Skip to content

Commit

Permalink
docs: Improve swagger documentation
Browse files Browse the repository at this point in the history
arekkas authored and arekkas committed Nov 18, 2017
1 parent e7ed8ca commit 8f16a9b
Showing 20 changed files with 151 additions and 104 deletions.
5 changes: 2 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
@@ -9,11 +9,10 @@
<a href="https://patreon.com/user?u=4298803">Support us on patreon!</a>
</h4>

This is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service
ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service
uses Hydra to validate access tokens and policies. This service is under **active development** with **regular breaking changes**.

[![CircleCI](https://circleci.com/gh/ory/oathkeeper/tree/master.svg?style=svg)](https://circleci.com/gh/ory/oathkeeper/tree/master)
[![Coverage Status](https://coveralls.io/repos/github/ory/oathkeeper/badge.svg?branch=master)](https://coveralls.io/github/ory/oathkeeper?branch=master)
[![CircleCI](https://circleci.com/gh/ory/oathkeeper.svg?style=svg&circle-token=eb458bf636326d41674141b6bbfa475a39c9db1e)](https://circleci.com/gh/ory/oathkeeper)

## Running

5 changes: 4 additions & 1 deletion doc.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
// Package main Oathkeeper
// Package main ORY Oathkeeper
//
// ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service
// uses Hydra to validate access tokens and policies.
//
// Oathkeeper
//
36 changes: 20 additions & 16 deletions docs/api.swagger.json
Original file line number Diff line number Diff line change
@@ -11,8 +11,8 @@
],
"swagger": "2.0",
"info": {
"description": "Oathkeeper",
"title": "Oathkeeper",
"description": "ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service\nuses Hydra to validate access tokens and policies.\n\nOathkeeper",
"title": "ORY Oathkeeper",
"contact": {
"name": "ORY",
"url": "https://www.ory.am",
@@ -24,7 +24,7 @@
"paths": {
"/rules": {
"get": {
"description": "List all rules",
"description": "This method returns an array of all rules that are stored in the backend. This is useful if you want to get a full\nview of what rules you have currently in place.",
"consumes": [
"application/json"
],
@@ -38,6 +38,7 @@
"tags": [
"rule"
],
"summary": "List all rules",
"operationId": "listRules",
"responses": {
"200": {
@@ -97,7 +98,7 @@
},
"/rules/{id}": {
"get": {
"description": "Get a rule",
"description": "Use this method to retrieve a rule from the storage. If it does not exist you will receive a 404 error.",
"consumes": [
"application/json"
],
@@ -111,6 +112,7 @@
"tags": [
"rule"
],
"summary": "Retrieve a rule",
"operationId": "getRule",
"parameters": [
{
@@ -140,7 +142,7 @@
}
},
"put": {
"description": "Update a rule",
"description": "Use this method to update a rule. Keep in mind that you need to send the full rule payload as this endpoint does\nnot support patching.",
"consumes": [
"application/json"
],
@@ -154,6 +156,7 @@
"tags": [
"rule"
],
"summary": "Update a rule",
"operationId": "updateRule",
"parameters": [
{
@@ -190,7 +193,7 @@
}
},
"delete": {
"description": "Delete a rule",
"description": "Use this endpoint to delete a rule.",
"consumes": [
"application/json"
],
@@ -204,6 +207,7 @@
"tags": [
"rule"
],
"summary": "Delete a rule",
"operationId": "deleteRule",
"parameters": [
{
@@ -240,55 +244,55 @@
"type": "object",
"properties": {
"allowAnonymousModeEnabled": {
"description": "AllowAnonymousModeEnabled sets if the endpoint is public, thus not needing any authorization at all.",
"description": "If set to true, the protected endpoint is available to anonymous users. That means that the endpoint is accessible\nwithout having a valid access token. This setting overrides `basicAuthorizationModeEnabled`.",
"type": "boolean",
"x-go-name": "AllowAnonymousModeEnabled"
},
"basicAuthorizationModeEnabled": {
"description": "BasicAuthorizationModeEnabled if set true disables checking access control policies.",
"description": "If set to true, disables checks against ORY Hydra's Warden API and uses basic authorization. This means that\nthe access token is validated (e.g. checking if it is expired, check if it claimed the necessary scopes)\nbut does not use the `requiredAction` and `requiredResource` fields for advanced access control.",
"type": "boolean",
"x-go-name": "BasicAuthorizationModeEnabled"
},
"description": {
"description": "Description describes the rule.",
