {
"/auth/": {
"/auth/claims": {
"post": {
"tags": [
"auth"
],
"description": "create auths\n\u003cbr\u003e",
"operationId": "AuthController.Create",
"description": "enrich token with claims\n\u003cbr\u003e",
"operationId": "OAuthController.Claims",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The auth content",
"description": "The token info",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/models.auth"
}
"$ref": "#/definitions/models.Token"
}
}
],
"responses": {
"200": {
"description": "{string} models.auth.Id"
},
"403": {
"description": "body is empty"
"description": "{string}"
}
}
}
},
"/auth/discover/{url}": {
"/auth/forward": {
"get": {
"tags": [
"auth"
],
"description": "find auth by authid\n\u003cbr\u003e",
"operationId": "AuthController.Get",
"description": "auth forward\n\u003cbr\u003e",
"operationId": "OAuthController.AuthForward",
"parameters": [
{
"in": "header",
"name": "Authorization",
"description": "auth token",
"type": "string"
},
{
"in": "body",
"name": "body",
"description": "The workflow content",
"required": true,
"schema": {
"$ref": "#/definitions/models.workflow"
}
}
],
"responses": {
"200": {
"description": "{string}"
}
}
}
},
"/auth/introspect": {
"get": {
"tags": [
"auth"
],
"description": "introspect token\n\u003cbr\u003e",
"operationId": "OAuthController.Introspection",
"parameters": [
{
"in": "header",
"name": "Authorization",
"description": "auth token",
"type": "string"
}
],
"responses": {
"200": {
"description": "{string}"
}
}
}
},
"/auth/ldap/login": {
"post": {
"tags": [
"auth"
],
"description": "authenticate user\n\u003cbr\u003e",
"operationId": "OAuthController.Login",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The workflow content",
"required": true,
"schema": {
"$ref": "#/definitions/models.workflow"
}
}
],
"responses": {
"200": {
"description": "{string}"
}
}
}
},
"/auth/ldap/logout": {
"delete": {
"tags": [
"auth"
],
"description": "unauthenticate user\n\u003cbr\u003e",
"operationId": "OAuthController.Logout",
"parameters": [
{
"in": "header",
"name": "Authorization",
"description": "auth token",
"type": "string"
}
],
"responses": {
"200": {
"description": "{string}"
}
}
}
},
"/auth/refresh": {
"post": {
"tags": [
"auth"
],
"description": "introspect token\n\u003cbr\u003e",
"operationId": "OAuthController.Introspection",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The token info",
"required": true,
"schema": {
"$ref": "#/definitions/models.Token"
}
}
],
"responses": {
"200": {
"description": "{string}"
}
}
}
},
"/permission/": {
"get": {
"tags": [
"permission"
],
"description": "find permissions\n\u003cbr\u003e",
"operationId": "PermissionController.GetAll",
"responses": {
"200": {
"description": "{permission} string"
}
}
}
},
"/permission/clear": {
"delete": {
"tags": [
"permission"
],
"description": "clear the permission\n\u003cbr\u003e",
"operationId": "PermissionController.Clear",
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/permission/role/{id}": {
"get": {
"tags": [
"permission"
],
"description": "find permission by role id\n\u003cbr\u003e",
"operationId": "PermissionController.GetByRole",
"parameters": [
{
"in": "path",
"name": "authId",
"description": "the authid you want to get",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/permission/user/{id}": {
"get": {
"tags": [
"permission"
],
"description": "find permission by user id\n\u003cbr\u003e",
"operationId": "PermissionController.GetByUser",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/permission/{id}/{relation[get]}": {
"get": {
"tags": [
"permission"
],
"description": "find auth by permission\n\u003cbr\u003e",
"operationId": "PermissionController.Get",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the permission you want to get",
"required": true,
"type": "string"
}
@@ -65,75 +258,187 @@
"responses": {
"200": {
"description": "{auth} models.auth"
},
"403": {
"description": ":authId is empty"
}
}
}
},
"/auth/find/{query}": {
"get": {
"/permission/{permission_id}/{role_id}/{relation}": {
"post": {
"tags": [
"auth"
"permission"
],
"description": "find auths with query\n\u003cbr\u003e",
"operationId": "AuthController.Find",
"description": "bind the permission to role\n\u003cbr\u003e",
"operationId": "PermissionController.Bind",
"parameters": [
{
"in": "path",
"name": "query",
"description": "the keywords you need",
"name": "role_id",
"description": "The role_id you want to bind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "method",
"description": "The method you want to relate role \u0026 permission",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "permission_id",
"description": "The permission_id you want to bind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auths} []models.auth"
},
"403": {
"description": ""
}
}
}
},
"/auth/{authId}": {
"get": {
"tags": [
"auth"
],
"description": "find auth by authid\n\u003cbr\u003e",
"operationId": "AuthController.Get",
"parameters": [
{
"in": "path",
"name": "authId",
"description": "the authid you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} models.auth"
},
"403": {
"description": ":authId is empty"
"description": "{string} bind success!"
