From c49b0b23bb338b5375903e9a5d5077055a70e45c Mon Sep 17 00:00:00 2001 From: arekkas Date: Sat, 21 Jul 2018 16:09:43 +0200 Subject: [PATCH 1/2] health: Introduce health and version endpoint Signed-off-by: arekkas --- cmd/helper_health.go | 59 +++++++ cmd/helper_sql.go | 19 ++- cmd/serve_api.go | 9 +- docs/api.swagger.json | 140 +++++++++++++--- health/doc.go | 38 +++++ health/handler.go | 129 +++++++++++++++ health/handler_test.go | 74 +++++++++ sdk/go/oathkeeper/swagger/README.md | 6 + .../swagger/authentication_default_session.go | 2 +- ...tion_o_auth2_client_credentials_request.go | 2 +- ...tion_o_auth2_client_credentials_session.go | 2 +- ...ntication_o_auth2_introspection_request.go | 2 +- .../swagger/authentication_o_auth2_session.go | 18 +- .../docs/AuthenticationDefaultSession.md | 2 +- ...nticationOAuth2ClientCredentialsRequest.md | 2 +- ...nticationOAuth2ClientCredentialsSession.md | 2 +- ...uthenticationOAuth2IntrospectionRequest.md | 2 +- .../docs/AuthenticationOAuth2Session.md | 14 +- sdk/go/oathkeeper/swagger/docs/HealthApi.md | 62 +++++++ .../swagger/docs/HealthNotReadyStatus.md | 10 ++ .../oathkeeper/swagger/docs/HealthStatus.md | 10 ++ .../swagger/docs/IntrospectionResponse.md | 1 + sdk/go/oathkeeper/swagger/docs/JsonRule.md | 18 -- .../swagger/docs/SwaggerRuleHandler.md | 11 -- .../swagger/docs/SwaggerRuleMatch.md | 11 -- .../docs/{RawMessage.md => Version.md} | 3 +- sdk/go/oathkeeper/swagger/docs/VersionApi.md | 35 ++++ sdk/go/oathkeeper/swagger/health_api.go | 155 ++++++++++++++++++ .../swagger/health_not_ready_status.go | 17 ++ .../{raw_message.go => health_status.go} | 6 +- .../swagger/introspection_response.go | 2 + sdk/go/oathkeeper/swagger/json_rule.go | 31 ---- .../swagger/swagger_rule_handler.go | 22 --- .../oathkeeper/swagger/swagger_rule_match.go | 20 --- sdk/go/oathkeeper/swagger/version.go | 15 ++ sdk/go/oathkeeper/swagger/version_api.go | 96 +++++++++++ 36 files changed, 884 insertions(+), 163 deletions(-) create mode 100644 cmd/helper_health.go create mode 100644 health/doc.go create mode 100644 health/handler.go create mode 100644 health/handler_test.go create mode 100644 sdk/go/oathkeeper/swagger/docs/HealthApi.md create mode 100644 sdk/go/oathkeeper/swagger/docs/HealthNotReadyStatus.md create mode 100644 sdk/go/oathkeeper/swagger/docs/HealthStatus.md delete mode 100644 sdk/go/oathkeeper/swagger/docs/JsonRule.md delete mode 100644 sdk/go/oathkeeper/swagger/docs/SwaggerRuleHandler.md delete mode 100644 sdk/go/oathkeeper/swagger/docs/SwaggerRuleMatch.md rename sdk/go/oathkeeper/swagger/docs/{RawMessage.md => Version.md} (79%) create mode 100644 sdk/go/oathkeeper/swagger/docs/VersionApi.md create mode 100644 sdk/go/oathkeeper/swagger/health_api.go create mode 100644 sdk/go/oathkeeper/swagger/health_not_ready_status.go rename sdk/go/oathkeeper/swagger/{raw_message.go => health_status.go} (71%) delete mode 100644 sdk/go/oathkeeper/swagger/json_rule.go delete mode 100644 sdk/go/oathkeeper/swagger/swagger_rule_handler.go delete mode 100644 sdk/go/oathkeeper/swagger/swagger_rule_match.go create mode 100644 sdk/go/oathkeeper/swagger/version.go create mode 100644 sdk/go/oathkeeper/swagger/version_api.go diff --git a/cmd/helper_health.go b/cmd/helper_health.go new file mode 100644 index 0000000000..7c552c6490 --- /dev/null +++ b/cmd/helper_health.go @@ -0,0 +1,59 @@ +/* + * Copyright © 2017-2018 Aeneas Rekkas + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * @author Aeneas Rekkas + * @copyright 2017-2018 Aeneas Rekkas + * @license Apache-2.0 + */ + +package cmd + +import ( + "github.com/julienschmidt/httprouter" + "github.com/ory/herodot" + "github.com/ory/oathkeeper/health" +) + +type pinger interface { + Ping() error +} + +func newHealthHandler(database interface{}, h *herodot.JSONWriter, router *httprouter.Router) *health.Handler { + var rc health.ReadyChecker + + if database == nil { + rc = func() error { + return nil + } + } else { + + switch con := database.(type) { + case pinger: + rc = func() error { + return con.Ping() + } + break + default: + panic("Unknown connection type.") + } + + } + + handler := health.NewHandler(h, Version, map[string]health.ReadyChecker{ + "database": rc, + }) + + return handler +} diff --git a/cmd/helper_sql.go b/cmd/helper_sql.go index 0d868c0193..a99f120224 100644 --- a/cmd/helper_sql.go +++ b/cmd/helper_sql.go @@ -49,9 +49,9 @@ func connectToSql(dburl string) (*sqlx.DB, error) { return nil, errors.Errorf(`Unknown DSN "%s" in DATABASE_URL: %s`, u.Scheme, dburl) } -func newRuleManager(dburl string) (rule.Manager, error) { +func connectToDatabase(dburl string) (interface{}, error) { if dburl == "memory" { - return &rule.MemoryManager{Rules: map[string]rule.Rule{}}, nil + return nil, nil } else if dburl == "" { return nil, errors.New("No database URL provided") } @@ -61,5 +61,18 @@ func newRuleManager(dburl string) (rule.Manager, error) { return nil, errors.WithStack(err) } - return rule.NewSQLManager(db), nil + return db, nil +} + +func newRuleManager(database interface{}) (rule.Manager, error) { + if database == nil { + return &rule.MemoryManager{Rules: map[string]rule.Rule{}}, nil + } + + switch db := database.(type) { + case *sqlx.DB: + return rule.NewSQLManager(db), nil + default: + return nil, errors.New("Unknown database type") + } } diff --git a/cmd/serve_api.go b/cmd/serve_api.go index be06c5a45b..57202a4f06 100644 --- a/cmd/serve_api.go +++ b/cmd/serve_api.go @@ -63,7 +63,12 @@ HTTP CONTROLS ` + corsMessage, Run: func(cmd *cobra.Command, args []string) { - rules, err := newRuleManager(viper.GetString("DATABASE_URL")) + db, err := connectToDatabase(viper.GetString("DATABASE_URL")) + if err != nil { + logger.WithError(err).Fatalln("Unable to initialize database connectivity") + } + + rules, err := newRuleManager(db) if err != nil { logger.WithError(err).Fatalln("Unable to connect to rule backend") } @@ -84,8 +89,10 @@ HTTP CONTROLS )) keyHandler := rsakey.NewHandler(writer, keyManager) router := httprouter.New() + health := newHealthHandler(db, writer, router) ruleHandler.SetRoutes(router) keyHandler.SetRoutes(router) + health.SetRoutes(router) n := negroni.New() n.Use(negronilogrus.NewMiddlewareFromLogger(logger, "oathkeeper-api")) diff --git a/docs/api.swagger.json b/docs/api.swagger.json index d42d5eff57..afe88307e7 100644 --- a/docs/api.swagger.json +++ b/docs/api.swagger.json @@ -50,6 +50,51 @@ } } }, + "/health/alive": { + "get": { + "description": "This endpoint returns a 200 status code when the HTTP server is up running.\nThis status does currently not include checks whether the database connection is working.\nThis endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set.\n\nBe aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance.", + "tags": [ + "health" + ], + "summary": "Check the Alive Status", + "operationId": "isInstanceAlive", + "responses": { + "200": { + "description": "healthStatus", + "schema": { + "$ref": "#/definitions/healthStatus" + } + }, + "500": { + "$ref": "#/responses/genericError" + } + } + } + }, + "/health/ready": { + "get": { + "description": "This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g.