Arsharth/dex
1
0
Fork 0
forked from mystiq/dex
Code Issues Pull requests Projects Releases Packages Wiki Activity

schema: add public clients to schema

Browse source 
and update docs
This commit is contained in:
Bobby Rullo 2016-06-16 10:50:13 -07:00
parent 61d3e5659e
commit ff933812f5
4 changed files with 33 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
schema/adminschema/README.md
View file

@ -26,11 +26,12 @@ __Version:__ v1
```
{
clientName: string // OPTIONAL. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) .,
clientName: string // OPTIONAL for normal cliens. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ). REQUIRED for public clients,
clientURI: string // OPTIONAL. URL of the home page of the Client. The value of this field MUST point to a valid Web page. If present, the server SHOULD display this URL to the End-User in a followable fashion. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) .,
id: string // The client ID. Ignored in client create requests.,
isAdmin: boolean,
logoURI: string // OPTIONAL. URL that references a logo for the Client application. If present, the server SHOULD display this image to the End-User during approval. The value of this field MUST point to a valid image file. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) .,
public: boolean // OPTIONAL. Determines if the client is public. Public clients have certain restrictions: They cannot use their credentials to obtain a client JWT. Their redirects URLs cannot be specified: they are always http://localhost:$PORT or urn:ietf:wg:oauth:2.0:oob,
redirectURIs: [
string
],

30
schema/adminschema/v1-gen.go
View file

@ -110,10 +110,11 @@ type Admin struct {
}
type Client struct {
// ClientName: OPTIONAL. Name of the Client to be presented to the
// End-User. If desired, representation of this Claim in different
// languages and scripts is represented as described in Section 2.1 (
// Metadata Languages and Scripts ) .
// ClientName: OPTIONAL for normal cliens. Name of the Client to be
// presented to the End-User. If desired, representation of this Claim
// in different languages and scripts is represented as described in
// Section 2.1 ( Metadata Languages and Scripts ). REQUIRED for public
// clients
ClientName string `json:"clientName,omitempty"`
// ClientURI: OPTIONAL. URL of the home page of the Client. The value of
@ -137,13 +138,20 @@ type Client struct {
// Section 2.1 ( Metadata Languages and Scripts ) .
LogoURI string `json:"logoURI,omitempty"`
// RedirectURIs: REQUIRED. Array of Redirection URI values used by the
// Client. One of these registered Redirection URI values MUST exactly
// match the redirect_uri parameter value used in each Authorization
// Request, with the matching performed as described in Section 6.2.1 of
// [RFC3986] ( Berners-Lee, T., Fielding, R., and L. Masinter,
// “Uniform Resource Identifier (URI): Generic Syntax,” January
// 2005. ) (Simple String Comparison).
// Public: OPTIONAL. Determines if the client is public. Public clients
// have certain restrictions: They cannot use their credentials to
// obtain a client JWT. Their redirects URLs cannot be specified: they
// are always http://localhost:$PORT or urn:ietf:wg:oauth:2.0:oob
Public bool `json:"public,omitempty"`
// RedirectURIs: REQUIRED for normal clients. Array of Redirection URI
// values used by the Client. One of these registered Redirection URI
// values MUST exactly match the redirect_uri parameter value used in
// each Authorization Request, with the matching performed as described
// in Section 6.2.1 of [RFC3986] ( Berners-Lee, T., Fielding, R., and L.
// Masinter, “Uniform Resource Identifier (URI): Generic Syntax,”
// January 2005. ) (Simple String Comparison). DISALLOWED for public
// clients.
RedirectURIs []string `json:"redirectURIs,omitempty"`
// Secret: The client secret. Ignored in client create requests.

8
schema/adminschema/v1-json.go
View file

@ -72,11 +72,11 @@ const DiscoveryJSON = `{
"items": {
"type": "string"
},
"description": "REQUIRED. Array of Redirection URI values used by the Client. One of these registered Redirection URI values MUST exactly match the redirect_uri parameter value used in each Authorization Request, with the matching performed as described in Section 6.2.1 of [RFC3986] ( Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005. ) (Simple String Comparison)."
"description": "REQUIRED for normal clients. Array of Redirection URI values used by the Client. One of these registered Redirection URI values MUST exactly match the redirect_uri parameter value used in each Authorization Request, with the matching performed as described in Section 6.2.1 of [RFC3986] ( Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005. ) (Simple String Comparison). DISALLOWED for public clients."
},
"clientName": {
"type": "string",
"description": "OPTIONAL. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) ."
"description": "OPTIONAL for normal cliens. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ). REQUIRED for public clients"
},
"logoURI": {
"type": "string",
@ -92,6 +92,10 @@ const DiscoveryJSON = `{
"type": "string"
},
"description": "Array of ClientIDs of clients that are allowed to mint ID tokens for the client being created."
},
"public": {
"type": "boolean",
"description": "OPTIONAL. Determines if the client is public. Public clients have certain restrictions: They cannot use their credentials to obtain a client JWT. Their redirects URLs cannot be specified: they are always http://localhost:$PORT or urn:ietf:wg:oauth:2.0:oob"
}
}
},

8
schema/adminschema/v1.json
View file

@ -65,11 +65,11 @@
"items": {
"type": "string"
},
"description": "REQUIRED. Array of Redirection URI values used by the Client. One of these registered Redirection URI values MUST exactly match the redirect_uri parameter value used in each Authorization Request, with the matching performed as described in Section 6.2.1 of [RFC3986] ( Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005. ) (Simple String Comparison)."
"description": "REQUIRED for normal clients. Array of Redirection URI values used by the Client. One of these registered Redirection URI values MUST exactly match the redirect_uri parameter value used in each Authorization Request, with the matching performed as described in Section 6.2.1 of [RFC3986] ( Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005. ) (Simple String Comparison). DISALLOWED for public clients."
},
"clientName": {
"type": "string",
"description": "OPTIONAL. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ) ."
"description": "OPTIONAL for normal cliens. Name of the Client to be presented to the End-User. If desired, representation of this Claim in different languages and scripts is represented as described in Section 2.1 ( Metadata Languages and Scripts ). REQUIRED for public clients"
},
"logoURI": {
"type": "string",
@ -85,6 +85,10 @@
"type": "string"
},
"description": "Array of ClientIDs of clients that are allowed to mint ID tokens for the client being created."
},
"public": {
"type": "boolean",
"description": "OPTIONAL. Determines if the client is public. Public clients have certain restrictions: They cannot use their credentials to obtain a client JWT. Their redirects URLs cannot be specified: they are always http://localhost:$PORT or urn:ietf:wg:oauth:2.0:oob."
}
}
},