-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
/
clients_create.go
70 lines (62 loc) · 4.3 KB
/
clients_create.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
/*
* Copyright © 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* @author Aeneas Rekkas <aeneas+oss@aeneas.io>
* @copyright 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
* @license Apache-2.0
*/
package cmd
import (
"github.com/spf13/cobra"
)
// createCmd represents the create command
var clientsCreateCmd = &cobra.Command{
Use: "create",
Short: "Create a new OAuth 2.0 Client",
Long: `This command creates an OAuth 2.0 Client which can be used to perform various OAuth 2.0 Flows like
the Authorize Code, Implicit, Refresh flow.
ORY Hydra implements the OpenID Connect Dynamic Client registration specification. Most flags are supported by this command
as well.
Example:
hydra clients create -n "my app" -c http://localhost/cb -g authorization_code -r code -a core,foobar
To encrypt auto generated client secret, use "--pgp-key", "--pgp-key-url" or "--keybase" flag, for example:
hydra clients create -n "my app" -g client_credentials -r token -a core,foobar --keybase keybase_username
`,
Run: cmdHandler.Clients.CreateClient,
}
func init() {
clientsCmd.AddCommand(clientsCreateCmd)
clientsCreateCmd.Flags().String("id", "", "Give the client this id")
clientsCreateCmd.Flags().StringSliceP("callbacks", "c", []string{}, "REQUIRED list of allowed callback URLs")
clientsCreateCmd.Flags().StringSliceP("grant-types", "g", []string{"authorization_code"}, "A list of allowed grant types")
clientsCreateCmd.Flags().StringSliceP("response-types", "r", []string{"code"}, "A list of allowed response types")
clientsCreateCmd.Flags().StringSliceP("scope", "a", []string{""}, "The scope the client is allowed to request")
clientsCreateCmd.Flags().StringSlice("audience", []string{}, "The audience this client is allowed to request")
clientsCreateCmd.Flags().String("token-endpoint-auth-method", "client_secret_basic", "Define which authentication method the client may use at the Token Endpoint. Valid values are \"client_secret_post\", \"client_secret_basic\", \"private_key_jwt\", and \"none\"")
clientsCreateCmd.Flags().String("jwks-uri", "", "Define the URL where the JSON Web Key Set should be fetched from when performing the \"private_key_jwt\" client authentication method")
clientsCreateCmd.Flags().String("policy-uri", "", "A URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data")
clientsCreateCmd.Flags().String("tos-uri", "", "A URL string that points to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client")
clientsCreateCmd.Flags().String("client-uri", "", "A URL string of a web page providing information about the client")
clientsCreateCmd.Flags().String("logo-uri", "", "A URL string that references a logo for the client")
clientsCreateCmd.Flags().StringSlice("allowed-cors-origins", []string{}, "The list of URLs allowed to make CORS requests. Requires CORS_ENABLED.")
clientsCreateCmd.Flags().String("subject-type", "public", "A identifier algorithm. Valid values are \"public\" and \"pairwise\"")
clientsCreateCmd.Flags().String("secret", "", "Provide the client's secret")
clientsCreateCmd.Flags().StringP("name", "n", "", "The client's name")
clientsCreateCmd.Flags().StringSlice("post-logout-callbacks", []string{}, "List of allowed URLs to be redirected to after a logout")
// encrypt client secret options
clientsCreateCmd.Flags().String("pgp-key", "", "Base64 encoded PGP encryption key for encrypting client secret")
clientsCreateCmd.Flags().String("pgp-key-url", "", "PGP encryption key URL for encrypting client secret")
clientsCreateCmd.Flags().String("keybase", "", "Keybase username for encrypting client secret")
}