ory-hydra-client-2.0.3: Auto-generated ory-hydra-client API Client
Safe HaskellSafe-Inferred
LanguageHaskell2010

OryHydra.Model

Description

 
Synopsis

Parameter newtypes

All

newtype All Source #

Constructors

All 

Fields

Instances

Instances details
Show All Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> All -> ShowS #

show :: All -> String #

showList :: [All] -> ShowS #

Eq All Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: All -> All -> Bool #

(/=) :: All -> All -> Bool #

HasOptionalParam RevokeOAuth2ConsentSessions All Source #

Optional Param "all" - Revoke All Consent Sessions If set to true deletes all consent sessions by the Subject that have been granted.

Instance details

Defined in OryHydra.API.OAuth2

Client

newtype Client Source #

Constructors

Client 

Fields

Instances

Instances details
Show Client Source # 
Instance details

Defined in OryHydra.Model

Eq Client Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Client -> Client -> Bool #

(/=) :: Client -> Client -> Bool #

HasOptionalParam RevokeOAuth2ConsentSessions Client Source #

Optional Param "client" - OAuth 2.0 Client ID If set, deletes only those consent sessions that have been granted to the specified OAuth 2.0 Client ID.

Instance details

Defined in OryHydra.API.OAuth2

ClientId

newtype ClientId Source #

Constructors

ClientId 

Fields

Instances

Instances details
Show ClientId Source # 
Instance details

Defined in OryHydra.Model

Eq ClientId Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam Oauth2TokenExchange ClientId Source # 
Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest Oauth2TokenExchange contentType res accept -> ClientId -> OryHydraRequest Oauth2TokenExchange contentType res accept Source #

(-&-) :: OryHydraRequest Oauth2TokenExchange contentType res accept -> ClientId -> OryHydraRequest Oauth2TokenExchange contentType res accept Source #

HasOptionalParam RevokeOAuth2Token ClientId Source # 
Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientId -> OryHydraRequest RevokeOAuth2Token contentType res accept Source #

(-&-) :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientId -> OryHydraRequest RevokeOAuth2Token contentType res accept Source #

ClientName

newtype ClientName Source #

Constructors

ClientName 

Fields

Instances

Instances details
Show ClientName Source # 
Instance details

Defined in OryHydra.Model

Eq ClientName Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam ListOAuth2Clients ClientName Source #

Optional Param "client_name" - The name of the clients to filter by.

Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest ListOAuth2Clients contentType res accept -> ClientName -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

(-&-) :: OryHydraRequest ListOAuth2Clients contentType res accept -> ClientName -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

ClientSecret

newtype ClientSecret Source #

Constructors

ClientSecret 

Fields

Instances

Instances details
Show ClientSecret Source # 
Instance details

Defined in OryHydra.Model

Eq ClientSecret Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam RevokeOAuth2Token ClientSecret Source # 
Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientSecret -> OryHydraRequest RevokeOAuth2Token contentType res accept Source #

(-&-) :: OryHydraRequest RevokeOAuth2Token contentType res accept -> ClientSecret -> OryHydraRequest RevokeOAuth2Token contentType res accept Source #

Code

newtype Code Source #

Constructors

Code 

Fields

Instances

Instances details
Show Code Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Code -> ShowS #

show :: Code -> String #

showList :: [Code] -> ShowS #

Eq Code Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Code -> Code -> Bool #

(/=) :: Code -> Code -> Bool #

HasOptionalParam Oauth2TokenExchange Code Source # 
Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest Oauth2TokenExchange contentType res accept -> Code -> OryHydraRequest Oauth2TokenExchange contentType res accept Source #

(-&-) :: OryHydraRequest Oauth2TokenExchange contentType res accept -> Code -> OryHydraRequest Oauth2TokenExchange contentType res accept Source #

ConsentChallenge

DefaultItems

GrantType

newtype GrantType Source #

Constructors

GrantType 

Fields

Instances

Instances details
Show GrantType Source # 
Instance details

Defined in OryHydra.Model

Eq GrantType Source # 
Instance details

Defined in OryHydra.Model

Id

newtype Id Source #

Constructors

Id 

Fields

Instances

Instances details
Show Id Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Id -> ShowS #

show :: Id -> String #

showList :: [Id] -> ShowS #

Eq Id Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Id -> Id -> Bool #

(/=) :: Id -> Id -> Bool #

Issuer

newtype Issuer Source #

Constructors

Issuer 

Fields

Instances

Instances details
Show Issuer Source # 
Instance details

Defined in OryHydra.Model

Eq Issuer Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Issuer -> Issuer -> Bool #

(/=) :: Issuer -> Issuer -> Bool #

HasOptionalParam ListTrustedOAuth2JwtGrantIssuers Issuer Source #

Optional Param "issuer" - If optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned.

Instance details

Defined in OryHydra.API.OAuth2

JsonPatch2

newtype JsonPatch2 Source #

Constructors

JsonPatch2 

Fields

Instances

Instances details
ToJSON JsonPatch2 Source # 
Instance details

Defined in OryHydra.Model

Show JsonPatch2 Source # 
Instance details

Defined in OryHydra.Model

Eq JsonPatch2 Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam PatchOAuth2Client JsonPatch2 Source #

Body Param JsonPatch - OAuth 2.0 Client JSON Patch Body

Instance details

Defined in OryHydra.API.OAuth2

Methods

setBodyParam :: (Consumes PatchOAuth2Client contentType, MimeRender contentType JsonPatch2) => OryHydraRequest PatchOAuth2Client contentType res accept -> JsonPatch2 -> OryHydraRequest PatchOAuth2Client contentType res accept Source #

Kid

newtype Kid Source #

Constructors

Kid 

Fields

Instances

Instances details
Show Kid Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Kid -> ShowS #

show :: Kid -> String #

showList :: [Kid] -> ShowS #

Eq Kid Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Kid -> Kid -> Bool #

(/=) :: Kid -> Kid -> Bool #

LoginChallenge

newtype LoginChallenge Source #

Constructors

LoginChallenge 

Instances

Instances details
Show LoginChallenge Source # 
Instance details

Defined in OryHydra.Model

Eq LoginChallenge Source # 
Instance details

Defined in OryHydra.Model

LoginSessionId

newtype LoginSessionId Source #

Constructors

LoginSessionId 

Instances

Instances details
Show LoginSessionId Source # 
Instance details

Defined in OryHydra.Model

Eq LoginSessionId Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam ListOAuth2ConsentSessions LoginSessionId Source #

Optional Param "login_session_id" - The login session id to list the consent sessions for.

Instance details

Defined in OryHydra.API.OAuth2

LogoutChallenge

newtype LogoutChallenge Source #

Constructors

LogoutChallenge 

Instances

Instances details
Show LogoutChallenge Source # 
Instance details

Defined in OryHydra.Model

Eq LogoutChallenge Source # 
Instance details

Defined in OryHydra.Model

MaxItems

newtype MaxItems Source #

Constructors

MaxItems 

Fields

Owner

newtype Owner Source #

Constructors

Owner 

Fields

Instances

Instances details
Show Owner Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Owner -> ShowS #

show :: Owner -> String #

showList :: [Owner] -> ShowS #

Eq Owner Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Owner -> Owner -> Bool #

(/=) :: Owner -> Owner -> Bool #

HasOptionalParam ListOAuth2Clients Owner Source #

Optional Param "owner" - The owner of the clients to filter by.

Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest ListOAuth2Clients contentType res accept -> Owner -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

(-&-) :: OryHydraRequest ListOAuth2Clients contentType res accept -> Owner -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

PageSize

newtype PageSize Source #

Constructors

PageSize 

Fields

Instances

Instances details
Show PageSize Source # 
Instance details

Defined in OryHydra.Model

Eq PageSize Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam ListOAuth2Clients PageSize Source #

Optional Param "page_size" - Items per Page This is the number of items per page to return. For details on pagination please head over to the pagination documentation.

Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest ListOAuth2Clients contentType res accept -> PageSize -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

(-&-) :: OryHydraRequest ListOAuth2Clients contentType res accept -> PageSize -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

HasOptionalParam ListOAuth2ConsentSessions PageSize Source #

Optional Param "page_size" - Items per Page This is the number of items per page to return. For details on pagination please head over to the pagination documentation.

Instance details

Defined in OryHydra.API.OAuth2

PageToken

newtype PageToken Source #

Constructors

PageToken 

Fields

Instances

Instances details
Show PageToken Source # 
Instance details

Defined in OryHydra.Model

Eq PageToken Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam ListOAuth2Clients PageToken Source #

Optional Param "page_token" - Next Page Token The next page token. For details on pagination please head over to the pagination documentation.

Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest ListOAuth2Clients contentType res accept -> PageToken -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

(-&-) :: OryHydraRequest ListOAuth2Clients contentType res accept -> PageToken -> OryHydraRequest ListOAuth2Clients contentType res accept Source #

HasOptionalParam ListOAuth2ConsentSessions PageToken Source #

Optional Param "page_token" - Next Page Token The next page token. For details on pagination please head over to the pagination documentation.

Instance details

Defined in OryHydra.API.OAuth2

RedirectUri

newtype RedirectUri Source #

Constructors

RedirectUri 

Fields

Instances

Instances details
Show RedirectUri Source # 
Instance details

Defined in OryHydra.Model

Eq RedirectUri Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam Oauth2TokenExchange RedirectUri Source # 
Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest Oauth2TokenExchange contentType res accept -> RedirectUri -> OryHydraRequest Oauth2TokenExchange contentType res accept Source #

(-&-) :: OryHydraRequest Oauth2TokenExchange contentType res accept -> RedirectUri -> OryHydraRequest Oauth2TokenExchange contentType res accept Source #

RefreshToken

newtype RefreshToken Source #

Constructors

RefreshToken 

Fields

Instances

Instances details
Show RefreshToken Source # 
Instance details

Defined in OryHydra.Model

Eq RefreshToken Source # 
Instance details

Defined in OryHydra.Model

HasOptionalParam Oauth2TokenExchange RefreshToken Source # 
Instance details

Defined in OryHydra.API.OAuth2

Scope

newtype Scope Source #

Constructors

Scope 

Fields

Instances

Instances details
Show Scope Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Scope -> ShowS #

show :: Scope -> String #

showList :: [Scope] -> ShowS #

Eq Scope Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Scope -> Scope -> Bool #

(/=) :: Scope -> Scope -> Bool #

HasOptionalParam IntrospectOAuth2Token Scope Source #

Optional Param "scope" - An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false.

Instance details

Defined in OryHydra.API.OAuth2

Methods

applyOptionalParam :: OryHydraRequest IntrospectOAuth2Token contentType res accept -> Scope -> OryHydraRequest IntrospectOAuth2Token contentType res accept Source #

(-&-) :: OryHydraRequest IntrospectOAuth2Token contentType res accept -> Scope -> OryHydraRequest IntrospectOAuth2Token contentType res accept Source #

Set

newtype Set Source #

Constructors

Set 

Fields

Instances

Instances details
Show Set Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Set -> ShowS #

show :: Set -> String #

showList :: [Set] -> ShowS #

Eq Set Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Set -> Set -> Bool #

(/=) :: Set -> Set -> Bool #

Subject

newtype Subject Source #

Constructors

Subject 

Fields

Instances

Instances details
Show Subject Source # 
Instance details

Defined in OryHydra.Model

Eq Subject Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Subject -> Subject -> Bool #

(/=) :: Subject -> Subject -> Bool #

Token

newtype Token Source #

Constructors

Token 

Fields

Instances

Instances details
Show Token Source # 
Instance details

Defined in OryHydra.Model

Methods

showsPrec :: Int -> Token -> ShowS #

show :: Token -> String #

showList :: [Token] -> ShowS #

Eq Token Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Token -> Token -> Bool #

(/=) :: Token -> Token -> Bool #

Models

AcceptOAuth2ConsentRequest

data AcceptOAuth2ConsentRequest Source #

AcceptOAuth2ConsentRequest The request payload used to accept a consent request.

Constructors

AcceptOAuth2ConsentRequest 

Fields

Instances

Instances details
FromJSON AcceptOAuth2ConsentRequest Source #

FromJSON AcceptOAuth2ConsentRequest

Instance details

Defined in OryHydra.Model

ToJSON AcceptOAuth2ConsentRequest Source #

ToJSON AcceptOAuth2ConsentRequest

Instance details

Defined in OryHydra.Model

Show AcceptOAuth2ConsentRequest Source # 
Instance details

Defined in OryHydra.Model

Eq AcceptOAuth2ConsentRequest Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam AcceptOAuth2ConsentRequest0 AcceptOAuth2ConsentRequest Source # 
Instance details

Defined in OryHydra.API.OAuth2

mkAcceptOAuth2ConsentRequest :: AcceptOAuth2ConsentRequest Source #

Construct a value of type AcceptOAuth2ConsentRequest (by applying it's required fields, if any)

AcceptOAuth2ConsentRequestSession

data AcceptOAuth2ConsentRequestSession Source #

AcceptOAuth2ConsentRequestSession Pass session data to a consent request.

Constructors

AcceptOAuth2ConsentRequestSession 

Fields

  • acceptOAuth2ConsentRequestSessionAccessToken :: Maybe Value

    "access_token" - AccessToken sets session data for the access and refresh token, as well as any future tokens issued by the refresh grant. Keep in mind that this data will be available to anyone performing OAuth 2.0 Challenge Introspection. If only your services can perform OAuth 2.0 Challenge Introspection, this is usually fine. But if third parties can access that endpoint as well, sensitive data from the session might be exposed to them. Use with care!

  • acceptOAuth2ConsentRequestSessionIdToken :: Maybe Value

    "id_token" - IDToken sets session data for the OpenID Connect ID token. Keep in mind that the session'id payloads are readable by anyone that has access to the ID Challenge. Use with care!

mkAcceptOAuth2ConsentRequestSession :: AcceptOAuth2ConsentRequestSession Source #

Construct a value of type AcceptOAuth2ConsentRequestSession (by applying it's required fields, if any)

AcceptOAuth2LoginRequest

data AcceptOAuth2LoginRequest Source #

AcceptOAuth2LoginRequest HandledLoginRequest is the request payload used to accept a login request.

Constructors

AcceptOAuth2LoginRequest 

Fields

  • acceptOAuth2LoginRequestAcr :: Maybe Text

    "acr" - ACR sets the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it to express that, for example, a user authenticated using two factor authentication.

  • acceptOAuth2LoginRequestAmr :: Maybe [Text]

    "amr"

  • acceptOAuth2LoginRequestContext :: Maybe Value

    "context"

  • acceptOAuth2LoginRequestForceSubjectIdentifier :: Maybe Text

    "force_subject_identifier" - ForceSubjectIdentifier forces the "pairwise" user ID of the end-user that authenticated. The "pairwise" user ID refers to the (Pairwise Identifier Algorithm)[http:/openid.netspecsopenid-connect-core-1_0.html#PairwiseAlg] of the OpenID Connect specification. It allows you to set an obfuscated subject ("user") identifier that is unique to the client. Please note that this changes the user ID on endpoint userinfo and sub claim of the ID Token. It does not change the sub claim in the OAuth 2.0 Introspection. Per default, ORY Hydra handles this value with its own algorithm. In case you want to set this yourself you can use this field. Please note that setting this field has no effect if `pairwise` is not configured in ORY Hydra or the OAuth 2.0 Client does not expect a pairwise identifier (set via `subject_type` key in the client's configuration). Please also be aware that ORY Hydra is unable to properly compute this value during authentication. This implies that you have to compute this value on every authentication process (probably depending on the client ID or some other unique value). If you fail to compute the proper value, then authentication processes which have id_token_hint set might fail.

  • acceptOAuth2LoginRequestRemember :: Maybe Bool

    "remember" - Remember, if set to true, tells ORY Hydra to remember this user by telling the user agent (browser) to store a cookie with authentication data. If the same user performs another OAuth 2.0 Authorization Request, he/she will not be asked to log in again.

  • acceptOAuth2LoginRequestRememberFor :: Maybe Integer

    "remember_for" - RememberFor sets how long the authentication should be remembered for in seconds. If set to `0`, the authorization will be remembered for the duration of the browser session (using a session cookie).

  • acceptOAuth2LoginRequestSubject :: Text

    Required "subject" - Subject is the user ID of the end-user that authenticated.

mkAcceptOAuth2LoginRequest Source #

Arguments

:: Text

acceptOAuth2LoginRequestSubject: Subject is the user ID of the end-user that authenticated.

-> AcceptOAuth2LoginRequest 

Construct a value of type AcceptOAuth2LoginRequest (by applying it's required fields, if any)

CreateJsonWebKeySet

data CreateJsonWebKeySet Source #

CreateJsonWebKeySet Create JSON Web Key Set Request Body

Constructors

CreateJsonWebKeySet 

Fields

  • createJsonWebKeySetAlg :: Text

    Required "alg" - JSON Web Key Algorithm The algorithm to be used for creating the key. Supports `RS256`, `ES256`, `ES512`, `HS512`, and `HS256`.

  • createJsonWebKeySetKid :: Text

    Required "kid" - JSON Web Key ID The Key ID of the key to be created.