"description": "A human readable description of this rule.",
"type": "string",
"x-go-name": "Description"
},
"id": {
"description": "ID the a unique id of a rule.",
"description": "The ID is the unique id of the rule. It can be at most 190 characters long, but the layout of the ID is up to you.\nYou will need this ID later on to update or delete the rule.",
"type": "string",
"x-go-name": "ID"
},
"matchesMethods": {
"description": "MatchesMethods is a list of HTTP methods that this rule matches.",
"description": "An array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules\nto decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming\nrequest with the HTTP methods of each rules. If a match is found, the rule is considered a partial match.\nIf the matchesUrl field is satisfied as well, the rule is considered a full match.",
"type": "array",
"items": {
"type": "string"
},
"x-go-name": "MatchesMethods"
},
"matchesUrl": {
"description": "MatchesURL is a regular expression of paths this rule matches.",
"description": "This field represents the URL pattern this rule matches. When ORY Oathkeeper searches for rules\nto decide what to do with an incoming request to the proxy server, it compares the full request URL\n(e.g. https://mydomain.com/api/resource) without query parameters of the incoming\nrequest with this field. If a match is found, the rule is considered a partial match.\nIf the matchesMethods field is satisfied as well, the rule is considered a full match.\n\nYou can use regular expressions in this field to match more than one url. Regular expressions are encapsulated in\nbrackets \u003c and \u003e. The following example matches all paths of the domain `mydomain.com`: `https://mydomain.com/\u003c.*\u003e`.\n\nFor more information refer to: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules",
"type": "string",
"x-go-name": "MatchesURL"
},
"passThroughModeEnabled": {
"description": "PassThroughModeEnabled if set true disables firewall capabilities.",
"description": "If set to true, any authorization logic is completely disabled and the Authorization header is not changed at all.\nThis is useful if you have an endpoint that has it's own authorization logic, for example using basic authorization.\nIf set to true, this setting overrides `basicAuthorizationModeEnabled` and `allowAnonymousModeEnabled`.",
"type": "boolean",
"x-go-name": "PassThroughModeEnabled"
},
"requiredAction": {
"description": "RequiredScopes is the action this rule requires.",
"description": "This field will be used to decide advanced authorization requests where access control policies are used. A\naction is typically something a user wants to do (e.g. write, read, delete).\nThis field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules",
"type": "string",
"x-go-name": "RequiredAction"
},
"requiredResource": {
"description": "RequiredScopes is the resource this rule requires.",
"description": "This field will be used to decide advanced authorization requests where access control policies are used. A\nresource is typically something a user wants to access (e.g. printer, article, virtual machine).\nThis field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules",
"type": "string",
"x-go-name": "RequiredResource"
},
"requiredScopes": {
"description": "RequiredScopes is a list of scopes that are required by this rule.",
"description": "An array of OAuth 2.0 scopes that are required when accessing an endpoint protected by this rule.\nIf the token used in the Authorization header did not request that specific scope, the request is denied.",
"type": "array",
"items": {
"type": "string"
62 changes: 45 additions & 17 deletions rule/doc.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
// package rule encapsulates rule management logic as well as rule matching logic.
// Package rule implements management capabilities for rules
//
// A rule is used to decide what to do with requests that are hitting the ORY Oathkeeper proxy server. A rule must
// define the HTTP methods and the URL under which it will apply. A URL may not have more than one rule. If a URL
// has no rule applied, the proxy server will return a 404 not found error.
//
// ORY Oathkeeper stores as many rules as required and iterates through them on every request. Rules are essential
// to the way ORY Oathkeeper works. To read more on rules, please refer to the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
package rule