\nthe database) are responsive as well.\n\nThis status does currently not include checks whether the database connection is working.\nThis endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set.\n\nBe aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance.", + "tags": [ + "health" + ], + "summary": "Check the Readiness Status", + "operationId": "isInstanceReady", + "responses": { + "200": { + "description": "healthStatus", + "schema": { + "$ref": "#/definitions/healthStatus" + } + }, + "503": { + "description": "healthNotReadyStatus", + "schema": { + "$ref": "#/definitions/healthNotReadyStatus" + } + } + } + } + }, "/rules": { "get": { "description": "This method returns an array of all rules that are stored in the backend. This is useful if you want to get a full\nview of what rules you have currently in place.", @@ -283,6 +328,24 @@ } } } + }, + "/version": { + "get": { + "description": "This endpoint returns the version as `{ \"version\": \"VERSION\" }`. The version is only correct with the prebuilt binary and not custom builds.", + "tags": [ + "version" + ], + "summary": "Get the version of Oathkeeper", + "operationId": "getVersion", + "responses": { + "200": { + "description": "version", + "schema": { + "$ref": "#/definitions/version" + } + } + } + } } }, "definitions": { @@ -295,7 +358,7 @@ "x-go-name": "ClientID" }, "scope": { - "description": "Scopes is an array of scopes that are required.", + "description": "Scope is an array of scopes that are required.", "type": "array", "items": { "type": "string" @@ -313,12 +376,12 @@ "type": "object", "properties": { "scope": { - "description": "Scopes is an array of scopes that are required.", + "description": "Scope is an array of scopes that are required.", "type": "array", "items": { "type": "string" }, - "x-go-name": "Scopes" + "x-go-name": "Scope" }, "token": { "description": "Token is the token to introspect.", @@ -386,6 +449,10 @@ "type": "string", "x-go-name": "Subject" }, + "token_type": { + "type": "string", + "x-go-name": "TokenType" + }, "username": { "type": "string", "x-go-name": "Username" @@ -439,7 +506,7 @@ "type": "boolean", "x-go-name": "Allowed" }, - "subject": { + "sub": { "description": "Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app.\nThis is usually a uuid but you can choose a urn or some other id too.", "type": "string", "x-go-name": "Subject" @@ -456,7 +523,7 @@ "type": "boolean", "x-go-name": "Allowed" }, - "subject": { + "sub": { "description": "Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app.\nThis is usually a uuid but you can choose a urn or some other id too.", "type": "string", "x-go-name": "Subject" @@ -473,7 +540,7 @@ "type": "boolean", "x-go-name": "Allowed" }, - "audience": { + "aud": { "type": "array", "items": { "type": "string" @@ -485,36 +552,33 @@ "type": "string", "x-go-name": "ClientID" }, - "expires_at": { + "exp": { "description": "ExpiresAt is the expiry timestamp.", "type": "string", "format": "date-time", "x-go-name": "ExpiresAt" }, - "granted_scope": { - "description": "GrantedScopes is a list of scopes that the subject authorized when asked for consent.", - "type": "array", - "items": { - "type": "string" - }, - "x-go-name": "GrantedScopes" - }, - "issued_at": { + "iat": { "description": "IssuedAt is the token creation time stamp.", "type": "string", "format": "date-time", "x-go-name": "IssuedAt" }, - "issuer": { + "iss": { "description": "Issuer is the id of the issuer, typically an hydra instance.", "type": "string", "x-go-name": "Issuer" }, - "not_before": { + "nbf": { "type": "string", "format": "date-time", "x-go-name": "NotBefore" }, + "scope": { + "description": "GrantedScopes is a list of scopes that the subject authorized when asked for consent.", + "type": "string", + "x-go-name": "GrantedScopes" + }, "session": { "description": "Session represents arbitrary session data.", "type": "object", @@ -523,7 +587,7 @@ }, "x-go-name": "Extra" }, - "subject": { + "sub": { "description": "Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app.\nThis is usually a uuid but you can choose a urn or some other id too.", "type": "string", "x-go-name": "Subject" @@ -536,6 +600,33 @@ "x-go-name": "OAuth2Session", "x-go-package": "github.com/ory/oathkeeper/vendor/github.com/ory/keto/authentication" }, + "healthNotReadyStatus": { + "type": "object", + "properties": { + "errors": { + "description": "Errors contains a list of errors that caused the not ready status.", + "type": "object", + "additionalProperties": { + "type": "string" + }, + "x-go-name": "Errors" + } + }, + "x-go-name": "swaggerNotReadyStatus", + "x-go-package": "github.com/ory/oathkeeper/health" + }, + "healthStatus": { + "type": "object", + "properties": { + "status": { + "description": "Status always contains \"ok\".", + "type": "string", + "x-go-name": "Status" + } + }, + "x-go-name": "swaggerHealthStatus", + "x-go-package": "github.com/ory/oathkeeper/health" + }, "jsonWebKey": { "type": "object", "properties": { @@ -790,6 +881,17 @@ } }, "x-go-package": "github.com/ory/oathkeeper/rule" + }, + "version": { + "type": "object", + "properties": { + "version": { + "type": "string", + "x-go-name": "Version" + } + }, + "x-go-name": "swaggerVersion", + "x-go-package": "github.com/ory/oathkeeper/health" } }, "responses": { diff --git a/health/doc.go b/health/doc.go new file mode 100644 index 0000000000..2098634261 --- /dev/null +++ b/health/doc.go @@ -0,0 +1,38 @@ +/* + * Copyright © 2017-2018 Aeneas Rekkas + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * @author Aeneas Rekkas + * @copyright 2017-2018 Aeneas Rekkas + * @license Apache-2.0 + */ + +package health + +// swagger:model healthStatus +type swaggerHealthStatus struct { + // Status always contains "ok". + Status string `json:"status"` +} + +// swagger:model healthNotReadyStatus +type swaggerNotReadyStatus struct { + // Errors contains a list of errors that caused the not ready status. + Errors map[string]string `json:"errors"` +} + +// swagger:model version +type swaggerVersion struct { + Version string `json:"version"` +} diff --git a/health/handler.go b/health/handler.go new file mode 100644 index 0000000000..f2c07588cf --- /dev/null +++ b/health/handler.go @@ -0,0 +1,129 @@ +/* + * Copyright © 2017-2018 Aeneas Rekkas + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * @author Aeneas Rekkas + * @copyright 2017-2018 Aeneas Rekkas + * @license Apache-2.0 + */ + +package health + +import ( + "net/http" + + "github.com/julienschmidt/httprouter" + "github.com/ory/herodot" +) + +const ( + AliveCheckPath = "/health/alive" + ReadyCheckPath = "/health/ready" + VersionPath = "/version" +) + +type ReadyChecker func() error + +type Handler struct { + H *herodot.JSONWriter + VersionString