  • createJsonWebKeySetUse :: Text

    Required "use" - JSON Web Key Use The "use" (public key use) parameter identifies the intended use of the public key. The "use" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Valid values are "enc" and "sig".

mkCreateJsonWebKeySet Source #

Arguments

:: Text

createJsonWebKeySetAlg: JSON Web Key Algorithm The algorithm to be used for creating the key. Supports RS256, ES256, ES512, HS512, and HS256.

-> Text

createJsonWebKeySetKid: JSON Web Key ID The Key ID of the key to be created.

-> Text

createJsonWebKeySetUse: JSON Web Key Use The "use" (public key use) parameter identifies the intended use of the public key. The "use" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Valid values are "enc" and "sig".

-> CreateJsonWebKeySet 

Construct a value of type CreateJsonWebKeySet (by applying it's required fields, if any)

ErrorOAuth2

data ErrorOAuth2 Source #

ErrorOAuth2 Error

Constructors

ErrorOAuth2 

Fields

Instances

Instances details
FromJSON ErrorOAuth2 Source #

FromJSON ErrorOAuth2

Instance details

Defined in OryHydra.Model

ToJSON ErrorOAuth2 Source #

ToJSON ErrorOAuth2

Instance details

Defined in OryHydra.Model

Show ErrorOAuth2 Source # 
Instance details

Defined in OryHydra.Model

Eq ErrorOAuth2 Source # 
Instance details

Defined in OryHydra.Model

mkErrorOAuth2 :: ErrorOAuth2 Source #

Construct a value of type ErrorOAuth2 (by applying it's required fields, if any)

GenericError

data GenericError Source #

GenericError

Constructors

GenericError 

Fields

Instances

Instances details
FromJSON GenericError Source #

FromJSON GenericError

Instance details

Defined in OryHydra.Model

ToJSON GenericError Source #

ToJSON GenericError

Instance details

Defined in OryHydra.Model

Show GenericError Source # 
Instance details

Defined in OryHydra.Model

Eq GenericError Source # 
Instance details

Defined in OryHydra.Model

mkGenericError Source #

Arguments

:: Text

genericErrorMessage: Error message The error's message.

-> GenericError 

Construct a value of type GenericError (by applying it's required fields, if any)

GetVersion200Response

mkGetVersion200Response :: GetVersion200Response Source #

Construct a value of type GetVersion200Response (by applying it's required fields, if any)

HealthNotReadyStatus

data HealthNotReadyStatus Source #

HealthNotReadyStatus

Constructors

HealthNotReadyStatus 

Fields

mkHealthNotReadyStatus :: HealthNotReadyStatus Source #

Construct a value of type HealthNotReadyStatus (by applying it's required fields, if any)

HealthStatus

data HealthStatus Source #

HealthStatus

Constructors

HealthStatus 

Fields

Instances

Instances details
FromJSON HealthStatus Source #

FromJSON HealthStatus

Instance details

Defined in OryHydra.Model

ToJSON HealthStatus Source #

ToJSON HealthStatus

Instance details

Defined in OryHydra.Model

Show HealthStatus Source # 
Instance details

Defined in OryHydra.Model

Eq HealthStatus Source # 
Instance details

Defined in OryHydra.Model

mkHealthStatus :: HealthStatus Source #

Construct a value of type HealthStatus (by applying it's required fields, if any)

IntrospectedOAuth2Token

data IntrospectedOAuth2Token Source #

IntrospectedOAuth2Token Introspection contains an access token's session data as specified by IETF RFC 7662

Constructors

IntrospectedOAuth2Token 

Fields

mkIntrospectedOAuth2Token Source #

Arguments

:: Bool

introspectedOAuth2TokenActive: Active is a boolean indicator of whether or not the presented token is currently active. The specifics of a token's "active" state will vary depending on the implementation of the authorization server and the information it keeps about its tokens, but a "true" value return for the "active" property will generally indicate that a given token has been issued by this authorization server, has not been revoked by the resource owner, and is within its given time window of validity (e.g., after its issuance time and before its expiration time).

-> IntrospectedOAuth2Token 

Construct a value of type IntrospectedOAuth2Token (by applying it's required fields, if any)

IsReady200Response

data IsReady200Response Source #

IsReady200Response

Constructors

IsReady200Response 

Fields

mkIsReady200Response :: IsReady200Response Source #

Construct a value of type IsReady200Response (by applying it's required fields, if any)

IsReady503Response

data IsReady503Response Source #

IsReady503Response

Constructors

IsReady503Response 

Fields

mkIsReady503Response :: IsReady503Response Source #

Construct a value of type IsReady503Response (by applying it's required fields, if any)

JsonPatch

data JsonPatch Source #

JsonPatch A JSONPatch document as defined by RFC 6902

Constructors

JsonPatch 

Fields

Instances

Instances details
FromJSON JsonPatch Source #

FromJSON JsonPatch

Instance details

Defined in OryHydra.Model

ToJSON JsonPatch Source #

ToJSON JsonPatch

Instance details

Defined in OryHydra.Model

Show JsonPatch Source # 
Instance details

Defined in OryHydra.Model

Eq JsonPatch Source # 
Instance details

Defined in OryHydra.Model

mkJsonPatch Source #

Arguments

:: Text

jsonPatchOp: The operation to be performed. One of "add", "remove", "replace", "move", "copy", or "test".

-> Text

jsonPatchPath: The path to the target path. Uses JSON pointer notation. Learn more about JSON Pointers.

-> JsonPatch 

Construct a value of type JsonPatch (by applying it's required fields, if any)

JsonWebKey

data JsonWebKey Source #

JsonWebKey

Constructors

JsonWebKey 

Fields

  • jsonWebKeyAlg :: Text

    Required "alg" - The "alg" (algorithm) parameter identifies the algorithm intended for use with the key. The values used should either be registered in the IANA "JSON Web Signature and Encryption Algorithms" registry established by [JWA] or be a value that contains a Collision- Resistant Name.

  • jsonWebKeyCrv :: Maybe Text

    "crv"

  • jsonWebKeyD :: Maybe Text

    "d"

  • jsonWebKeyDp :: Maybe Text

    "dp"

  • jsonWebKeyDq :: Maybe Text

    "dq"

  • jsonWebKeyE :: Maybe Text

    "e"

  • jsonWebKeyK :: Maybe Text

    "k"

  • jsonWebKeyKid :: Text

    Required "kid" - The "kid" (key ID) parameter is used to match a specific key. This is used, for instance, to choose among a set of keys within a JWK Set during key rollover. The structure of the "kid" value is unspecified. When "kid" values are used within a JWK Set, different keys within the JWK Set SHOULD use distinct "kid" values. (One example in which different keys might use the same "kid" value is if they have different "kty" (key type) values but are considered to be equivalent alternatives by the application using them.) The "kid" value is a case-sensitive string.

  • jsonWebKeyKty :: Text

    Required "kty" - The "kty" (key type) parameter identifies the cryptographic algorithm family used with the key, such as "RSA" or "EC". "kty" values should either be registered in the IANA "JSON Web Key Types" registry established by [JWA] or be a value that contains a Collision- Resistant Name. The "kty" value is a case-sensitive string.

  • jsonWebKeyN :: Maybe Text

    "n"

  • jsonWebKeyP :: Maybe Text

    "p"

  • jsonWebKeyQ :: Maybe Text

    "q"

  • jsonWebKeyQi :: Maybe Text

    "qi"

  • jsonWebKeyUse :: Text

    Required "use" - Use ("public key use") identifies the intended use of the public key. The "use" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Values are commonly "sig" (signature) or "enc" (encryption).

  • jsonWebKeyX :: Maybe Text

    "x"

  • jsonWebKeyX5c :: Maybe [Text]

    "x5c" - The "x5c" (X.509 certificate chain) parameter contains a chain of one or more PKIX certificates [RFC5280]. The certificate chain is represented as a JSON array of certificate value strings. Each string in the array is a base64-encoded (Section 4 of [RFC4648] -- not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value. The PKIX certificate containing the key value MUST be the first certificate.

  • jsonWebKeyY :: Maybe Text

    "y"

Instances

Instances details
FromJSON JsonWebKey Source #

FromJSON JsonWebKey

Instance details

Defined in OryHydra.Model

ToJSON JsonWebKey Source #

ToJSON JsonWebKey

Instance details

Defined in OryHydra.Model

Show JsonWebKey Source # 
Instance details

Defined in OryHydra.Model

Eq JsonWebKey Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam SetJsonWebKey JsonWebKey Source # 
Instance details

Defined in OryHydra.API.Jwk

Methods

setBodyParam :: (Consumes SetJsonWebKey contentType, MimeRender contentType JsonWebKey) => OryHydraRequest SetJsonWebKey contentType res accept -> JsonWebKey -> OryHydraRequest SetJsonWebKey contentType res accept Source #

mkJsonWebKey Source #

Arguments

:: Text

jsonWebKeyAlg: The "alg" (algorithm) parameter identifies the algorithm intended for use with the key. The values used should either be registered in the IANA "JSON Web Signature and Encryption Algorithms" registry established by [JWA] or be a value that contains a Collision- Resistant Name.