// A rule
@@ -44,33 +49,56 @@ type swaggerCreateRuleParameters struct {
// A rule
// swagger:model rule
type jsonRule struct {
// ID the a unique id of a rule.
// The ID is the unique id of the rule. It can be at most 190 characters long, but the layout of the ID is up to you.
// You will need this ID later on to update or delete the rule.
ID string `json:"id" db:"id"`

// MatchesMethods is a list of HTTP methods that this rule matches.
// A human readable description of this rule.
Description string `json:"description"`

// An array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules
// to decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming
// request with the HTTP methods of each rules. If a match is found, the rule is considered a partial match.
// If the matchesUrl field is satisfied as well, the rule is considered a full match.
MatchesMethods []string `json:"matchesMethods"`

// MatchesURL is a regular expression of paths this rule matches.
// This field represents the URL pattern this rule matches. When ORY Oathkeeper searches for rules
// to decide what to do with an incoming request to the proxy server, it compares the full request URL
// (e.g. https://mydomain.com/api/resource) without query parameters of the incoming
// request with this field. If a match is found, the rule is considered a partial match.
// If the matchesMethods field is satisfied as well, the rule is considered a full match.
//
// You can use regular expressions in this field to match more than one url. Regular expressions are encapsulated in
// brackets < and >. The following example matches all paths of the domain `mydomain.com`: `https://mydomain.com/<.*>`.
//
// For more information refer to: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
MatchesURL string `json:"matchesUrl"`

// RequiredScopes is a list of scopes that are required by this rule.
// An array of OAuth 2.0 scopes that are required when accessing an endpoint protected by this rule.
// If the token used in the Authorization header did not request that specific scope, the request is denied.
RequiredScopes []string `json:"requiredScopes"`

// RequiredScopes is the action this rule requires.
RequiredAction string `json:"requiredAction"`

// RequiredScopes is the resource this rule requires.
RequiredResource string `json:"requiredResource"`
// If set to true, any authorization logic is completely disabled and the Authorization header is not changed at all.
// This is useful if you have an endpoint that has it's own authorization logic, for example using basic authorization.
// If set to true, this setting overrides `basicAuthorizationModeEnabled` and `allowAnonymousModeEnabled`.
PassThroughModeEnabled bool `json:"passThroughModeEnabled"`

// AllowAnonymousModeEnabled sets if the endpoint is public, thus not needing any authorization at all.
// If set to true, the protected endpoint is available to anonymous users. That means that the endpoint is accessible
// without having a valid access token. This setting overrides `basicAuthorizationModeEnabled`.
AllowAnonymousModeEnabled bool `json:"allowAnonymousModeEnabled"`

// Description describes the rule.
Description string `json:"description"`
// If set to true, disables checks against ORY Hydra's Warden API and uses basic authorization. This means that
// the access token is validated (e.g. checking if it is expired, check if it claimed the necessary scopes)
// but does not use the `requiredAction` and `requiredResource` fields for advanced access control.
BasicAuthorizationModeEnabled bool `json:"basicAuthorizationModeEnabled"`

// PassThroughModeEnabled if set true disables firewall capabilities.
PassThroughModeEnabled bool `json:"passThroughModeEnabled"`
// This field will be used to decide advanced authorization requests where access control policies are used. A
// action is typically something a user wants to do (e.g. write, read, delete).
// This field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
RequiredAction string `json:"requiredAction"`