string + ReadyChecks map[string]ReadyChecker +} + +func NewHandler( + h *herodot.JSONWriter, + version string, + readyChecks map[string]ReadyChecker, +) *Handler { + return &Handler{ + H: h, + VersionString: version, + ReadyChecks: readyChecks, + } +} + +func (h *Handler) SetRoutes(r *httprouter.Router) { + r.GET(AliveCheckPath, h.Alive) + r.GET(ReadyCheckPath, h.Ready) + r.GET(VersionPath, h.Version) +} + +// swagger:route GET /health/alive health isInstanceAlive +// +// Check the Alive Status +// +// This endpoint returns a 200 status code when the HTTP server is up running. +// This status does currently not include checks whether the database connection is working. +// This endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set. +// +// Be aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance. +// +// Responses: +// 200: healthStatus +// 500: genericError +func (h *Handler) Alive(rw http.ResponseWriter, r *http.Request, _ httprouter.Params) { + h.H.Write(rw, r, &swaggerHealthStatus{ + Status: "ok", + }) +} + +// swagger:route GET /health/ready health isInstanceReady +// +// Check the Readiness Status +// +// This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g. +// the database) are responsive as well. +// +// This status does currently not include checks whether the database connection is working. +// This endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set. +// +// Be aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance. +// +// Responses: +// 200: healthStatus +// 503: healthNotReadyStatus +func (h *Handler) Ready(rw http.ResponseWriter, r *http.Request, _ httprouter.Params) { + var notReady = swaggerNotReadyStatus{ + Errors: map[string]string{}, + } + + for n, c := range h.ReadyChecks { + if err := c(); err != nil { + notReady.Errors[n] = err.Error() + } + } + + if len(notReady.Errors) > 0 { + h.H.WriteCode(rw, r, http.StatusServiceUnavailable, notReady) + return + } + + h.H.Write(rw, r, &swaggerHealthStatus{ + Status: "ok", + }) +} + +// swagger:route GET /version version getVersion +// +// Get the version of Oathkeeper +// +// This endpoint returns the version as `{ "version": "VERSION" }`. The version is only correct with the prebuilt binary and not custom builds. +// +// Responses: +// 200: version +func (h *Handler) Version(rw http.ResponseWriter, r *http.Request, _ httprouter.Params) { + h.H.Write(rw, r, &swaggerVersion{ + Version: h.VersionString, + }) +} diff --git a/health/handler_test.go b/health/handler_test.go new file mode 100644 index 0000000000..66c997b76d --- /dev/null +++ b/health/handler_test.go @@ -0,0 +1,74 @@ +/* + * Copyright © 2017-2018 Aeneas Rekkas + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * @author Aeneas Rekkas + * @copyright 2017-2018 Aeneas Rekkas + * @license Apache-2.0 + */ + +package health + +import ( + "errors" + "net/http" + "net/http/httptest" + "testing" + + "github.com/julienschmidt/httprouter" + "github.com/ory/herodot" + "github.com/ory/oathkeeper/sdk/go/oathkeeper/swagger" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestHealth(t *testing.T) { + alive := errors.New("not alive") + handler := &Handler{ + H: herodot.NewJSONWriter(nil), + VersionString: "test version", + ReadyChecks: map[string]ReadyChecker{ + "test": func() error { + return alive + }, + }, + } + router := httprouter.New() + handler.SetRoutes(router) + ts := httptest.NewServer(router) + + healthClient := swagger.NewHealthApiWithBasePath(ts.URL) + + body, response, err := healthClient.IsInstanceAlive() + require.NoError(t, err) + require.EqualValues(t, http.StatusOK, response.StatusCode) + assert.EqualValues(t, "ok", body.Status) + + versionClient := swagger.NewVersionApiWithBasePath(ts.URL) + version, response, err := versionClient.GetVersion() + require.NoError(t, err) + require.EqualValues(t, http.StatusOK, response.StatusCode) + require.EqualValues(t, version.Version, handler.VersionString) + + _, response, err = healthClient.IsInstanceReady() + require.NoError(t, err) + require.EqualValues(t, http.StatusServiceUnavailable, response.StatusCode) + assert.Equal(t, `{"errors":{"test":"not alive"}}`, string(response.Payload)) + + alive = nil + body, response, err = healthClient.IsInstanceReady() + require.NoError(t, err) + require.EqualValues(t, http.StatusOK, response.StatusCode) + assert.EqualValues(t, "ok", body.Status) +} diff --git a/sdk/go/oathkeeper/swagger/README.md b/sdk/go/oathkeeper/swagger/README.md index 9152eb4497..85409b0407 100644 --- a/sdk/go/oathkeeper/swagger/README.md +++ b/sdk/go/oathkeeper/swagger/README.md @@ -23,11 +23,14 @@ All URIs are relative to *http://localhost* Class | Method | HTTP request | Description ------------ | ------------- | ------------- | ------------- *DefaultApi* | [**GetWellKnown**](docs/DefaultApi.md#getwellknown) | **Get** /.well-known/jwks.json | Returns well known keys +*HealthApi* | [**IsInstanceAlive**](docs/HealthApi.md#isinstancealive) | **Get** /health/alive | Check the Alive Status +*HealthApi* | [**IsInstanceReady**](docs/HealthApi.md#isinstanceready) | **Get** /health/ready | Check the Readiness Status *RuleApi* | [**CreateRule**](docs/RuleApi.md#createrule) | **Post** /rules | Create a rule *RuleApi* | [**DeleteRule**](docs/RuleApi.md#deleterule) | **Delete** /rules/{id} | Delete a rule *RuleApi* | [**GetRule**](docs/RuleApi.md#getrule) | **Get** /rules/{id} | Retrieve a rule *RuleApi* | [**ListRules**](docs/RuleApi.md#listrules) | **Get** /rules | List all rules *RuleApi* | [**UpdateRule**](docs/RuleApi.md#updaterule) | **Put** /rules/{id} | Update a rule +*VersionApi* | [**GetVersion**](docs/VersionApi.md#getversion) | **Get** /version | Get the version of Oathkeeper ## Documentation For Models @@ -38,6 +41,8 @@ Class | Method | HTTP request | Description - [AuthenticationOAuth2IntrospectionRequest](docs/AuthenticationOAuth2IntrospectionRequest.md) - [AuthenticationOAuth2Session](docs/AuthenticationOAuth2Session.md) - [Authenticator](docs/Authenticator.md) + - [HealthNotReadyStatus](docs/HealthNotReadyStatus.md) + - [HealthStatus](docs/HealthStatus.md) - [InlineResponse401](docs/InlineResponse401.md) - [IntrospectionResponse](docs/IntrospectionResponse.md) - [JsonWebKey](docs/JsonWebKey.md) @@ -55,6 +60,7 @@ Class | Method | HTTP request | Description - [SwaggerRulesResponse](docs/SwaggerRulesResponse.md) - [SwaggerUpdateRuleParameters](docs/SwaggerUpdateRuleParameters.md) - [Upstream](docs/Upstream.md) + - [Version](docs/Version.md) ## Documentation For Authorization diff --git a/sdk/go/oathkeeper/swagger/authentication_default_session.go b/sdk/go/oathkeeper/swagger/authentication_default_session.go index 479e59a6bd..b02d700bb4 100644 --- a/sdk/go/oathkeeper/swagger/authentication_default_session.go +++ b/sdk/go/oathkeeper/swagger/authentication_default_session.go @@ -16,5 +16,5 @@ type AuthenticationDefaultSession struct { Allowed bool `json:"allowed,omitempty"` // Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. - Subject