-> Text

jsonWebKeyKid: The "kid" (key ID) parameter is used to match a specific key. This is used, for instance, to choose among a set of keys within a JWK Set during key rollover. The structure of the "kid" value is unspecified. When "kid" values are used within a JWK Set, different keys within the JWK Set SHOULD use distinct "kid" values. (One example in which different keys might use the same "kid" value is if they have different "kty" (key type) values but are considered to be equivalent alternatives by the application using them.) The "kid" value is a case-sensitive string.

-> Text

jsonWebKeyKty: The "kty" (key type) parameter identifies the cryptographic algorithm family used with the key, such as "RSA" or "EC". "kty" values should either be registered in the IANA "JSON Web Key Types" registry established by [JWA] or be a value that contains a Collision- Resistant Name. The "kty" value is a case-sensitive string.

-> Text

jsonWebKeyUse: Use ("public key use") identifies the intended use of the public key. The "use" parameter is employed to indicate whether a public key is used for encrypting data or verifying the signature on data. Values are commonly "sig" (signature) or "enc" (encryption).

-> JsonWebKey 

Construct a value of type JsonWebKey (by applying it's required fields, if any)

JsonWebKeySet

data JsonWebKeySet Source #

JsonWebKeySet JSON Web Key Set

Constructors

JsonWebKeySet 

Fields

  • jsonWebKeySetKeys :: Maybe [JsonWebKey]

    "keys" - List of JSON Web Keys The value of the "keys" parameter is an array of JSON Web Key (JWK) values. By default, the order of the JWK values within the array does not imply an order of preference among them, although applications of JWK Sets can choose to assign a meaning to the order for their purposes, if desired.

Instances

Instances details
FromJSON JsonWebKeySet Source #

FromJSON JsonWebKeySet

Instance details

Defined in OryHydra.Model

ToJSON JsonWebKeySet Source #

ToJSON JsonWebKeySet

Instance details

Defined in OryHydra.Model

Show JsonWebKeySet Source # 
Instance details

Defined in OryHydra.Model

Eq JsonWebKeySet Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam SetJsonWebKeySet JsonWebKeySet Source # 
Instance details

Defined in OryHydra.API.Jwk

Methods

setBodyParam :: (Consumes SetJsonWebKeySet contentType, MimeRender contentType JsonWebKeySet) => OryHydraRequest SetJsonWebKeySet contentType res accept -> JsonWebKeySet -> OryHydraRequest SetJsonWebKeySet contentType res accept Source #

mkJsonWebKeySet :: JsonWebKeySet Source #

Construct a value of type JsonWebKeySet (by applying it's required fields, if any)

OAuth2Client

data OAuth2Client Source #

OAuth2Client OAuth 2.0 Client

OAuth 2.0 Clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities.

Constructors

OAuth2Client 

Fields

  • oAuth2ClientAllowedCorsOrigins :: Maybe [Text]

    "allowed_cors_origins"

  • oAuth2ClientAudience :: Maybe [Text]

    "audience"

  • oAuth2ClientAuthorizationCodeGrantAccessTokenLifespan :: Maybe Text

    "authorization_code_grant_access_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientAuthorizationCodeGrantIdTokenLifespan :: Maybe Text

    "authorization_code_grant_id_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientAuthorizationCodeGrantRefreshTokenLifespan :: Maybe Text

    "authorization_code_grant_refresh_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientBackchannelLogoutSessionRequired :: Maybe Bool

    "backchannel_logout_session_required" - OpenID Connect Back-Channel Logout Session Required Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout Token to identify the RP session with the OP when the backchannel_logout_uri is used. If omitted, the default value is false.

  • oAuth2ClientBackchannelLogoutUri :: Maybe Text

    "backchannel_logout_uri" - OpenID Connect Back-Channel Logout URI RP URL that will cause the RP to log itself out when sent a Logout Token by the OP.

  • oAuth2ClientClientCredentialsGrantAccessTokenLifespan :: Maybe Text

    "client_credentials_grant_access_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientClientId :: Maybe Text

    "client_id" - OAuth 2.0 Client ID The ID is autogenerated and immutable.

  • oAuth2ClientClientName :: Maybe Text

    "client_name" - OAuth 2.0 Client Name The human-readable name of the client to be presented to the end-user during authorization.

  • oAuth2ClientClientSecret :: Maybe Text

    "client_secret" - OAuth 2.0 Client Secret The secret will be included in the create request as cleartext, and then never again. The secret is kept in hashed format and is not recoverable once lost.

  • oAuth2ClientClientSecretExpiresAt :: Maybe Integer

    "client_secret_expires_at" - OAuth 2.0 Client Secret Expires At The field is currently not supported and its value is always 0.

  • oAuth2ClientClientUri :: Maybe Text

    "client_uri" - OAuth 2.0 Client URI ClientURI is a URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion.

  • oAuth2ClientContacts :: Maybe [Text]

    "contacts"

  • oAuth2ClientCreatedAt :: Maybe DateTime

    "created_at" - OAuth 2.0 Client Creation Date CreatedAt returns the timestamp of the client's creation.

  • oAuth2ClientFrontchannelLogoutSessionRequired :: Maybe Bool

    "frontchannel_logout_session_required" - OpenID Connect Front-Channel Logout Session Required Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be included to identify the RP session with the OP when the frontchannel_logout_uri is used. If omitted, the default value is false.

  • oAuth2ClientFrontchannelLogoutUri :: Maybe Text

    "frontchannel_logout_uri" - OpenID Connect Front-Channel Logout URI RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the request and to determine which of the potentially multiple sessions is to be logged out; if either is included, both MUST be.

  • oAuth2ClientGrantTypes :: Maybe [Text]

    "grant_types"

  • oAuth2ClientImplicitGrantAccessTokenLifespan :: Maybe Text

    "implicit_grant_access_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientImplicitGrantIdTokenLifespan :: Maybe Text

    "implicit_grant_id_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientJwks :: Maybe Value

    "jwks" - OAuth 2.0 Client JSON Web Key Set Client's JSON Web Key Set [JWK] document, passed by value. The semantics of the jwks parameter are the same as the jwks_uri parameter, other than that the JWK Set is passed by value, rather than by reference. This parameter is intended only to be used by Clients that, for some reason, are unable to use the jwks_uri parameter, for instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client can use jwks_uri, it MUST NOT use jwks. One significant downside of jwks is that it does not enable key rotation (which jwks_uri does, as described in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). The jwks_uri and jwks parameters MUST NOT be used together.

  • oAuth2ClientJwksUri :: Maybe Text

    "jwks_uri" - OAuth 2.0 Client JSON Web Key Set URL URL for the Client's JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the Client's encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate.

  • oAuth2ClientJwtBearerGrantAccessTokenLifespan :: Maybe Text

    "jwt_bearer_grant_access_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientLogoUri :: Maybe Text

    "logo_uri" - OAuth 2.0 Client Logo URI A URL string referencing the client's logo.

  • oAuth2ClientMetadata :: Maybe Value

    "metadata"

  • oAuth2ClientOwner :: Maybe Text

    "owner" - OAuth 2.0 Client Owner Owner is a string identifying the owner of the OAuth 2.0 Client.

  • oAuth2ClientPolicyUri :: Maybe Text

    "policy_uri" - OAuth 2.0 Client Policy URI PolicyURI is a URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data.

  • oAuth2ClientPostLogoutRedirectUris :: Maybe [Text]

    "post_logout_redirect_uris"

  • oAuth2ClientRedirectUris :: Maybe [Text]

    "redirect_uris"

  • oAuth2ClientRefreshTokenGrantAccessTokenLifespan :: Maybe Text

    "refresh_token_grant_access_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientRefreshTokenGrantIdTokenLifespan :: Maybe Text

    "refresh_token_grant_id_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientRefreshTokenGrantRefreshTokenLifespan :: Maybe Text

    "refresh_token_grant_refresh_token_lifespan" - Specify a time duration in milliseconds, seconds, minutes, hours.

  • oAuth2ClientRegistrationAccessToken :: Maybe Text

    "registration_access_token" - OpenID Connect Dynamic Client Registration Access Token RegistrationAccessToken can be used to update, get, or delete the OAuth2 Client. It is sent when creating a client using Dynamic Client Registration.