// BasicAuthorizationModeEnabled if set true disables checking access control policies.
BasicAuthorizationModeEnabled bool `json:"basicAuthorizationModeEnabled"`
// This field will be used to decide advanced authorization requests where access control policies are used. A
// resource is typically something a user wants to access (e.g. printer, article, virtual machine).
// This field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
RequiredResource string `json:"requiredResource"`
}
12 changes: 11 additions & 1 deletion rule/handler.go
Original file line number Diff line number Diff line change
@@ -65,6 +65,9 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa
//
// List all rules
//
// This method returns an array of all rules that are stored in the backend. This is useful if you want to get a full
// view of what rules you have currently in place.
//
// Consumes:
// - application/json
//
@@ -95,7 +98,9 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, _ httprouter.Para

// swagger:route GET /rules/{id} rule getRule
//
// Get a rule
// Retrieve a rule
//
// Use this method to retrieve a rule from the storage. If it does not exist you will receive a 404 error.
//
// Consumes:
// - application/json
@@ -128,6 +133,9 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Para
//
// Update a rule
//
// Use this method to update a rule. Keep in mind that you need to send the full rule payload as this endpoint does
// not support patching.
//
// Consumes:
// - application/json
//
@@ -162,6 +170,8 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request, ps httprouter.P
//
// Delete a rule
//
// Use this endpoint to delete a rule.
//
// Consumes:
// - application/json
//
7 changes: 5 additions & 2 deletions rule/rule.go
Original file line number Diff line number Diff line change
@@ -10,10 +10,13 @@ import (

// Rule is a single rule that will get checked on every HTTP request.
type Rule struct {
// ID the a unique id of a rule.
// ID is the unique id of the rule. It can be at most 190 characters long, but the layout of the ID is up to you.
// You will need this ID later on to update or delete the rule.
ID string

// MatchesMethods is a list of HTTP methods that this rule matches.
// MatchesMethods as an array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules
// to decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming
// request with the HTTP methods of each rules. If a match is found, the rule is considered a partial match.
MatchesMethods []string

// MatchesURLCompiled is a regular expression of paths this rule matches.
10 changes: 5 additions & 5 deletions sdk/go/oathkeepersdk/swagger/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Go API client for swagger

Oathkeeper
ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper

## Overview
This API client was generated by the [swagger-codegen](https://github.com/swagger-api/swagger-codegen) project. By using the [swagger-spec](https://github.com/swagger-api/swagger-spec) from a remote server, you can easily generate an API client.
@@ -23,10 +23,10 @@ All URIs are relative to *http://localhost*
Class | Method | HTTP request | Description
------------ | ------------- | ------------- | -------------
*RuleApi* | [**CreateRule**](docs/RuleApi.md#createrule) | **Post** /rules |
*RuleApi* | [**DeleteRule**](docs/RuleApi.md#deleterule) | **Delete** /rules/{id} |
*RuleApi* | [**GetRule**](docs/RuleApi.md#getrule) | **Get** /rules/{id} |
*RuleApi* | [**ListRules**](docs/RuleApi.md#listrules) | **Get** /rules |
*RuleApi* | [**UpdateRule**](docs/RuleApi.md#updaterule) | **Put** /rules/{id} |
*RuleApi* | [**DeleteRule**](docs/RuleApi.md#deleterule) | **Delete** /rules/{id} | Delete a rule
*RuleApi* | [**GetRule**](docs/RuleApi.md#getrule) | **Get** /rules/{id} | Retrieve a rule
*RuleApi* | [**ListRules**](docs/RuleApi.md#listrules) | **Get** /rules | List all rules
*RuleApi* | [**UpdateRule**](docs/RuleApi.md#updaterule) | **Put** /rules/{id} | Update a rule