string `json:"subject,omitempty"` + Sub string `json:"sub,omitempty"` } diff --git a/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_request.go b/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_request.go index a8974d9c21..620bc1827e 100644 --- a/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_request.go +++ b/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_request.go @@ -15,7 +15,7 @@ type AuthenticationOAuth2ClientCredentialsRequest struct { // Token is the token to introspect. Id string `json:"id,omitempty"` - // Scopes is an array of scopes that are required. + // Scope is an array of scopes that are required. Scope []string `json:"scope,omitempty"` Secret string `json:"secret,omitempty"` diff --git a/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_session.go b/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_session.go index 0856a5f9b9..1361279bf7 100644 --- a/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_session.go +++ b/sdk/go/oathkeeper/swagger/authentication_o_auth2_client_credentials_session.go @@ -16,5 +16,5 @@ type AuthenticationOAuth2ClientCredentialsSession struct { Allowed bool `json:"allowed,omitempty"` // Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. - Subject string `json:"subject,omitempty"` + Sub string `json:"sub,omitempty"` } diff --git a/sdk/go/oathkeeper/swagger/authentication_o_auth2_introspection_request.go b/sdk/go/oathkeeper/swagger/authentication_o_auth2_introspection_request.go index 5131ee23ff..99e5fe7d75 100644 --- a/sdk/go/oathkeeper/swagger/authentication_o_auth2_introspection_request.go +++ b/sdk/go/oathkeeper/swagger/authentication_o_auth2_introspection_request.go @@ -12,7 +12,7 @@ package swagger type AuthenticationOAuth2IntrospectionRequest struct { - // Scopes is an array of scopes that are required. + // Scope is an array of scopes that are required. Scope []string `json:"scope,omitempty"` // Token is the token to introspect. diff --git a/sdk/go/oathkeeper/swagger/authentication_o_auth2_session.go b/sdk/go/oathkeeper/swagger/authentication_o_auth2_session.go index 7469853fc0..e707592cff 100644 --- a/sdk/go/oathkeeper/swagger/authentication_o_auth2_session.go +++ b/sdk/go/oathkeeper/swagger/authentication_o_auth2_session.go @@ -19,30 +19,30 @@ type AuthenticationOAuth2Session struct { // Allowed is true if the request is allowed and false otherwise. Allowed bool `json:"allowed,omitempty"` - Audience []string `json:"audience,omitempty"` + Aud []string `json:"aud,omitempty"` // ClientID is the id of the OAuth2 client that requested the token. ClientId string `json:"client_id,omitempty"` // ExpiresAt is the expiry timestamp. - ExpiresAt time.Time `json:"expires_at,omitempty"` - - // GrantedScopes is a list of scopes that the subject authorized when asked for consent. - GrantedScope []string `json:"granted_scope,omitempty"` + Exp time.Time `json:"exp,omitempty"` // IssuedAt is the token creation time stamp. - IssuedAt time.Time `json:"issued_at,omitempty"` + Iat time.Time `json:"iat,omitempty"` // Issuer is the id of the issuer, typically an hydra instance. - Issuer string `json:"issuer,omitempty"` + Iss string `json:"iss,omitempty"` - NotBefore time.Time `json:"not_before,omitempty"` + Nbf time.Time `json:"nbf,omitempty"` + + // GrantedScopes is a list of scopes that the subject authorized when asked for consent. + Scope string `json:"scope,omitempty"` // Session represents arbitrary session data. Session map[string]interface{} `json:"session,omitempty"` // Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. - Subject string `json:"subject,omitempty"` + Sub string `json:"sub,omitempty"` Username string `json:"username,omitempty"` } diff --git a/sdk/go/oathkeeper/swagger/docs/AuthenticationDefaultSession.md b/sdk/go/oathkeeper/swagger/docs/AuthenticationDefaultSession.md index ec0c0812ff..5c274c868d 100644 --- a/sdk/go/oathkeeper/swagger/docs/AuthenticationDefaultSession.md +++ b/sdk/go/oathkeeper/swagger/docs/AuthenticationDefaultSession.md @@ -4,7 +4,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **Allowed** | **bool** | Allowed is true if the request is allowed and false otherwise. | [optional] [default to null] -**Subject** | **string** | Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. | [optional] [default to null] +**Sub** | **string** | Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsRequest.md b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsRequest.md index 9eb4a9ad11..656ee648fc 100644 --- a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsRequest.md +++ b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsRequest.md @@ -4,7 +4,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **Id** | **string** | Token is the token to introspect. | [optional] [default to null] -**Scope** | **[]string** | Scopes is an array of scopes that are required. | [optional] [default to null] +**Scope** | **[]string** | Scope is an array of scopes that are required. | [optional] [default to null] **Secret** | **string** | | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsSession.md b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsSession.md index 4ec14337d5..87710e6725 100644 --- a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsSession.md +++ b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2ClientCredentialsSession.md @@ -4,7 +4,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **Allowed** | **bool** | Allowed is true if the request is allowed and false otherwise. | [optional] [default to null] -**Subject** | **string** | Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. | [optional] [default to null] +**Sub** | **string** | Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2IntrospectionRequest.md b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2IntrospectionRequest.md index 643fc81a1d..a76d4d7bb9 100644 --- a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2IntrospectionRequest.md +++ b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2IntrospectionRequest.md @@ -3,7 +3,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**Scope** | **[]string** | Scopes is an array of scopes that are required. | [optional] [default to null] +**Scope** | **[]string** | Scope is an array of scopes that are required. | [optional] [default to null] **Token** | **string** | Token is the token to introspect. | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2Session.md b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2Session.md index 8cb7ffd611..94b9fd4919 100644 --- a/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2Session.md +++ b/sdk/go/oathkeeper/swagger/docs/AuthenticationOAuth2Session.md @@ -4,15 +4,15 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- **Allowed** | **bool** | Allowed is true if the request is allowed and false otherwise. | [optional] [default to null] -**Audience** | **[]string** | | [optional] [default to