  • oAuth2ClientRegistrationClientUri :: Maybe Text

    "registration_client_uri" - OpenID Connect Dynamic Client Registration URL RegistrationClientURI is the URL used to update, get, or delete the OAuth2 Client.

  • oAuth2ClientRequestObjectSigningAlg :: Maybe Text

    "request_object_signing_alg" - OpenID Connect Request Object Signing Algorithm JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects from this Client MUST be rejected, if not signed with this algorithm.

  • oAuth2ClientRequestUris :: Maybe [Text]

    "request_uris"

  • oAuth2ClientResponseTypes :: Maybe [Text]

    "response_types"

  • oAuth2ClientScope :: Maybe Text

    "scope" - OAuth 2.0 Client Scope Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens.

  • oAuth2ClientSectorIdentifierUri :: Maybe Text

    "sector_identifier_uri" - OpenID Connect Sector Identifier URI URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a file with a single JSON array of redirect_uri values.

  • oAuth2ClientSubjectType :: Maybe Text

    "subject_type" - OpenID Connect Subject Type The `subject_types_supported` Discovery parameter contains a list of the supported subject_type values for this server. Valid types include `pairwise` and `public`.

  • oAuth2ClientTokenEndpointAuthMethod :: Maybe Text

    "token_endpoint_auth_method" - OAuth 2.0 Token Endpoint Authentication Method Requested Client Authentication method for the Token Endpoint. The options are: `client_secret_post`: (default) Send `client_id` and `client_secret` as `applicationx-www-form-urlencoded` in the HTTP body. `client_secret_basic`: Send `client_id` and `client_secret` as `applicationx-www-form-urlencoded` encoded in the HTTP Authorization header. `private_key_jwt`: Use JSON Web Tokens to authenticate the client. `none`: Used for public clients (native apps, mobile apps) which can not have secrets.

  • oAuth2ClientTokenEndpointAuthSigningAlg :: Maybe Text

    "token_endpoint_auth_signing_alg" - OAuth 2.0 Token Endpoint Signing Algorithm Requested Client Authentication signing algorithm for the Token Endpoint.

  • oAuth2ClientTosUri :: Maybe Text

    "tos_uri" - OAuth 2.0 Client Terms of Service URI A URL string pointing to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client.

  • oAuth2ClientUpdatedAt :: Maybe DateTime

    "updated_at" - OAuth 2.0 Client Last Update Date UpdatedAt returns the timestamp of the last update.

  • oAuth2ClientUserinfoSignedResponseAlg :: Maybe Text

    "userinfo_signed_response_alg" - OpenID Connect Request Userinfo Signed Response Algorithm JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims as a UTF-8 encoded JSON object using the application/json content-type.

Instances

Instances details
FromJSON OAuth2Client Source #

FromJSON OAuth2Client

Instance details

Defined in OryHydra.Model

ToJSON OAuth2Client Source #

ToJSON OAuth2Client

Instance details

Defined in OryHydra.Model

Show OAuth2Client Source # 
Instance details

Defined in OryHydra.Model

Eq OAuth2Client Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam CreateOAuth2Client OAuth2Client Source #

Body Param OAuth2Client - OAuth 2.0 Client Request Body

Instance details

Defined in OryHydra.API.OAuth2

Methods

setBodyParam :: (Consumes CreateOAuth2Client contentType, MimeRender contentType OAuth2Client) => OryHydraRequest CreateOAuth2Client contentType res accept -> OAuth2Client -> OryHydraRequest CreateOAuth2Client contentType res accept Source #

HasBodyParam SetOAuth2Client OAuth2Client Source #

Body Param OAuth2Client - OAuth 2.0 Client Request Body

Instance details

Defined in OryHydra.API.OAuth2

Methods

setBodyParam :: (Consumes SetOAuth2Client contentType, MimeRender contentType OAuth2Client) => OryHydraRequest SetOAuth2Client contentType res accept -> OAuth2Client -> OryHydraRequest SetOAuth2Client contentType res accept Source #

HasBodyParam CreateOidcDynamicClient OAuth2Client Source #

Body Param OAuth2Client - Dynamic Client Registration Request Body

Instance details

Defined in OryHydra.API.Oidc

HasBodyParam SetOidcDynamicClient OAuth2Client Source #

Body Param OAuth2Client - OAuth 2.0 Client Request Body

Instance details

Defined in OryHydra.API.Oidc

Methods

setBodyParam :: (Consumes SetOidcDynamicClient contentType, MimeRender contentType OAuth2Client) => OryHydraRequest SetOidcDynamicClient contentType res accept -> OAuth2Client -> OryHydraRequest SetOidcDynamicClient contentType res accept Source #

mkOAuth2Client :: OAuth2Client Source #

Construct a value of type OAuth2Client (by applying it's required fields, if any)

OAuth2ClientTokenLifespans

data OAuth2ClientTokenLifespans Source #

OAuth2ClientTokenLifespans OAuth 2.0 Client Token Lifespans

Lifespans of different token types issued for this OAuth 2.0 Client.

Constructors

OAuth2ClientTokenLifespans 

Fields

Instances

Instances details
FromJSON OAuth2ClientTokenLifespans Source #

FromJSON OAuth2ClientTokenLifespans

Instance details

Defined in OryHydra.Model

ToJSON OAuth2ClientTokenLifespans Source #

ToJSON OAuth2ClientTokenLifespans

Instance details

Defined in OryHydra.Model

Show OAuth2ClientTokenLifespans Source # 
Instance details

Defined in OryHydra.Model

Eq OAuth2ClientTokenLifespans Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam SetOAuth2ClientLifespans OAuth2ClientTokenLifespans Source # 
Instance details

Defined in OryHydra.API.OAuth2

mkOAuth2ClientTokenLifespans :: OAuth2ClientTokenLifespans Source #

Construct a value of type OAuth2ClientTokenLifespans (by applying it's required fields, if any)

OAuth2ConsentRequest

data OAuth2ConsentRequest Source #

OAuth2ConsentRequest Contains information on an ongoing consent request.

Constructors

OAuth2ConsentRequest 

Fields

mkOAuth2ConsentRequest Source #

Arguments

:: Text

oAuth2ConsentRequestChallenge: ID is the identifier ("authorization challenge") of the consent authorization request. It is used to identify the session.

-> OAuth2ConsentRequest 

Construct a value of type OAuth2ConsentRequest (by applying it's required fields, if any)

OAuth2ConsentRequestOpenIDConnectContext

data OAuth2ConsentRequestOpenIDConnectContext Source #

OAuth2ConsentRequestOpenIDConnectContext Contains optional information about the OpenID Connect request.

Constructors

OAuth2ConsentRequestOpenIDConnectContext 

Fields

  • oAuth2ConsentRequestOpenIDConnectContextAcrValues :: Maybe [Text]

    "acr_values" - ACRValues is the Authentication AuthorizationContext Class Reference requested in the OAuth 2.0 Authorization request. It is a parameter defined by OpenID Connect and expresses which level of authentication (e.g. 2FA) is required. OpenID Connect defines it as follows: > Requested Authentication AuthorizationContext Class Reference values. Space-separated string that specifies the acr values that the Authorization Server is being requested to use for processing this Authentication Request, with the values appearing in order of preference. The Authentication AuthorizationContext Class satisfied by the authentication performed is returned as the acr Claim Value, as specified in Section 2. The acr Claim is requested as a Voluntary Claim by this parameter.

  • oAuth2ConsentRequestOpenIDConnectContextDisplay :: Maybe Text

    "display" - Display is a string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User. The defined values are: page: The Authorization Server SHOULD display the authentication and consent UI consistent with a full User Agent page view. If the display parameter is not specified, this is the default display mode. popup: The Authorization Server SHOULD display the authentication and consent UI consistent with a popup User Agent window. The popup User Agent window should be of an appropriate size for a login-focused dialog and should not obscure the entire window that it is popping up over. touch: The Authorization Server SHOULD display the authentication and consent UI consistent with a device that leverages a touch interface. wap: The Authorization Server SHOULD display the authentication and consent UI consistent with a "feature phone" type display. The Authorization Server MAY also attempt to detect the capabilities of the User Agent and present an appropriate display.

  • oAuth2ConsentRequestOpenIDConnectContextIdTokenHintClaims :: Maybe (Map String Value)

    "id_token_hint_claims" - IDTokenHintClaims are the claims of the ID Token previously issued by the Authorization Server being passed as a hint about the End-User's current or past authenticated session with the Client.