}
}
},
"delete": {
"tags": [
"auth"
"permission"
],
"description": "delete the auth\n\u003cbr\u003e",
"operationId": "AuthController.Delete",
"description": "unbind the permission to role\n\u003cbr\u003e",
"operationId": "PermissionController.UnBind",
"parameters": [
{
"in": "path",
"name": "authId",
"description": "The authId you want to delete",
"name": "role_id",
"description": "The role_id you want to unbind",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "relation",
"description": "The method you want to unrelate role \u0026 permission",
"required": true,
"type": "string"
},
{
"in": "path",
"name": "permission_id",
"description": "The permission_id you want to unbind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
}
},
"/role/": {
"get": {
"tags": [
"role"
],
"description": "find roles\n\u003cbr\u003e",
"operationId": "RoleController.GetAll",
"responses": {
"200": {
"description": "{role} string"
}
}
}
},
"/role/clear": {
"delete": {
"tags": [
"role"
],
"description": "clear the role\n\u003cbr\u003e",
"operationId": "RoleController.Clear",
"responses": {
"200": {
"description": "{string} delete success!"
}
}
}
},
"/role/user/{id}": {
"get": {
"tags": [
"role"
],
"description": "find role by user id\n\u003cbr\u003e",
"operationId": "RoleController.GetByUser",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} string"
}
}
}
},
"/role/{id}": {
"get": {
"tags": [
"role"
],
"description": "find role by id\n\u003cbr\u003e",
"operationId": "RoleController.Get",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{role} string"
}
}
},
"post": {
"tags": [
"role"
],
"description": "create role\n\u003cbr\u003e",
"operationId": "RoleController.Create",
"parameters": [
{
"in": "path",
"name": "id",
"description": "the id you want to get",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{auth} create success!"
}
}
},
"delete": {
"tags": [
"role"
],
"description": "delete the role\n\u003cbr\u003e",
"operationId": "RoleController.Delete",
"parameters": [
{
"in": "path",
"name": "id",
"description": "The id you want to delete",
"required": true,
"type": "string"
}
@@ -141,37 +446,64 @@
"responses": {
"200": {
"description": "{string} delete success!"
},
"403": {
"description": "authId is empty"
}
}
}
},
"/registration/": {
"/role/{user_id}/{role_id}": {
"post": {
"tags": [
"registration"
"role"
],
"description": "create auths\n\u003cbr\u003e",
"operationId": "RegistrationController.Create",
"description": "bind the role to user\n\u003cbr\u003e",
"operationId": "RoleController.Bind",
"parameters": [
{
"in": "body",
"name": "body",
"description": "The app info",
"in": "path",
"name": "user_id",
"description": "The user_id you want to bind",
"required": true,
"schema": {
"$ref": "#/definitions/models.Application"
}
"type": "string"
},
{
"in": "path",
"name": "role_id",
"description": "The role_id you want to bind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} models.auth.Id"
"description": "{string} bind success!"
}
}
},
"delete": {
"tags": [
"role"
],
"description": "unbind the role to user\n\u003cbr\u003e",
"operationId": "RoleController.UnBind",
"parameters": [
{
"in": "path",
"name": "role_id",
"description": "The role_id you want to unbind",
"required": true,
"type": "string"
},
"403": {
"description": "body is empty"
{
"in": "path",
"name": "user_id",
"description": "The user_id you want to unbind",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "{string} bind success!"
}
}
}
@@ -189,32 +521,29 @@
}
}
}
},
"/version/discovery": {
"get": {
"tags": [
"version"
],
"description": "get version\n\u003cbr\u003e",
"operationId": "VersionController.Get",
"responses": {
"200": {
"description": ""
}
}
}
}
},
"definitions": {
"models.Application": {
"title": "Application",
"type": "object",
"properties": {
"access_token": {
"type": "string"
},
"callback_url": {
"type": "string"
},
"client_id": {
"type": "string"
},
"client_name": {
"type": "string"
},
"client_secret": {
"type": "string"
}
}
"models.Token": {
"title": "Token",
"type": "object"
},
"models.auth": {
"title": "auth",
"models.workflow": {
"title": "workflow",
"type": "object"
}
},
@@ -224,7 +553,11 @@
"description": "Operations about auth\n"
},
{
"name": "registration",
"name": "role",
"description": "Operations about auth\n"
},
{
"name": "permission",
"description": "Operations about auth\n"
},
{