null] +**Aud** | **[]string** | | [optional] [default to null] **ClientId** | **string** | ClientID is the id of the OAuth2 client that requested the token. | [optional] [default to null] -**ExpiresAt** | [**time.Time**](time.Time.md) | ExpiresAt is the expiry timestamp. | [optional] [default to null] -**GrantedScope** | **[]string** | GrantedScopes is a list of scopes that the subject authorized when asked for consent. | [optional] [default to null] -**IssuedAt** | [**time.Time**](time.Time.md) | IssuedAt is the token creation time stamp. | [optional] [default to null] -**Issuer** | **string** | Issuer is the id of the issuer, typically an hydra instance. | [optional] [default to null] -**NotBefore** | [**time.Time**](time.Time.md) | | [optional] [default to null] +**Exp** | [**time.Time**](time.Time.md) | ExpiresAt is the expiry timestamp. | [optional] [default to null] +**Iat** | [**time.Time**](time.Time.md) | IssuedAt is the token creation time stamp. | [optional] [default to null] +**Iss** | **string** | Issuer is the id of the issuer, typically an hydra instance. | [optional] [default to null] +**Nbf** | [**time.Time**](time.Time.md) | | [optional] [default to null] +**Scope** | **string** | GrantedScopes is a list of scopes that the subject authorized when asked for consent. | [optional] [default to null] **Session** | [**map[string]interface{}**](interface{}.md) | Session represents arbitrary session data. | [optional] [default to null] -**Subject** | **string** | Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. | [optional] [default to null] +**Sub** | **string** | Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. This is usually a uuid but you can choose a urn or some other id too. | [optional] [default to null] **Username** | **string** | | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/HealthApi.md b/sdk/go/oathkeeper/swagger/docs/HealthApi.md new file mode 100644 index 0000000000..bb8959604a --- /dev/null +++ b/sdk/go/oathkeeper/swagger/docs/HealthApi.md @@ -0,0 +1,62 @@ +# \HealthApi + +All URIs are relative to *http://localhost* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**IsInstanceAlive**](HealthApi.md#IsInstanceAlive) | **Get** /health/alive | Check the Alive Status +[**IsInstanceReady**](HealthApi.md#IsInstanceReady) | **Get** /health/ready | Check the Readiness Status + + +# **IsInstanceAlive** +> HealthStatus IsInstanceAlive() + +Check the Alive Status + +This endpoint returns a 200 status code when the HTTP server is up running. This status does currently not include checks whether the database connection is working. This endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set. Be aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance. + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**HealthStatus**](healthStatus.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **IsInstanceReady** +> HealthStatus IsInstanceReady() + +Check the Readiness Status + +This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g. the database) are responsive as well. This status does currently not include checks whether the database connection is working. This endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set. Be aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance. + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**HealthStatus**](healthStatus.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + diff --git a/sdk/go/oathkeeper/swagger/docs/HealthNotReadyStatus.md b/sdk/go/oathkeeper/swagger/docs/HealthNotReadyStatus.md new file mode 100644 index 0000000000..478dd1f4a1 --- /dev/null +++ b/sdk/go/oathkeeper/swagger/docs/HealthNotReadyStatus.md @@ -0,0 +1,10 @@ +# HealthNotReadyStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**Errors** | **map[string]string** | Errors contains a list of errors that caused the not ready status. | [optional] [default to null] + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/sdk/go/oathkeeper/swagger/docs/HealthStatus.md b/sdk/go/oathkeeper/swagger/docs/HealthStatus.md new file mode 100644 index 0000000000..b6522dc068 --- /dev/null +++ b/sdk/go/oathkeeper/swagger/docs/HealthStatus.md @@ -0,0 +1,10 @@ +# HealthStatus + +## Properties +Name | Type | Description | Notes +------------ | ------------- | ------------- | ------------- +**Status** | **string** | Status always contains \"ok\". | [optional] [default to null] + +[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) + + diff --git a/sdk/go/oathkeeper/swagger/docs/IntrospectionResponse.md b/sdk/go/oathkeeper/swagger/docs/IntrospectionResponse.md index 56aebc858e..f78586f44f 100644 --- a/sdk/go/oathkeeper/swagger/docs/IntrospectionResponse.md +++ b/sdk/go/oathkeeper/swagger/docs/IntrospectionResponse.md @@ -13,6 +13,7 @@ Name | Type | Description | Notes **Nbf** | **int64** | | [optional] [default to null] **Scope** | **string** | | [optional] [default to null] **Sub** | **string** | Here, it's sub | [optional] [default to null] +**TokenType** | **string** | | [optional] [default to null] **Username** | **string** | | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/JsonRule.md b/sdk/go/oathkeeper/swagger/docs/JsonRule.md deleted file mode 100644 index 816e545cad..0000000000 --- a/sdk/go/oathkeeper/swagger/docs/JsonRule.md +++ /dev/null @@ -1,18 +0,0 @@ -# JsonRule - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Description** | **string** | | [optional] [default to null] -**Id** | **string** | | [optional] [default to null] -**MatchesMethods** | **[]string** | | [optional] [default to null] -**MatchesUrl** | **string** | | [optional] [default to null] -**Mode** | **string** | | [optional] [default to null] -**RequiredAction** | **string** | | [optional] [default to null] -**RequiredResource** | **string** | | [optional] [default to null] -**RequiredScopes** | **[]string** | | [optional] [default to null] -**Upstream** | [**Upstream**](Upstream.md) | | [optional] [default to null] - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/sdk/go/oathkeeper/swagger/docs/SwaggerRuleHandler.md b/sdk/go/oathkeeper/swagger/docs/SwaggerRuleHandler.md deleted file mode 100644 index f8cb6b0c15..0000000000 --- a/sdk/go/oathkeeper/swagger/docs/SwaggerRuleHandler.md +++ /dev/null @@ -1,11 +0,0 @@ -# SwaggerRuleHandler - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Config** | **string** | Config contains the configuration for the handler. Please read the user guide for a complete list of each handler's available settings. | [optional] [default to null] -**Handler** | **string** | Handler identifies the implementation which will be used to handle this specific request. Please read the user guide for a complete list of available handlers. | [optional] [default to null] - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/sdk/go/oathkeeper/swagger/docs/SwaggerRuleMatch.md b/sdk/go/oathkeeper/swagger/docs/SwaggerRuleMatch.md deleted file mode 100644 index