  • oAuth2ConsentRequestOpenIDConnectContextLoginHint :: Maybe Text

    "login_hint" - LoginHint hints about the login identifier the End-User might use to log in (if necessary). This hint can be used by an RP if it first asks the End-User for their e-mail address (or other identifier) and then wants to pass that value as a hint to the discovered authorization service. This value MAY also be a phone number in the format specified for the phone_number Claim. The use of this parameter is optional.

  • oAuth2ConsentRequestOpenIDConnectContextUiLocales :: Maybe [Text]

    "ui_locales" - UILocales is the End-User'id preferred languages and scripts for the user interface, represented as a space-separated list of BCP47 [RFC5646] language tag values, ordered by preference. For instance, the value "fr-CA fr en" represents a preference for French as spoken in Canada, then French (without a region designation), followed by English (without a region designation). An error SHOULD NOT result if some or all of the requested locales are not supported by the OpenID Provider.

OAuth2ConsentSession

data OAuth2ConsentSession Source #

OAuth2ConsentSession OAuth 2.0 Consent Session

A completed OAuth 2.0 Consent Session.

Constructors

OAuth2ConsentSession 

Fields

mkOAuth2ConsentSession :: OAuth2ConsentSession Source #

Construct a value of type OAuth2ConsentSession (by applying it's required fields, if any)

OAuth2ConsentSessionExpiresAt

data OAuth2ConsentSessionExpiresAt Source #

OAuth2ConsentSessionExpiresAt

mkOAuth2ConsentSessionExpiresAt :: OAuth2ConsentSessionExpiresAt Source #

Construct a value of type OAuth2ConsentSessionExpiresAt (by applying it's required fields, if any)

OAuth2LoginRequest

data OAuth2LoginRequest Source #

OAuth2LoginRequest Contains information on an ongoing login request.

Constructors

OAuth2LoginRequest 

Fields

  • oAuth2LoginRequestChallenge :: Text

    Required "challenge" - ID is the identifier ("login challenge") of the login request. It is used to identify the session.

  • oAuth2LoginRequestClient :: OAuth2Client

    Required "client"

  • oAuth2LoginRequestOidcContext :: Maybe OAuth2ConsentRequestOpenIDConnectContext

    "oidc_context"

  • oAuth2LoginRequestRequestUrl :: Text

    Required "request_url" - RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but might come in handy if you want to deal with additional request parameters.

  • oAuth2LoginRequestRequestedAccessTokenAudience :: [Text]

    Required "requested_access_token_audience"

  • oAuth2LoginRequestRequestedScope :: [Text]

    Required "requested_scope"

  • oAuth2LoginRequestSessionId :: Maybe Text

    "session_id" - SessionID is the login session ID. If the user-agent reuses a login session (via cookie remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the "sid" parameter in the ID Token and in OIDC Front-Back- channel logout. It's value can generally be used to associate consecutive login requests by a certain user.

  • oAuth2LoginRequestSkip :: Bool

    Required "skip" - Skip, if true, implies that the client has requested the same scopes from the same user previously. If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL. This feature allows you to update / set session information.

  • oAuth2LoginRequestSubject :: Text

    Required "subject" - Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client. If this value is set and `skip` is true, you MUST include this subject type when accepting the login request, or the request will fail.

mkOAuth2LoginRequest Source #

Arguments

:: Text

oAuth2LoginRequestChallenge: ID is the identifier ("login challenge") of the login request. It is used to identify the session.

-> OAuth2Client

oAuth2LoginRequestClient

-> Text

oAuth2LoginRequestRequestUrl: RequestURL is the original OAuth 2.0 Authorization URL requested by the OAuth 2.0 client. It is the URL which initiates the OAuth 2.0 Authorization Code or OAuth 2.0 Implicit flow. This URL is typically not needed, but might come in handy if you want to deal with additional request parameters.

-> [Text]

oAuth2LoginRequestRequestedAccessTokenAudience

-> [Text]

oAuth2LoginRequestRequestedScope

-> Bool

oAuth2LoginRequestSkip: Skip, if true, implies that the client has requested the same scopes from the same user previously. If true, you can skip asking the user to grant the requested scopes, and simply forward the user to the redirect URL. This feature allows you to update / set session information.

-> Text

oAuth2LoginRequestSubject: Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client. If this value is set and skip is true, you MUST include this subject type when accepting the login request, or the request will fail.

-> OAuth2LoginRequest 

Construct a value of type OAuth2LoginRequest (by applying it's required fields, if any)

OAuth2LogoutRequest

data OAuth2LogoutRequest Source #

OAuth2LogoutRequest Contains information about an ongoing logout request.

Constructors

OAuth2LogoutRequest 

Fields

mkOAuth2LogoutRequest :: OAuth2LogoutRequest Source #

Construct a value of type OAuth2LogoutRequest (by applying it's required fields, if any)

OAuth2RedirectTo

data OAuth2RedirectTo Source #

OAuth2RedirectTo OAuth 2.0 Redirect Browser To

Contains a redirect URL used to complete a login, consent, or logout request.

Constructors

OAuth2RedirectTo 

Fields

  • oAuth2RedirectToRedirectTo :: Text

    Required "redirect_to" - RedirectURL is the URL which you should redirect the user's browser to once the authentication process is completed.

mkOAuth2RedirectTo Source #

Arguments

:: Text

oAuth2RedirectToRedirectTo: RedirectURL is the URL which you should redirect the user's browser to once the authentication process is completed.

-> OAuth2RedirectTo 

Construct a value of type OAuth2RedirectTo (by applying it's required fields, if any)

OAuth2TokenExchange

data OAuth2TokenExchange Source #

OAuth2TokenExchange OAuth2 Token Exchange Result

Constructors

OAuth2TokenExchange 

Fields

mkOAuth2TokenExchange :: OAuth2TokenExchange Source #

Construct a value of type OAuth2TokenExchange (by applying it's required fields, if any)

OidcConfiguration

data OidcConfiguration Source #

OidcConfiguration OpenID Connect Discovery Metadata

Includes links to several endpoints (for example `oauth2token`) and exposes information on supported signature algorithms among others.

Constructors

OidcConfiguration 

Fields

  • oidcConfigurationAuthorizationEndpoint :: Text

    Required "authorization_endpoint" - OAuth 2.0 Authorization Endpoint URL

  • oidcConfigurationBackchannelLogoutSessionSupported :: Maybe Bool

    "backchannel_logout_session_supported" - OpenID Connect Back-Channel Logout Session Required Boolean value specifying whether the OP can pass a sid (session ID) Claim in the Logout Token to identify the RP session with the OP. If supported, the sid Claim is also included in ID Tokens issued by the OP

  • oidcConfigurationBackchannelLogoutSupported :: Maybe Bool

    "backchannel_logout_supported" - OpenID Connect Back-Channel Logout Supported Boolean value specifying whether the OP supports back-channel logout, with true indicating support.

  • oidcConfigurationClaimsParameterSupported :: Maybe Bool

    "claims_parameter_supported" - OpenID Connect Claims Parameter Parameter Supported Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support.

  • oidcConfigurationClaimsSupported :: Maybe [Text]

    "claims_supported" - OpenID Connect Supported Claims JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list.

  • oidcConfigurationCodeChallengeMethodsSupported :: Maybe [Text]

    "code_challenge_methods_supported" - OAuth 2.0 PKCE Supported Code Challenge Methods JSON array containing a list of Proof Key for Code Exchange (PKCE) [RFC7636] code challenge methods supported by this authorization server.

  • oidcConfigurationEndSessionEndpoint :: Maybe Text

    "end_session_endpoint" - OpenID Connect End-Session Endpoint URL at the OP to which an RP can perform a redirect to request that the End-User be logged out at the OP.

  • oidcConfigurationFrontchannelLogoutSessionSupported :: Maybe Bool

    "frontchannel_logout_session_supported" - OpenID Connect Front-Channel Logout Session Required Boolean value specifying whether the OP can pass iss (issuer) and sid (session ID) query parameters to identify the RP session with the OP when the frontchannel_logout_uri is used. If supported, the sid Claim is also included in ID Tokens issued by the OP.

  • oidcConfigurationFrontchannelLogoutSupported :: Maybe Bool

    "frontchannel_logout_supported" - OpenID Connect Front-Channel Logout Supported Boolean value specifying whether the OP supports HTTP-based logout, with true indicating support.

  • oidcConfigurationGrantTypesSupported :: Maybe [Text]

    "grant_types_supported" - OAuth 2.0 Supported Grant Types JSON array containing a list of the OAuth 2.0 Grant Type values that this OP supports.

