core/oc-auth
6
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Oc Auth x Hydra x LDAP : draft of claims enrich for traefik + draft of forwarding

Browse Source
This commit is contained in:
mr
2024-10-28 14:58:11 +01:00
parent 05c4aab72a
commit 7198c40d30
37 changed files with 4181 additions and 610 deletions
Download Patch File Download Diff File Expand all files Collapse all files

437
swagger/swagger.yml
View File

@@ -8,127 +8,375 @@ info:
contact:
email: admin@o-cloud.io
license:
name: MIT
url: https://opensource.org/license/mit
name: AGPL
url: https://www.gnu.org/licenses/agpl-3.0.html
basePath: /oc
paths:
/auth/:
/auth/claims:
post:
tags:
- auth
description: |-
create auths
enrich token with claims
<br>
operationId: AuthController.Create
operationId: OAuthController.Claims
parameters:
- in: body
name: body
description: The auth content
description: The token info
required: true
schema:
type: array
items:
$ref: '#/definitions/models.auth'
$ref: '#/definitions/models.Token'
responses:
"200":
description: '{string} models.auth.Id'
"403":
description: body is empty
/auth/{authId}:
description: '{string}'
/auth/forward:
get:
tags:
- auth
description: |-
find auth by authid
auth forward
<br>
operationId: AuthController.Get
operationId: OAuthController.AuthForward
parameters:
- in: header
name: Authorization
description: auth token
type: string
- in: body
name: body
description: The workflow content
required: true
schema:
$ref: '#/definitions/models.workflow'
responses:
"200":
description: '{string}'
/auth/introspect:
get:
tags:
- auth
description: |-
introspect token
<br>
operationId: OAuthController.Introspection
parameters:
- in: header
name: Authorization
description: auth token
type: string
responses:
"200":
description: '{string}'
/auth/ldap/login:
post:
tags:
- auth
description: |-
authenticate user
<br>
operationId: OAuthController.Login
parameters:
- in: body
name: body
description: The workflow content
required: true
schema:
$ref: '#/definitions/models.workflow'
responses:
"200":
description: '{string}'
/auth/ldap/logout:
delete:
tags:
- auth
description: |-
unauthenticate user
<br>
operationId: OAuthController.Logout
parameters:
- in: header
name: Authorization
description: auth token
type: string
responses:
"200":
description: '{string}'
/auth/refresh:
post:
tags:
- auth
description: |-
introspect token
<br>
operationId: OAuthController.Introspection
parameters:
- in: body
name: body
description: The token info
required: true
schema:
$ref: '#/definitions/models.Token'
responses:
"200":
description: '{string}'
/permission/:
get:
tags:
- permission
description: |-
find permissions
<br>
operationId: PermissionController.GetAll
responses:
"200":
description: '{permission} string'
/permission/{id}/{relation[get]}:
get:
tags:
- permission
description: |-
find auth by permission
<br>
operationId: PermissionController.Get
parameters:
- in: path
name: authId
description: the authid you want to get
name: id
description: the permission you want to get
required: true
type: string
responses:
"200":
description: '{auth} models.auth'
"403":
description: :authId is empty
delete:
/permission/{permission_id}/{role_id}/{relation}:
post:
tags:
- auth
- permission
description: |-
delete the auth
bind the permission to role
<br>
operationId: AuthController.Delete
operationId: PermissionController.Bind
parameters:
- in: path
name: authId
description: The authId you want to delete
name: role_id
description: The role_id you want to bind
required: true
type: string
- in: path
name: method
description: The method you want to relate role & permission
required: true
type: string
- in: path
name: permission_id
description: The permission_id you want to bind
required: true
type: string
responses:
"200":
description: '{string} bind success!'
delete:
tags:
- permission
description: |-
unbind the permission to role
<br>
operationId: PermissionController.UnBind
parameters:
- in: path
name: role_id
description: The role_id you want to unbind
required: true
type: string
- in: path
name: relation
description: The method you want to unrelate role & permission
required: true
type: string
- in: path
name: permission_id
description: The permission_id you want to unbind
required: true
type: string
responses:
"200":
description: '{string} bind success!'
/permission/clear:
delete:
tags:
- permission