c520ca0d86..0000000000 --- a/sdk/go/oathkeeper/swagger/docs/SwaggerRuleMatch.md +++ /dev/null @@ -1,11 +0,0 @@ -# SwaggerRuleMatch - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Methods** | **[]string** | An array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming request with the HTTP methods of each rules. If a match is found, the rule is considered a partial match. If the matchesUrl field is satisfied as well, the rule is considered a full match. | [optional] [default to null] -**Url** | **string** | This field represents the URL pattern this rule matches. When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the full request URL (e.g. https://mydomain.com/api/resource) without query parameters of the incoming request with this field. If a match is found, the rule is considered a partial match. If the matchesMethods field is satisfied as well, the rule is considered a full match. You can use regular expressions in this field to match more than one url. Regular expressions are encapsulated in brackets < and >. The following example matches all paths of the domain `mydomain.com`: `https://mydomain.com/<.*>`. For more information refer to: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules | [optional] [default to null] - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/sdk/go/oathkeeper/swagger/docs/RawMessage.md b/sdk/go/oathkeeper/swagger/docs/Version.md similarity index 79% rename from sdk/go/oathkeeper/swagger/docs/RawMessage.md rename to sdk/go/oathkeeper/swagger/docs/Version.md index f8710fd2ed..fb09e432a2 100644 --- a/sdk/go/oathkeeper/swagger/docs/RawMessage.md +++ b/sdk/go/oathkeeper/swagger/docs/Version.md @@ -1,8 +1,9 @@ -# RawMessage +# Version ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- +**Version** | **string** | | [optional] [default to null] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/sdk/go/oathkeeper/swagger/docs/VersionApi.md b/sdk/go/oathkeeper/swagger/docs/VersionApi.md new file mode 100644 index 0000000000..a45d11c89e --- /dev/null +++ b/sdk/go/oathkeeper/swagger/docs/VersionApi.md @@ -0,0 +1,35 @@ +# \VersionApi + +All URIs are relative to *http://localhost* + +Method | HTTP request | Description +------------- | ------------- | ------------- +[**GetVersion**](VersionApi.md#GetVersion) | **Get** /version | Get the version of Oathkeeper + + +# **GetVersion** +> Version GetVersion() + +Get the version of Oathkeeper + +This endpoint returns the version as `{ \"version\": \"VERSION\" }`. The version is only correct with the prebuilt binary and not custom builds. + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**Version**](version.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + diff --git a/sdk/go/oathkeeper/swagger/health_api.go b/sdk/go/oathkeeper/swagger/health_api.go new file mode 100644 index 0000000000..f3333f1dc3 --- /dev/null +++ b/sdk/go/oathkeeper/swagger/health_api.go @@ -0,0 +1,155 @@ +/* + * ORY Oathkeeper + * + * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. + * + * OpenAPI spec version: Latest + * Contact: hi@ory.am + * Generated by: https://github.com/swagger-api/swagger-codegen.git + */ + +package swagger + +import ( + "encoding/json" + "net/url" + "strings" +) + +type HealthApi struct { + Configuration *Configuration +} + +func NewHealthApi() *HealthApi { + configuration := NewConfiguration() + return &HealthApi{ + Configuration: configuration, + } +} + +func NewHealthApiWithBasePath(basePath string) *HealthApi { + configuration := NewConfiguration() + configuration.BasePath = basePath + + return &HealthApi{ + Configuration: configuration, + } +} + +/** + * Check the Alive Status + * This endpoint returns a 200 status code when the HTTP server is up running. This status does currently not include checks whether the database connection is working. This endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set. Be aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance. + * + * @return *HealthStatus + */ +func (a HealthApi) IsInstanceAlive() (*HealthStatus, *APIResponse, error) { + + var localVarHttpMethod = strings.ToUpper("Get") + // create path and map variables + localVarPath := a.Configuration.BasePath + "/health/alive" + + localVarHeaderParams := make(map[string]string) + localVarQueryParams := url.Values{} + localVarFormParams := make(map[string]string) + var localVarPostBody interface{} + var localVarFileName string + var localVarFileBytes []byte + // add default headers if any + for key := range a.Configuration.DefaultHeader { + localVarHeaderParams[key] = a.Configuration.DefaultHeader[key] + } + + // to determine the Content-Type header + localVarHttpContentTypes := []string{"application/json"} + + // set Content-Type header + localVarHttpContentType := a.Configuration.APIClient.SelectHeaderContentType(localVarHttpContentTypes) + if localVarHttpContentType != "" { + localVarHeaderParams["Content-Type"] = localVarHttpContentType + } + // to determine the Accept header + localVarHttpHeaderAccepts := []string{ + "application/json", + } + + // set Accept header + localVarHttpHeaderAccept := a.Configuration.APIClient.SelectHeaderAccept(localVarHttpHeaderAccepts) + if localVarHttpHeaderAccept != "" { + localVarHeaderParams["Accept"] = localVarHttpHeaderAccept + } + var successPayload = new(HealthStatus) + localVarHttpResponse, err := a.Configuration.APIClient.CallAPI(localVarPath, localVarHttpMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFileName, localVarFileBytes) + + var localVarURL, _ = url.Parse(localVarPath) + localVarURL.RawQuery = localVarQueryParams.Encode() + var localVarAPIResponse = &APIResponse{Operation: "IsInstanceAlive", Method: localVarHttpMethod, RequestURL: localVarURL.String()} + if localVarHttpResponse != nil { + localVarAPIResponse.Response = localVarHttpResponse.RawResponse + localVarAPIResponse.Payload = localVarHttpResponse.Body() + } + + if err != nil { + return successPayload, localVarAPIResponse, err + } + err = json.Unmarshal(localVarHttpResponse.Body(), &successPayload) + return successPayload, localVarAPIResponse, err +} + +/** + * Check the Readiness Status + * This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g. the database) are responsive as well. This status does currently not include checks whether the database connection is working. This endpoint does not require the `X-Forwarded-Proto` header when TLS termination is set. Be aware that if you are running multiple nodes of ORY Oathkeeper, the health status will never refer to the cluster state, only to a single instance. + * + * @return *HealthStatus + */ +func (a HealthApi) IsInstanceReady() (*HealthStatus, *APIResponse, error) { + + var localVarHttpMethod = strings.ToUpper("Get") + // create path and map variables + localVarPath := a.Configuration.BasePath + "/health/ready" + + localVarHeaderParams := make(map[string]string) + localVarQueryParams := url.Values{} + localVarFormParams := make(map[string]string) + var