## Documentation For Models
4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/api_client.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/api_response.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/configuration.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
20 changes: 10 additions & 10 deletions sdk/go/oathkeepersdk/swagger/docs/Rule.md
Original file line number Diff line number Diff line change
@@ -3,16 +3,16 @@
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**AllowAnonymousModeEnabled** | **bool** | AllowAnonymousModeEnabled sets if the endpoint is public, thus not needing any authorization at all. | [optional] [default to null]
**BasicAuthorizationModeEnabled** | **bool** | BasicAuthorizationModeEnabled if set true disables checking access control policies. | [optional] [default to null]
**Description** | **string** | Description describes the rule. | [optional] [default to null]
**Id** | **string** | ID the a unique id of a rule. | [optional] [default to null]
**MatchesMethods** | **[]string** | MatchesMethods is a list of HTTP methods that this rule matches. | [optional] [default to null]
**MatchesUrl** | **string** | MatchesURL is a regular expression of paths this rule matches. | [optional] [default to null]
**PassThroughModeEnabled** | **bool** | PassThroughModeEnabled if set true disables firewall capabilities. | [optional] [default to null]
**RequiredAction** | **string** | RequiredScopes is the action this rule requires. | [optional] [default to null]
**RequiredResource** | **string** | RequiredScopes is the resource this rule requires. | [optional] [default to null]
**RequiredScopes** | **[]string** | RequiredScopes is a list of scopes that are required by this rule. | [optional] [default to null]
**AllowAnonymousModeEnabled** | **bool** | If set to true, the protected endpoint is available to anonymous users. That means that the endpoint is accessible without having a valid access token. This setting overrides &#x60;basicAuthorizationModeEnabled&#x60;. | [optional] [default to null]
**BasicAuthorizationModeEnabled** | **bool** | If set to true, disables checks against ORY Hydra&#39;s Warden API and uses basic authorization. This means that the access token is validated (e.g. checking if it is expired, check if it claimed the necessary scopes) but does not use the &#x60;requiredAction&#x60; and &#x60;requiredResource&#x60; fields for advanced access control. | [optional] [default to null]
**Description** | **string** | A human readable description of this rule. | [optional] [default to null]
**Id** | **string** | The ID is the unique id of the rule. It can be at most 190 characters long, but the layout of the ID is up to you. You will need this ID later on to update or delete the rule. | [optional] [default to null]
**MatchesMethods** | **[]string** | An array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming request with the HTTP methods of each rules. If a match is found, the rule is considered a partial match. If the matchesUrl field is satisfied as well, the rule is considered a full match. | [optional] [default to null]
**MatchesUrl** | **string** | This field represents the URL pattern this rule matches. When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the full request URL (e.g. https://mydomain.com/api/resource) without query parameters of the incoming request with this field. If a match is found, the rule is considered a partial match. If the matchesMethods field is satisfied as well, the rule is considered a full match. You can use regular expressions in this field to match more than one url. Regular expressions are encapsulated in brackets &lt; and &gt;. The following example matches all paths of the domain &#x60;mydomain.com&#x60;: &#x60;https://mydomain.com/&lt;.*&gt;&#x60;. For more information refer to: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules | [optional] [default to null]
**PassThroughModeEnabled** | **bool** | If set to true, any authorization logic is completely disabled and the Authorization header is not changed at all. This is useful if you have an endpoint that has it&#39;s own authorization logic, for example using basic authorization. If set to true, this setting overrides &#x60;basicAuthorizationModeEnabled&#x60; and &#x60;allowAnonymousModeEnabled&#x60;. | [optional] [default to null]
**RequiredAction** | **string** | This field will be used to decide advanced authorization requests where access control policies are used. A action is typically something a user wants to do (e.g. write, read, delete). This field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules | [optional] [default to null]
**RequiredResource** | **string** | This field will be used to decide advanced authorization requests where access control policies are used. A resource is typically something a user wants to access (e.g. printer, article, virtual machine). This field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules | [optional] [default to null]
**RequiredScopes** | **[]string** | An array of OAuth 2.0 scopes that are required when accessing an endpoint protected by this rule. If the token used in the Authorization header did not request that specific scope, the request is denied. | [optional] [default to null]