  • oidcConfigurationIdTokenSignedResponseAlg :: [Text]

    Required "id_token_signed_response_alg" - OpenID Connect Default ID Token Signing Algorithms Algorithm used to sign OpenID Connect ID Tokens.

  • oidcConfigurationIdTokenSigningAlgValuesSupported :: [Text]

    Required "id_token_signing_alg_values_supported" - OpenID Connect Supported ID Token Signing Algorithms JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT.

  • oidcConfigurationIssuer :: Text

    Required "issuer" - OpenID Connect Issuer URL An URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL.

  • oidcConfigurationJwksUri :: Text

    Required "jwks_uri" - OpenID Connect Well-Known JSON Web Keys URL URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set MAY also contain the Server's encryption key(s), which are used by RPs to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate.

  • oidcConfigurationRegistrationEndpoint :: Maybe Text

    "registration_endpoint" - OpenID Connect Dynamic Client Registration Endpoint URL

  • oidcConfigurationRequestObjectSigningAlgValuesSupported :: Maybe [Text]

    "request_object_signing_alg_values_supported" - OpenID Connect Supported Request Object Signing Algorithms JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, which are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. These algorithms are used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter).

  • oidcConfigurationRequestParameterSupported :: Maybe Bool

    "request_parameter_supported" - OpenID Connect Request Parameter Supported Boolean value specifying whether the OP supports use of the request parameter, with true indicating support.

  • oidcConfigurationRequestUriParameterSupported :: Maybe Bool

    "request_uri_parameter_supported" - OpenID Connect Request URI Parameter Supported Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support.

  • oidcConfigurationRequireRequestUriRegistration :: Maybe Bool

    "require_request_uri_registration" - OpenID Connect Requires Request URI Registration Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter.

  • oidcConfigurationResponseModesSupported :: Maybe [Text]

    "response_modes_supported" - OAuth 2.0 Supported Response Modes JSON array containing a list of the OAuth 2.0 response_mode values that this OP supports.

  • oidcConfigurationResponseTypesSupported :: [Text]

    Required "response_types_supported" - OAuth 2.0 Supported Response Types JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values.

  • oidcConfigurationRevocationEndpoint :: Maybe Text

    "revocation_endpoint" - OAuth 2.0 Token Revocation URL URL of the authorization server's OAuth 2.0 revocation endpoint.

  • oidcConfigurationScopesSupported :: Maybe [Text]

    "scopes_supported" - OAuth 2.0 Supported Scope Values JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. Servers MAY choose not to advertise some supported scope values even when this parameter is used

  • oidcConfigurationSubjectTypesSupported :: [Text]

    Required "subject_types_supported" - OpenID Connect Supported Subject Types JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public.

  • oidcConfigurationTokenEndpoint :: Text

    Required "token_endpoint" - OAuth 2.0 Token Endpoint URL

  • oidcConfigurationTokenEndpointAuthMethodsSupported :: Maybe [Text]

    "token_endpoint_auth_methods_supported" - OAuth 2.0 Supported Client Authentication Methods JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0

  • oidcConfigurationUserinfoEndpoint :: Maybe Text

    "userinfo_endpoint" - OpenID Connect Userinfo URL URL of the OP's UserInfo Endpoint.

  • oidcConfigurationUserinfoSignedResponseAlg :: [Text]

    Required "userinfo_signed_response_alg" - OpenID Connect User Userinfo Signing Algorithm Algorithm used to sign OpenID Connect Userinfo Responses.

  • oidcConfigurationUserinfoSigningAlgValuesSupported :: Maybe [Text]

    "userinfo_signing_alg_values_supported" - OpenID Connect Supported Userinfo Signing Algorithm JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].

mkOidcConfiguration Source #

Arguments

:: Text

oidcConfigurationAuthorizationEndpoint: OAuth 2.0 Authorization Endpoint URL

-> [Text]

oidcConfigurationIdTokenSignedResponseAlg: OpenID Connect Default ID Token Signing Algorithms Algorithm used to sign OpenID Connect ID Tokens.

-> [Text]

oidcConfigurationIdTokenSigningAlgValuesSupported: OpenID Connect Supported ID Token Signing Algorithms JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT.

-> Text

oidcConfigurationIssuer: OpenID Connect Issuer URL An URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL.

-> Text

oidcConfigurationJwksUri: OpenID Connect Well-Known JSON Web Keys URL URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the RP uses to validate signatures from the OP. The JWK Set MAY also contain the Server's encryption key(s), which are used by RPs to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate.

-> [Text]

oidcConfigurationResponseTypesSupported: OAuth 2.0 Supported Response Types JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values.

-> [Text]

oidcConfigurationSubjectTypesSupported: OpenID Connect Supported Subject Types JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public.

-> Text

oidcConfigurationTokenEndpoint: OAuth 2.0 Token Endpoint URL

-> [Text]

oidcConfigurationUserinfoSignedResponseAlg: OpenID Connect User Userinfo Signing Algorithm Algorithm used to sign OpenID Connect Userinfo Responses.

-> OidcConfiguration 

Construct a value of type OidcConfiguration (by applying it's required fields, if any)

OidcUserInfo

data OidcUserInfo Source #

OidcUserInfo OpenID Connect Userinfo

Constructors

OidcUserInfo 

Fields

  • oidcUserInfoBirthdate :: Maybe Text

    "birthdate" - End-User's birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform's date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates.

  • oidcUserInfoEmail :: Maybe Text

    "email" - End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 5.7.

  • oidcUserInfoEmailVerified :: Maybe Bool

    "email_verified" - True if the End-User's e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating.

  • oidcUserInfoFamilyName :: Maybe Text

    "family_name" - Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.

  • oidcUserInfoGender :: Maybe Text

    "gender" - End-User's gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable.

  • oidcUserInfoGivenName :: Maybe Text

    "given_name" - Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.

  • oidcUserInfoLocale :: Maybe Text

    "locale" - End-User's locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well.

  • oidcUserInfoMiddleName :: Maybe Text

    "middle_name" - Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used.

  • oidcUserInfoName :: Maybe Text

    "name" - End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences.

  • oidcUserInfoNickname :: Maybe Text

    "nickname" - Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael.

  • oidcUserInfoPhoneNumber :: Maybe Text

    "phone_number" - End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678.

  • oidcUserInfoPhoneNumberVerified :: Maybe Bool

    "phone_number_verified" - True if the End-User's phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format.

  • oidcUserInfoPicture :: Maybe Text

    "picture" - URL of the End-User's profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User.

  • oidcUserInfoPreferredUsername :: Maybe Text

    "preferred_username" - Non-unique shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace.

  • oidcUserInfoProfile :: Maybe Text

    "profile" - URL of the End-User's profile page. The contents of this Web page SHOULD be about the End-User.

  • oidcUserInfoSub :: Maybe Text

    "sub" - Subject - Identifier for the End-User at the IssuerURL.

  • oidcUserInfoUpdatedAt :: Maybe Integer

    "updated_at" - Time the End-User's information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time.

  • oidcUserInfoWebsite :: Maybe Text

    "website" - URL of the End-User's Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with.

  • oidcUserInfoZoneinfo :: Maybe Text

    "zoneinfo" - String from zoneinfo [zoneinfo] time zone database representing the End-User's time zone. For example, EuropeParis or AmericaLos_Angeles.

Instances

Instances details
FromJSON OidcUserInfo Source #

FromJSON OidcUserInfo

Instance details

Defined in OryHydra.Model

ToJSON OidcUserInfo Source #

ToJSON OidcUserInfo

Instance details

Defined in OryHydra.Model

Show OidcUserInfo Source # 
Instance details

Defined in OryHydra.Model

Eq OidcUserInfo Source # 
Instance details

Defined in OryHydra.Model

mkOidcUserInfo :: OidcUserInfo Source #

Construct a value of type OidcUserInfo (by applying it's required fields, if any)

Pagination

data Pagination Source #

Pagination

Constructors

Pagination 

Fields

Instances

Instances details
FromJSON Pagination Source #

FromJSON Pagination

Instance details

Defined in OryHydra.Model

ToJSON Pagination Source #

ToJSON Pagination

Instance details

Defined in OryHydra.Model

Show Pagination Source # 
Instance details

Defined in OryHydra.Model

Eq Pagination Source # 
Instance details

Defined in OryHydra.Model

mkPagination :: Pagination Source #

Construct a value of type Pagination (by applying it's required fields, if any)

PaginationHeaders

data PaginationHeaders Source #

PaginationHeaders

Constructors

PaginationHeaders 

Fields

mkPaginationHeaders :: PaginationHeaders Source #

Construct a value of type PaginationHeaders (by applying it's required fields, if any)

RejectOAuth2Request

data RejectOAuth2Request Source #

RejectOAuth2Request The request payload used to accept a login or consent request.