localVarPostBody interface{} + var localVarFileName string + var localVarFileBytes []byte + // add default headers if any + for key := range a.Configuration.DefaultHeader { + localVarHeaderParams[key] = a.Configuration.DefaultHeader[key] + } + + // to determine the Content-Type header + localVarHttpContentTypes := []string{"application/json"} + + // set Content-Type header + localVarHttpContentType := a.Configuration.APIClient.SelectHeaderContentType(localVarHttpContentTypes) + if localVarHttpContentType != "" { + localVarHeaderParams["Content-Type"] = localVarHttpContentType + } + // to determine the Accept header + localVarHttpHeaderAccepts := []string{ + "application/json", + } + + // set Accept header + localVarHttpHeaderAccept := a.Configuration.APIClient.SelectHeaderAccept(localVarHttpHeaderAccepts) + if localVarHttpHeaderAccept != "" { + localVarHeaderParams["Accept"] = localVarHttpHeaderAccept + } + var successPayload = new(HealthStatus) + localVarHttpResponse, err := a.Configuration.APIClient.CallAPI(localVarPath, localVarHttpMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFileName, localVarFileBytes) + + var localVarURL, _ = url.Parse(localVarPath) + localVarURL.RawQuery = localVarQueryParams.Encode() + var localVarAPIResponse = &APIResponse{Operation: "IsInstanceReady", Method: localVarHttpMethod, RequestURL: localVarURL.String()} + if localVarHttpResponse != nil { + localVarAPIResponse.Response = localVarHttpResponse.RawResponse + localVarAPIResponse.Payload = localVarHttpResponse.Body() + } + + if err != nil { + return successPayload, localVarAPIResponse, err + } + err = json.Unmarshal(localVarHttpResponse.Body(), &successPayload) + return successPayload, localVarAPIResponse, err +} diff --git a/sdk/go/oathkeeper/swagger/health_not_ready_status.go b/sdk/go/oathkeeper/swagger/health_not_ready_status.go new file mode 100644 index 0000000000..91a56f13cd --- /dev/null +++ b/sdk/go/oathkeeper/swagger/health_not_ready_status.go @@ -0,0 +1,17 @@ +/* + * ORY Oathkeeper + * + * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. + * + * OpenAPI spec version: Latest + * Contact: hi@ory.am + * Generated by: https://github.com/swagger-api/swagger-codegen.git + */ + +package swagger + +type HealthNotReadyStatus struct { + + // Errors contains a list of errors that caused the not ready status. + Errors map[string]string `json:"errors,omitempty"` +} diff --git a/sdk/go/oathkeeper/swagger/raw_message.go b/sdk/go/oathkeeper/swagger/health_status.go similarity index 71% rename from sdk/go/oathkeeper/swagger/raw_message.go rename to sdk/go/oathkeeper/swagger/health_status.go index 5564a13e28..0ebff2ff65 100644 --- a/sdk/go/oathkeeper/swagger/raw_message.go +++ b/sdk/go/oathkeeper/swagger/health_status.go @@ -10,6 +10,8 @@ package swagger -// It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding. -type RawMessage struct { +type HealthStatus struct { + + // Status always contains \"ok\". + Status string `json:"status,omitempty"` } diff --git a/sdk/go/oathkeeper/swagger/introspection_response.go b/sdk/go/oathkeeper/swagger/introspection_response.go index 7eb204ff05..8c8fd5e98d 100644 --- a/sdk/go/oathkeeper/swagger/introspection_response.go +++ b/sdk/go/oathkeeper/swagger/introspection_response.go @@ -33,5 +33,7 @@ type IntrospectionResponse struct { // Here, it's sub Sub string `json:"sub,omitempty"` + TokenType string `json:"token_type,omitempty"` + Username string `json:"username,omitempty"` } diff --git a/sdk/go/oathkeeper/swagger/json_rule.go b/sdk/go/oathkeeper/swagger/json_rule.go deleted file mode 100644 index a94b70d6c6..0000000000 --- a/sdk/go/oathkeeper/swagger/json_rule.go +++ /dev/null @@ -1,31 +0,0 @@ -/* - * ORY Oathkeeper - * - * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. - * - * OpenAPI spec version: Latest - * Contact: hi@ory.am - * Generated by: https://github.com/swagger-api/swagger-codegen.git - */ - -package swagger - -type JsonRule struct { - Description string `json:"description,omitempty"` - - Id string `json:"id,omitempty"` - - MatchesMethods []string `json:"matchesMethods,omitempty"` - - MatchesUrl string `json:"matchesUrl,omitempty"` - - Mode string `json:"mode,omitempty"` - - RequiredAction string `json:"requiredAction,omitempty"` - - RequiredResource string `json:"requiredResource,omitempty"` - - RequiredScopes []string `json:"requiredScopes,omitempty"` - - Upstream Upstream `json:"upstream,omitempty"` -} diff --git a/sdk/go/oathkeeper/swagger/swagger_rule_handler.go b/sdk/go/oathkeeper/swagger/swagger_rule_handler.go deleted file mode 100644 index 0501fb1dbc..0000000000 --- a/sdk/go/oathkeeper/swagger/swagger_rule_handler.go +++ /dev/null @@ -1,22 +0,0 @@ -/* - * ORY Oathkeeper - * - * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. - * - * OpenAPI spec version: Latest - * Contact: hi@ory.am - * Generated by: https://github.com/swagger-api/swagger-codegen.git - */ - -package swagger - -import "encoding/json" - -type SwaggerRuleHandler struct { - - // Config contains the configuration for the handler. Please read the user guide for a complete list of each handler's available settings. - Config json.RawMessage `json:"config,omitempty"` - - // Handler identifies the implementation which will be used to handle this specific request. Please read the user guide for a complete list of available handlers. - Handler string `json:"handler,omitempty"` -} diff --git a/sdk/go/oathkeeper/swagger/swagger_rule_match.go b/sdk/go/oathkeeper/swagger/swagger_rule_match.go deleted file mode 100644 index 41daa92b2d..0000000000 --- a/sdk/go/oathkeeper/swagger/swagger_rule_match.go +++ /dev/null @@ -1,20 +0,0 @@ -/* - * ORY Oathkeeper - * - * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. - * - * OpenAPI spec version: Latest - * Contact: hi@ory.am - * Generated by: https://github.com/swagger-api/swagger-codegen.git - */ - -package swagger - -type SwaggerRuleMatch struct { - - // An array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming request with the HTTP methods of each rules. If a match is found, the rule is considered a partial match. If the matchesUrl field is satisfied as well, the rule is considered a full match. - Methods []string `json:"methods,omitempty"` - - // This field represents the URL pattern this rule matches. When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the full request URL (e.g. https://mydomain.com/api/resource) without query parameters of the incoming request with this field. If a match is found, the rule is considered a partial match. If the matchesMethods field is satisfied as well, the rule is considered a full match. You can use regular expressions in this field to match more than one url. Regular expressions are encapsulated in brackets < and >. The following example matches all paths of the domain `mydomain.com`: `https://mydomain.com/<.