[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)

24 changes: 12 additions & 12 deletions sdk/go/oathkeepersdk/swagger/docs/RuleApi.md
Original file line number Diff line number Diff line change
@@ -5,10 +5,10 @@ All URIs are relative to *http://localhost*
Method | HTTP request | Description
------------- | ------------- | -------------
[**CreateRule**](RuleApi.md#CreateRule) | **Post** /rules |
[**DeleteRule**](RuleApi.md#DeleteRule) | **Delete** /rules/{id} |
[**GetRule**](RuleApi.md#GetRule) | **Get** /rules/{id} |
[**ListRules**](RuleApi.md#ListRules) | **Get** /rules |
[**UpdateRule**](RuleApi.md#UpdateRule) | **Put** /rules/{id} |
[**DeleteRule**](RuleApi.md#DeleteRule) | **Delete** /rules/{id} | Delete a rule
[**GetRule**](RuleApi.md#GetRule) | **Get** /rules/{id} | Retrieve a rule
[**ListRules**](RuleApi.md#ListRules) | **Get** /rules | List all rules
[**UpdateRule**](RuleApi.md#UpdateRule) | **Put** /rules/{id} | Update a rule


# **CreateRule**
@@ -43,10 +43,10 @@ No authorization required
# **DeleteRule**
> DeleteRule($id)


Delete a rule

Use this endpoint to delete a rule.


### Parameters

@@ -72,9 +72,9 @@ No authorization required
# **GetRule**
> Rule GetRule($id)
Retrieve a rule


Get a rule
Use this method to retrieve a rule from the storage. If it does not exist you will receive a 404 error.


### Parameters
@@ -101,10 +101,10 @@ No authorization required
# **ListRules**
> []Rule ListRules()


List all rules

This method returns an array of all rules that are stored in the backend. This is useful if you want to get a full view of what rules you have currently in place.


### Parameters
This endpoint does not need any parameter.
@@ -127,10 +127,10 @@ No authorization required
# **UpdateRule**
> Rule UpdateRule($id, $body)


Update a rule

Use this method to update a rule. Keep in mind that you need to send the full rule payload as this endpoint does not support patching.


### Parameters

4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/inline_response_401.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
24 changes: 12 additions & 12 deletions sdk/go/oathkeepersdk/swagger/rule.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
@@ -13,33 +13,33 @@ package swagger
// A rule
type Rule struct {

// AllowAnonymousModeEnabled sets if the endpoint is public, thus not needing any authorization at all.
// If set to true, the protected endpoint is available to anonymous users. That means that the endpoint is accessible without having a valid access token. This setting overrides `basicAuthorizationModeEnabled`.
AllowAnonymousModeEnabled bool `json:"allowAnonymousModeEnabled,omitempty"`

// BasicAuthorizationModeEnabled if set true disables checking access control policies.
// If set to true, disables checks against ORY Hydra's Warden API and uses basic authorization. This means that the access token is validated (e.g. checking if it is expired, check if it claimed the necessary scopes) but does not use the `requiredAction` and `requiredResource` fields for advanced access control.
BasicAuthorizationModeEnabled bool `json:"basicAuthorizationModeEnabled,omitempty"`

// Description describes the rule.
// A human readable description of this rule.
Description string `json:"description,omitempty"`

// ID the a unique id of a rule.
// The ID is the unique id of the rule. It can be at most 190 characters long, but the layout of the ID is up to you. You will need this ID later on to update or delete the rule.
Id string `json:"id,omitempty"`

// MatchesMethods is a list of HTTP methods that this rule matches.
// An array of HTTP methods (e.g. GET, POST, PUT, DELETE, ...). When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the HTTP method of the incoming request with the HTTP methods of each rules. If a match is found, the rule is considered a partial match. If the matchesUrl field is satisfied as well, the rule is considered a full match.
MatchesMethods []string `json:"matchesMethods,omitempty"`

