diff --git a/backend/internal/domain/hydra_models.go b/backend/internal/domain/hydra_models.go index 02fa3663..d0be623a 100644 --- a/backend/internal/domain/hydra_models.go +++ b/backend/internal/domain/hydra_models.go @@ -6,6 +6,7 @@ type HydraClient struct { ClientID string `json:"client_id"` ClientName string `json:"client_name,omitempty"` ClientSecret string `json:"client_secret,omitempty"` // Added + ClientURI string `json:"client_uri,omitempty"` RedirectURIs []string `json:"redirect_uris,omitempty"` GrantTypes []string `json:"grant_types,omitempty"` ResponseTypes []string `json:"response_types,omitempty"` @@ -23,6 +24,13 @@ type HydraConsentRequest struct { Client HydraClient `json:"client"` } +type HydraLoginRequest struct { + Challenge string `json:"challenge"` + Subject string `json:"subject"` + Skip bool `json:"skip"` + Client HydraClient `json:"client"` +} + type HydraConsentSession struct { ConsentRequestID string `json:"consent_request_id,omitempty"` Subject string `json:"subject,omitempty"` diff --git a/backend/internal/domain/relying_party.go b/backend/internal/domain/relying_party.go index 645b3dee..58489666 100644 --- a/backend/internal/domain/relying_party.go +++ b/backend/internal/domain/relying_party.go @@ -10,7 +10,7 @@ import ( // It maps 1:1 to a Hydra Client. type RelyingParty struct { ClientID string `gorm:"primaryKey" json:"clientId"` // Maps to Hydra Client ID - TenantID string `gorm:"index;not null" json:"tenantId"` + TenantID string `gorm:"index" json:"tenantId"` Name string `json:"name"` // Display name (can be same as Hydra Client Name) Description string `json:"description"` CreatedAt time.Time `json:"createdAt"` diff --git a/backend/internal/service/hydra_admin_service.go b/backend/internal/service/hydra_admin_service.go index 06f79c0f..bebae1ed 100644 --- a/backend/internal/service/hydra_admin_service.go +++ b/backend/internal/service/hydra_admin_service.go @@ -25,49 +25,6 @@ type HydraAdminService struct { HTTPClient *http.Client } -type HydraClient struct { - ClientID string `json:"client_id"` - ClientName string `json:"client_name,omitempty"` - ClientSecret string `json:"client_secret,omitempty"` - ClientURI string `json:"client_uri,omitempty"` // Added - RedirectURIs []string `json:"redirect_uris,omitempty"` - GrantTypes []string `json:"grant_types,omitempty"` - ResponseTypes []string `json:"response_types,omitempty"` - Scope string `json:"scope,omitempty"` - TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty"` - Metadata map[string]interface{} `json:"metadata,omitempty"` -} - -type HydraConsentRequest struct { - Challenge string `json:"challenge"` - RequestedScope []string `json:"requested_scope"` - RequestedAudience []string `json:"requested_access_token_audience"` - Skip bool `json:"skip"` - Subject string `json:"subject"` - Client HydraClient `json:"client"` -} - -type HydraLoginRequest struct { - Challenge string `json:"challenge"` - Subject string `json:"subject"` - Skip bool `json:"skip"` - Client HydraClient `json:"client"` -} - -type HydraConsentSession struct { - ConsentRequestID string `json:"consent_request_id,omitempty"` - Subject string `json:"subject,omitempty"` - GrantedScope []string `json:"grant_scope,omitempty"` - GrantedAudience []string `json:"grant_access_token_audience,omitempty"` - Remember bool `json:"remember"` - RememberFor int `json:"remember_for,omitempty"` - AuthenticatedAt *time.Time `json:"authenticated_at,omitempty"` - RequestedAt *time.Time `json:"requested_at,omitempty"` - HandledAt *time.Time `json:"handled_at,omitempty"` - Client HydraClient `json:"client,omitempty"` - ConsentRequest *HydraConsentRequest `json:"consent_request,omitempty"` -} - func NewHydraAdminService() *HydraAdminService { return &HydraAdminService{ AdminURL: getenv("HYDRA_ADMIN_URL", "http://hydra:4445"), @@ -389,7 +346,7 @@ type RejectLoginRequestResponse struct { RedirectTo string `json:"redirectTo"` } -func (s *HydraAdminService) GetConsentRequest(ctx context.Context, challenge string) (*HydraConsentRequest, error) { +func (s *HydraAdminService) GetConsentRequest(ctx context.Context, challenge string) (*domain.HydraConsentRequest, error) { params := map[string]string{ "consent_challenge": challenge, } @@ -506,7 +463,7 @@ func (s *HydraAdminService) RejectLoginRequest(ctx context.Context, challenge, e return &RejectLoginRequestResponse{RedirectTo: hydraResp.RedirectTo}, nil } -func (s *HydraAdminService) GetLoginRequest(ctx context.Context, challenge string) (*HydraLoginRequest, error) { +func (s *HydraAdminService) GetLoginRequest(ctx context.Context, challenge string) (*domain.HydraLoginRequest, error) { params := map[string]string{ "login_challenge": challenge, } @@ -531,7 +488,7 @@ func (s *HydraAdminService) GetLoginRequest(ctx context.Context, challenge strin return nil, fmt.Errorf("hydra admin: get login failed status=%d body=%s", resp.StatusCode, string(body)) } - var loginReq HydraLoginRequest + var loginReq domain.HydraLoginRequest if err := json.Unmarshal(body, &loginReq); err != nil { return nil, fmt.Errorf("hydra admin: decode get login response failed: %w", err) } diff --git a/docker/ory/oathkeeper/rules.active.json b/docker/ory/oathkeeper/rules.active.json index fd6bfb2d..4a0735da 100755 --- a/docker/ory/oathkeeper/rules.active.json +++ b/docker/ory/oathkeeper/rules.active.json @@ -156,4 +156,4 @@ "authorizer": { "handler": "allow" }, "mutators": [{ "handler": "noop" }] } -] +] \ No newline at end of file