Skip to content

docs: add dynamic client registration code example for golang #855

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jun 17, 2022
Merged

docs: add dynamic client registration code example for golang #855

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7d9f1ab
docs: add dynamic client registration code example for golang
aeneasr Jun 8, 2022
d0fb973
u
aeneasr Jun 8, 2022
f80db80
fix: remove obsolete page
aeneasr Jun 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
126 changes: 126 additions & 0 deletions docs/hydra/guides/openid-connect-dynamic-client-registration.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,39 @@ Enabling this feature will add listeners to the following four routes at the pub

If OpenID Connect Dynamic Client Registration is enabled, registering a new OAuth2 Client is as simple as:

````mdx-code-block
import Tabs from '@theme/Tabs'
import TabItem from '@theme/TabItem'

<Tabs
defaultValue="go"
values={[
{label: 'Go', value: 'go'},
{label: 'HTTP', value: 'http'},
]}>
<TabItem value="go">

```go
import ory "github.com/ory/client-go"

func newSDK(port int, host string) *ory.APIClient {
conf := ory.NewConfiguration()
conf.Servers = ory.ServerConfigurations{ory.ServerConfiguration{URL: "https://<slug>.projects.oryapis.com"}}
return ory.NewAPIClient(conf)
}

func createDynamicClient() (*ory.OAuth2Client, error) {
c, _, err := newSDK().V0Alpha2.
DynamicClientRegistrationCreateOAuth2Client(context.Background()).
OAuth2Client(ory.OAuth2Client{ /* ClientName: "..." */ }).Execute()
return c, err
}
```

</TabItem>
<TabItem value="http">

```shell
POST /oauth2/register
Content-Type: application/json

Expand All @@ -44,6 +76,10 @@ Content-Type: application/json
}
```

</TabItem>
</Tabs>
````

:::note

The `registration_access_token` will only be sent once! You need to store this token in a secure location. This token will be used
Expand All @@ -62,7 +98,37 @@ also not be read using OpenID Connect Dynamic Client Registration endpoints!
The `POST` endpoint requires the client to authenticate with the `registration_access_token` regardless of the
`token_endpoint_auth_method`. It can be used to update the OAuth2 Client.

````mdx-code-block
<Tabs
defaultValue="go"
values={[
{label: 'Go', value: 'go'},
{label: 'HTTP', value: 'http'},
]}>
<TabItem value="go">

```go
// ...
func updateDynamicClient(client *ory.OAuth2Client) (*ory.OAuth2Client, error) {
c, _, err := newSDK(publicPort, host).V0Alpha2.
DynamicClientRegistrationUpdateOAuth2Client(
context.WithValue(context.Background(), hydra.ContextAccessToken, *client.RegistrationAccessToken),
*client.ClientId,
).
OAuth2Client(*client).
Execute()

// Don't forget to store the update `registration_access_token`!
// newToken := *c.RegistrationAccessToken

return c, err
}
```

</TabItem>
<TabItem value="http">

```shell
PUT /oauth2/register/{client_id}
Authorization: Bearer <registration_access_token>
Content-Type: application/json
Expand All @@ -73,6 +139,10 @@ Content-Type: application/json
}
```

</TabItem>
</Tabs>
````

The response will include the updated OAuth2 Client.

:::note
Expand All @@ -94,7 +164,31 @@ When updating the OAuth2 Client, the server will respond with a new registration
The `GET` endpoint requires the client to authenticate with the `registration_access_token` regardless of the
`token_endpoint_auth_method`. It can be used to retrieve the OAuth2 Client.

````mdx-code-block
<Tabs
defaultValue="go"
values={[
{label: 'Go', value: 'go'},
{label: 'HTTP', value: 'http'},
]}>
<TabItem value="go">

```go
// ...
func getDynamicClient(client *ory.OAuth2Client) (*ory.OAuth2Client, error) {
c, _, err := newSDK(publicPort, host).V0Alpha2.
DynamicClientRegistrationGetOAuth2Client(
context.WithValue(context.Background(), hydra.ContextAccessToken, *client.RegistrationAccessToken),
*client.ClientId,
).Execute()
return c, err
}
```

</TabItem>
<TabItem value="http">

```shell
GET /oauth2/register/{client_id}
Authorization: Bearer <registration_access_token>
Content-Type: application/json
Expand All @@ -105,12 +199,44 @@ Content-Type: application/json
}
```

</TabItem>
</Tabs>
````

## Delete OAuth2 & OpenID Connect Clients

The `DELETE` endpoint requires the client to authenticate with the `registration_access_token` regardless of the
`token_endpoint_auth_method`. It can be used to delete the OAuth2 Client.

````mdx-code-block
<Tabs
defaultValue="go"
values={[
{label: 'Go', value: 'go'},
{label: 'HTTP', value: 'http'},
]}>
<TabItem value="go">

```go
// ...
func deleteDynamicClient(client *ory.OAuth2Client) (error) {
_, err := newSDK(publicPort, host).V0Alpha2.
DynamicClientRegistrationDeleteOAuth2Client(
context.WithValue(context.Background(), hydra.ContextAccessToken, *client.RegistrationAccessToken),
*client.ClientId,
).Execute()
return err
}
```

</TabItem>
<TabItem value="http">

```shell
DELETE /oauth2/register/{client_id}
Authorization: Bearer <registration_access_token>
```

</TabItem>
</Tabs>
````