// MatchesURL is a regular expression of paths this rule matches.
// This field represents the URL pattern this rule matches. When ORY Oathkeeper searches for rules to decide what to do with an incoming request to the proxy server, it compares the full request URL (e.g. https://mydomain.com/api/resource) without query parameters of the incoming request with this field. If a match is found, the rule is considered a partial match. If the matchesMethods field is satisfied as well, the rule is considered a full match. You can use regular expressions in this field to match more than one url. Regular expressions are encapsulated in brackets < and >. The following example matches all paths of the domain `mydomain.com`: `https://mydomain.com/<.*>`. For more information refer to: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
MatchesUrl string `json:"matchesUrl,omitempty"`

// PassThroughModeEnabled if set true disables firewall capabilities.
// If set to true, any authorization logic is completely disabled and the Authorization header is not changed at all. This is useful if you have an endpoint that has it's own authorization logic, for example using basic authorization. If set to true, this setting overrides `basicAuthorizationModeEnabled` and `allowAnonymousModeEnabled`.
PassThroughModeEnabled bool `json:"passThroughModeEnabled,omitempty"`

// RequiredScopes is the action this rule requires.
// This field will be used to decide advanced authorization requests where access control policies are used. A action is typically something a user wants to do (e.g. write, read, delete). This field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
RequiredAction string `json:"requiredAction,omitempty"`

// RequiredScopes is the resource this rule requires.
// This field will be used to decide advanced authorization requests where access control policies are used. A resource is typically something a user wants to access (e.g. printer, article, virtual machine). This field supports expansion as described in the developer guide: https://ory.gitbooks.io/oathkeeper/content/concepts.html#rules
RequiredResource string `json:"requiredResource,omitempty"`

// RequiredScopes is a list of scopes that are required by this rule.
// An array of OAuth 2.0 scopes that are required when accessing an endpoint protected by this rule. If the token used in the Authorization header did not request that specific scope, the request is denied.
RequiredScopes []string `json:"requiredScopes,omitempty"`
}
14 changes: 7 additions & 7 deletions sdk/go/oathkeepersdk/swagger/rule_api.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
@@ -100,8 +100,8 @@ func (a RuleApi) CreateRule(body Rule) (*Rule, *APIResponse, error) {
}

/**
*
* Delete a rule
* Use this endpoint to delete a rule.
*
* @param id
* @return void
@@ -159,8 +159,8 @@ func (a RuleApi) DeleteRule(id string) (*APIResponse, error) {
}

/**
*
* Get a rule
* Retrieve a rule
* Use this method to retrieve a rule from the storage. If it does not exist you will receive a 404 error.
*
* @param id
* @return *Rule
@@ -220,8 +220,8 @@ func (a RuleApi) GetRule(id string) (*Rule, *APIResponse, error) {
}

/**
*
* List all rules
* This method returns an array of all rules that are stored in the backend. This is useful if you want to get a full view of what rules you have currently in place.
*
* @return []Rule
*/
@@ -279,8 +279,8 @@ func (a RuleApi) ListRules() ([]Rule, *APIResponse, error) {
}

/**
*
* Update a rule
* Use this method to update a rule. Keep in mind that you need to send the full rule payload as this endpoint does not support patching.
*
* @param id
* @param body
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/swagger_get_rule_parameters.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/swagger_rule_response.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
4 changes: 2 additions & 2 deletions sdk/go/oathkeepersdk/swagger/swagger_rules_response.go
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
/*
* Oathkeeper
* ORY Oathkeeper
*
* Oathkeeper
* ORY Oathkeeper is a reverse proxy that checks the HTTP Authorization for validity against a set of rules. This service uses Hydra to validate access tokens and policies. Oathkeeper
*
* OpenAPI spec version: Latest
* Contact: hi@ory.am

0 comments on commit 8f16a9b

Please sign in to comment.