Constructors

RejectOAuth2Request 

Fields

Instances

Instances details
FromJSON RejectOAuth2Request Source #

FromJSON RejectOAuth2Request

Instance details

Defined in OryHydra.Model

ToJSON RejectOAuth2Request Source #

ToJSON RejectOAuth2Request

Instance details

Defined in OryHydra.Model

Show RejectOAuth2Request Source # 
Instance details

Defined in OryHydra.Model

Eq RejectOAuth2Request Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam RejectOAuth2ConsentRequest RejectOAuth2Request Source # 
Instance details

Defined in OryHydra.API.OAuth2

HasBodyParam RejectOAuth2LoginRequest RejectOAuth2Request Source # 
Instance details

Defined in OryHydra.API.OAuth2

mkRejectOAuth2Request :: RejectOAuth2Request Source #

Construct a value of type RejectOAuth2Request (by applying it's required fields, if any)

TokenPagination

data TokenPagination Source #

TokenPagination

Constructors

TokenPagination 

Fields

mkTokenPagination :: TokenPagination Source #

Construct a value of type TokenPagination (by applying it's required fields, if any)

TokenPaginationHeaders

data TokenPaginationHeaders Source #

TokenPaginationHeaders

Constructors

TokenPaginationHeaders 

Fields

mkTokenPaginationHeaders :: TokenPaginationHeaders Source #

Construct a value of type TokenPaginationHeaders (by applying it's required fields, if any)

TokenPaginationRequestParameters

data TokenPaginationRequestParameters Source #

TokenPaginationRequestParameters Pagination Request Parameters

The Link HTTP header contains multiple links (first, next, last, previous) formatted as: `https://{project-slug}.projects.oryapis.com/admin/clients?page_size={limit}&page_token={offset}; rel="{page}"` For details on pagination please head over to the pagination documentation.

Constructors

TokenPaginationRequestParameters 

Fields

mkTokenPaginationRequestParameters :: TokenPaginationRequestParameters Source #

Construct a value of type TokenPaginationRequestParameters (by applying it's required fields, if any)

TokenPaginationResponseHeaders

data TokenPaginationResponseHeaders Source #

TokenPaginationResponseHeaders Pagination Response Header

The Link HTTP header contains multiple links (first, next, last, previous) formatted as: `https://{project-slug}.projects.oryapis.com/admin/clients?page_size={limit}&page_token={offset}; rel="{page}"` For details on pagination please head over to the pagination documentation.

Constructors

TokenPaginationResponseHeaders 

Fields

  • tokenPaginationResponseHeadersLink :: Maybe Text

    "link" - The Link HTTP Header The `Link` header contains a comma-delimited list of links to the following pages: first: The first page of results. next: The next page of results. prev: The previous page of results. last: The last page of results. Pages are omitted if they do not exist. For example, if there is no next page, the `next` link is omitted. Examples: <clients?page_size=5&page_token=0>; rel="first",<clients?page_size=5&page_token=15>; rel="next",<clients?page_size=5&page_token=5>; rel="prev",<clients?page_size=5&page_token=20>; rel="last"

  • tokenPaginationResponseHeadersXTotalCount :: Maybe Integer

    "x-total-count" - The X-Total-Count HTTP Header The `X-Total-Count` header contains the total number of items in the collection.

mkTokenPaginationResponseHeaders :: TokenPaginationResponseHeaders Source #

Construct a value of type TokenPaginationResponseHeaders (by applying it's required fields, if any)

TrustOAuth2JwtGrantIssuer

data TrustOAuth2JwtGrantIssuer Source #

TrustOAuth2JwtGrantIssuer Trust OAuth2 JWT Bearer Grant Type Issuer Request Body

Constructors

TrustOAuth2JwtGrantIssuer 

Fields

Instances

Instances details
FromJSON TrustOAuth2JwtGrantIssuer Source #

FromJSON TrustOAuth2JwtGrantIssuer

Instance details

Defined in OryHydra.Model

ToJSON TrustOAuth2JwtGrantIssuer Source #

ToJSON TrustOAuth2JwtGrantIssuer

Instance details

Defined in OryHydra.Model

Show TrustOAuth2JwtGrantIssuer Source # 
Instance details

Defined in OryHydra.Model

Eq TrustOAuth2JwtGrantIssuer Source # 
Instance details

Defined in OryHydra.Model

HasBodyParam TrustOAuth2JwtGrantIssuer0 TrustOAuth2JwtGrantIssuer Source # 
Instance details

Defined in OryHydra.API.OAuth2

mkTrustOAuth2JwtGrantIssuer Source #

Arguments

:: DateTime

trustOAuth2JwtGrantIssuerExpiresAt: The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject".

-> Text

trustOAuth2JwtGrantIssuerIssuer: The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT).

-> JsonWebKey

trustOAuth2JwtGrantIssuerJwk

-> [Text]

trustOAuth2JwtGrantIssuerScope: The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749])

-> TrustOAuth2JwtGrantIssuer 

Construct a value of type TrustOAuth2JwtGrantIssuer (by applying it's required fields, if any)

TrustedOAuth2JwtGrantIssuer

data TrustedOAuth2JwtGrantIssuer Source #

TrustedOAuth2JwtGrantIssuer OAuth2 JWT Bearer Grant Type Issuer Trust Relationship

Constructors

TrustedOAuth2JwtGrantIssuer 

Fields

mkTrustedOAuth2JwtGrantIssuer :: TrustedOAuth2JwtGrantIssuer Source #

Construct a value of type TrustedOAuth2JwtGrantIssuer (by applying it's required fields, if any)

TrustedOAuth2JwtGrantJsonWebKey

data TrustedOAuth2JwtGrantJsonWebKey Source #

TrustedOAuth2JwtGrantJsonWebKey OAuth2 JWT Bearer Grant Type Issuer Trusted JSON Web Key

Constructors

TrustedOAuth2JwtGrantJsonWebKey 

Fields

mkTrustedOAuth2JwtGrantJsonWebKey :: TrustedOAuth2JwtGrantJsonWebKey Source #

Construct a value of type TrustedOAuth2JwtGrantJsonWebKey (by applying it's required fields, if any)

Version

data Version Source #

Version

Constructors

Version 

Fields

Instances

Instances details
FromJSON Version Source #

FromJSON Version

Instance details

Defined in OryHydra.Model

ToJSON Version Source #

ToJSON Version

Instance details

Defined in OryHydra.Model

Show Version Source # 
Instance details

Defined in OryHydra.Model

Eq Version Source # 
Instance details

Defined in OryHydra.Model

Methods

(==) :: Version -> Version -> Bool #

(/=) :: Version -> Version -> Bool #

mkVersion :: Version Source #

Construct a value of type Version (by applying it's required fields, if any)

Auth Methods

AuthBasicBasic

data AuthBasicBasic Source #

Constructors

AuthBasicBasic ByteString ByteString

username password

Instances

Instances details
Show AuthBasicBasic Source # 
Instance details

Defined in OryHydra.Model

Eq AuthBasicBasic Source # 
Instance details

Defined in OryHydra.Model

AuthMethod AuthBasicBasic Source # 
Instance details

Defined in OryHydra.Model

Methods

applyAuthMethod :: OryHydraConfig -> AuthBasicBasic -> OryHydraRequest req contentType res accept -> IO (OryHydraRequest req contentType res accept) Source #

AuthBasicBearer

data AuthBasicBearer Source #

Constructors

AuthBasicBearer ByteString ByteString

username password

Instances

Instances details
Show AuthBasicBearer Source # 
Instance details

Defined in OryHydra.Model

Eq AuthBasicBearer Source # 
Instance details

Defined in OryHydra.Model

AuthMethod AuthBasicBearer Source # 
Instance details

Defined in OryHydra.Model

Methods

applyAuthMethod :: OryHydraConfig -> AuthBasicBearer -> OryHydraRequest req contentType res accept -> IO (OryHydraRequest req contentType res accept) Source #

AuthOAuthOauth2

data AuthOAuthOauth2 Source #

Constructors

AuthOAuthOauth2 Text

secret

Instances

Instances details
Show AuthOAuthOauth2 Source # 
Instance details

Defined in OryHydra.Model

Eq AuthOAuthOauth2 Source # 
Instance details

Defined in OryHydra.Model

AuthMethod AuthOAuthOauth2 Source # 
Instance details

Defined in OryHydra.Model

Methods

applyAuthMethod :: OryHydraConfig -> AuthOAuthOauth2 -> OryHydraRequest req contentType res accept -> IO (OryHydraRequest req contentType res accept) Source #