*>`. For more information refer to: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules - Url string `json:"url,omitempty"` -} diff --git a/sdk/go/oathkeeper/swagger/version.go b/sdk/go/oathkeeper/swagger/version.go new file mode 100644 index 0000000000..172a0d3249 --- /dev/null +++ b/sdk/go/oathkeeper/swagger/version.go @@ -0,0 +1,15 @@ +/* + * ORY Oathkeeper + * + * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. + * + * OpenAPI spec version: Latest + * Contact: hi@ory.am + * Generated by: https://github.com/swagger-api/swagger-codegen.git + */ + +package swagger + +type Version struct { + Version string `json:"version,omitempty"` +} diff --git a/sdk/go/oathkeeper/swagger/version_api.go b/sdk/go/oathkeeper/swagger/version_api.go new file mode 100644 index 0000000000..0b751182f3 --- /dev/null +++ b/sdk/go/oathkeeper/swagger/version_api.go @@ -0,0 +1,96 @@ +/* + * ORY Oathkeeper + * + * ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. + * + * OpenAPI spec version: Latest + * Contact: hi@ory.am + * Generated by: https://github.com/swagger-api/swagger-codegen.git + */ + +package swagger + +import ( + "encoding/json" + "net/url" + "strings" +) + +type VersionApi struct { + Configuration *Configuration +} + +func NewVersionApi() *VersionApi { + configuration := NewConfiguration() + return &VersionApi{ + Configuration: configuration, + } +} + +func NewVersionApiWithBasePath(basePath string) *VersionApi { + configuration := NewConfiguration() + configuration.BasePath = basePath + + return &VersionApi{ + Configuration: configuration, + } +} + +/** + * Get the version of Oathkeeper + * This endpoint returns the version as `{ \"version\": \"VERSION\" }`. The version is only correct with the prebuilt binary and not custom builds. + * + * @return *Version + */ +func (a VersionApi) GetVersion() (*Version, *APIResponse, error) { + + var localVarHttpMethod = strings.ToUpper("Get") + // create path and map variables + localVarPath := a.Configuration.BasePath + "/version" + + localVarHeaderParams := make(map[string]string) + localVarQueryParams := url.Values{} + localVarFormParams := make(map[string]string) + var localVarPostBody interface{} + var localVarFileName string + var localVarFileBytes []byte + // add default headers if any + for key := range a.Configuration.DefaultHeader { + localVarHeaderParams[key] = a.Configuration.DefaultHeader[key] + } + + // to determine the Content-Type header + localVarHttpContentTypes := []string{"application/json"} + + // set Content-Type header + localVarHttpContentType := a.Configuration.APIClient.SelectHeaderContentType(localVarHttpContentTypes) + if localVarHttpContentType != "" { + localVarHeaderParams["Content-Type"] = localVarHttpContentType + } + // to determine the Accept header + localVarHttpHeaderAccepts := []string{ + "application/json", + } + + // set Accept header + localVarHttpHeaderAccept := a.Configuration.APIClient.SelectHeaderAccept(localVarHttpHeaderAccepts) + if localVarHttpHeaderAccept != "" { + localVarHeaderParams["Accept"] = localVarHttpHeaderAccept + } + var successPayload = new(Version) + localVarHttpResponse, err := a.Configuration.APIClient.CallAPI(localVarPath, localVarHttpMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFileName, localVarFileBytes) + + var localVarURL, _ = url.Parse(localVarPath) + localVarURL.RawQuery = localVarQueryParams.Encode() + var localVarAPIResponse = &APIResponse{Operation: "GetVersion", Method: localVarHttpMethod, RequestURL: localVarURL.String()} + if localVarHttpResponse != nil { + localVarAPIResponse.Response = localVarHttpResponse.RawResponse + localVarAPIResponse.Payload = localVarHttpResponse.Body() + } + + if err != nil { + return successPayload, localVarAPIResponse, err + } + err = json.Unmarshal(localVarHttpResponse.Body(), &successPayload) + return successPayload, localVarAPIResponse, err +} From b4607bccf56885fff6eb7c2b49cb989bfe2389c4 Mon Sep 17 00:00:00 2001 From: arekkas Date: Sat, 21 Jul 2018 16:45:25 +0200 Subject: [PATCH 2/2] ci: Improve CI workflow Closes #89 Signed-off-by: arekkas --- .circleci/config.yml | 56 ++++++++++++++++++++++++++++++++------------ 1 file changed, 41 insertions(+), 15 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 579e08330e..79efcca0d8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -62,7 +62,7 @@ jobs: # Submit coverage details - run: test -z "$CIRCLE_PR_NUMBER" && goveralls -service=circle-ci -coverprofile=coverage.txt -repotoken=$COVERALLS_REPO_TOKEN || echo "forks are not allowed to push to coveralls" - test-docker: + build-docker: docker: - image: library/docker:17.10 steps: @@ -72,7 +72,7 @@ jobs: - run: docker build -f Dockerfile -t oathkeeper-test . - run: docker run oathkeeper-test version - release: + release-docker: docker: - image: circleci/golang:1.10 working_directory: /go/src/github.com/ory/oathkeeper @@ -86,7 +86,7 @@ jobs: - run: docker push oryd/oathkeeper:$CIRCLE_TAG - run: docker push oryd/oathkeeper:latest - publish-docs: + release-docs: docker: - image: alpine/git:1.0.4 working_directory: /go/src/github.com/ory/oathkeeper @@ -98,7 +98,7 @@ jobs: - run: "cp ./docs/api.swagger.json ../docs/apis/oathkeeper.json" - run: "(cd ../docs && git add -A && git commit -a -m \"Updates ORY Oathkeeper Swagger definitions\" && git push origin) || exit 0" - changelog: + release-changelog: docker: - image: circleci/ruby:2.4-node steps: @@ -118,6 +118,19 @@ jobs: - run: git remote add origin https://arekkas:$GITHUB_TOKEN@github.com/ory/oathkeeper.git - run: git push origin HEAD:master || true + release-binaries: + docker: + - image: circleci/golang:1.10 + working_directory: /go/src/github.com/ory/oathkeeper + steps: + - checkout + - run: curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh + - run: go get -u github.com/mitchellh/gox github.com/tcnksm/ghr + - run: dep ensure -vendor-only + - run: | + gox -parallel=2 -ldflags "-X github.com/ory/oathkeeper/cmd.Version=`git describe --tags` -X github.com/ory/oathkeeper/cmd.BuildTime=`TZ=UTC date -u '+%Y-%m-%dT%H:%M:%SZ'` -X github.com/ory/oathkeeper/cmd.GitHash=`git rev-parse HEAD`" -output "dist/{{.Dir}}-{{.OS}}-{{.Arch}}"; + - run: ghr -t $GITHUB_TOKEN -u $CIRCLE_PROJECT_USERNAME -r $CIRCLE_PROJECT_REPONAME --replace `git describe --tags` dist/ + workflows: version: 2 "test, build, and relase": @@ -130,19 +143,15 @@ workflows: filters: tags: only: /.*/ - - swagger: - filters: - tags: - only: /.*/ - - publish-docs: + - release-docs: filters: branches: only: master - - changelog: + - swagger: filters: - branches: - only: master - - test-docker: + tags: + only: /.*/ + - build-docker: requires: - test - swagger @@ -150,9 +159,26 @@ workflows: filters: tags: only: /.*/ - - release: + - release-binaries: + requires: + - build-docker + filters: + tags: + only: /.*/ + branches: + ignore: /.*/ + - release-docker: + requires: + - build-docker + filters: + tags: + only: /.*/ + branches: + ignore: /.*/ + - release-changelog: requires: - - test-docker + - release-docker + - release-binaries filters: tags: only: /.*/