description: |-
clear the permission
<br>
operationId: PermissionController.Clear
responses:
"200":
description: '{string} delete success!'
/permission/role/{id}:
get:
tags:
- permission
description: |-
find permission by role id
<br>
operationId: PermissionController.GetByRole
parameters:
- in: path
name: id
description: the id you want to get
required: true
type: string
responses:
"200":
description: '{auth} string'
/permission/user/{id}:
get:
tags:
- permission
description: |-
find permission by user id
<br>
operationId: PermissionController.GetByUser
parameters:
- in: path
name: id
description: the id you want to get
required: true
type: string
responses:
"200":
description: '{auth} string'
/role/:
get:
tags:
- role
description: |-
find roles
<br>
operationId: RoleController.GetAll
responses:
"200":
description: '{role} string'
/role/{id}:
get:
tags:
- role
description: |-
find role by id
<br>
operationId: RoleController.Get
parameters:
- in: path
name: id
description: the id you want to get
required: true
type: string
responses:
"200":
description: '{role} string'
post:
tags:
- role
description: |-
create role
<br>
operationId: RoleController.Create
parameters:
- in: path
name: id
description: the id you want to get
required: true
type: string
responses:
"200":
description: '{auth} create success!'
delete:
tags:
- role
description: |-
delete the role
<br>
operationId: RoleController.Delete
parameters:
- in: path
name: id
description: The id you want to delete
required: true
type: string
responses:
"200":
description: '{string} delete success!'
"403":
description: authId is empty
/auth/discover/{url}:
get:
tags:
- auth
description: |-
find auth by authid
<br>
operationId: AuthController.Get
parameters:
- in: path
name: authId
description: the authid you want to get
required: true
type: string
responses:
"200":
description: '{auth} models.auth'
"403":
description: :authId is empty
/auth/find/{query}:
get:
tags:
- auth
description: |-
find auths with query
<br>
operationId: AuthController.Find
parameters:
- in: path
name: query
description: the keywords you need
required: true
type: string
responses:
"200":
description: '{auths} []models.auth'
"403":
description: ""
/registration/:
/role/{user_id}/{role_id}:
post:
tags:
- registration
- role
description: |-
create auths
bind the role to user
<br>
operationId: RegistrationController.Create
operationId: RoleController.Bind
parameters:
- in: body
name: body
description: The app info
- in: path
name: user_id
description: The user_id you want to bind
required: true
schema:
$ref: '#/definitions/models.Application'
type: string
- in: path
name: role_id
description: The role_id you want to bind
required: true
type: string
responses:
"200":
description: '{string} models.auth.Id'
"403":
description: body is empty
description: '{string} bind success!'
delete:
tags:
- role
description: |-
unbind the role to user
<br>
operationId: RoleController.UnBind
parameters:
- in: path
name: role_id
description: The role_id you want to unbind
required: true
type: string
- in: path
name: user_id
description: The user_id you want to unbind
required: true
type: string
responses:
"200":
description: '{string} bind success!'
/role/clear:
delete:
tags:
- role
description: |-
clear the role
<br>
operationId: RoleController.Clear
responses:
"200":
description: '{string} delete success!'
/role/user/{id}:
get:
tags:
- role
description: |-
find role by user id
<br>
operationId: RoleController.GetByUser
parameters:
- in: path
name: id
description: the id you want to get
required: true
type: string
responses:
"200":
description: '{auth} string'
/version/:
get:
tags:
@@ -140,29 +388,32 @@ paths:
responses:
"200":
description: ""
/version/discovery:
get:
tags:
- version
description: |-
get version
<br>
operationId: VersionController.Get
responses:
"200":
description: ""
definitions:
models.Application:
title: Application
models.Token:
title: Token
type: object
properties:
access_token:
type: string
callback_url:
type: string
client_id:
type: string
client_name:
type: string
client_secret:
type: string
models.auth:
title: auth
models.workflow:
title: workflow
type: object
tags:
- name: auth
description: |
Operations about auth
- name: registration
- name: role
description: |
Operations about auth
- name: permission
description: |
Operations about auth
- name: version