mirror of
https://github.com/rocky-linux/peridot.git
synced 2024-10-19 07:55:07 +00:00
528 lines
16 KiB
Go
528 lines
16 KiB
Go
|
// Code generated by go-swagger; DO NOT EDIT.
|
||
|
|
||
|
package models
|
||
|
|
||
|
// This file was generated by the swagger tool.
|
||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
|
||
|
"github.com/go-openapi/errors"
|
||
|
"github.com/go-openapi/strfmt"
|
||
|
"github.com/go-openapi/swag"
|
||
|
"github.com/go-openapi/validate"
|
||
|
)
|
||
|
|
||
|
// OAuth2Client Client represents an OAuth 2.0 Client.
|
||
|
//
|
||
|
// swagger:model oAuth2Client
|
||
|
type OAuth2Client struct {
|
||
|
|
||
|
// allowed cors origins
|
||
|
AllowedCorsOrigins StringSlicePipeDelimiter `json:"allowed_cors_origins,omitempty"`
|
||
|
|
||
|
// audience
|
||
|
Audience StringSlicePipeDelimiter `json:"audience,omitempty"`
|
||
|
|
||
|
// Boolean value specifying whether the RP requires that a sid (session ID) Claim be included in the Logout
|
||
|
// Token to identify the RP session with the OP when the backchannel_logout_uri is used.
|
||
|
// If omitted, the default value is false.
|
||
|
BackchannelLogoutSessionRequired bool `json:"backchannel_logout_session_required,omitempty"`
|
||
|
|
||
|
// RP URL that will cause the RP to log itself out when sent a Logout Token by the OP.
|
||
|
BackchannelLogoutURI string `json:"backchannel_logout_uri,omitempty"`
|
||
|
|
||
|
// ID is the id for this client.
|
||
|
ClientID string `json:"client_id,omitempty"`
|
||
|
|
||
|
// Name is the human-readable string name of the client to be presented to the
|
||
|
// end-user during authorization.
|
||
|
ClientName string `json:"client_name,omitempty"`
|
||
|
|
||
|
// Secret is the client's secret. The secret will be included in the create request as cleartext, and then
|
||
|
// never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users
|
||
|
// that they need to write the secret down as it will not be made available again.
|
||
|
ClientSecret string `json:"client_secret,omitempty"`
|
||
|
|
||
|
// SecretExpiresAt is an integer holding the time at which the client
|
||
|
// secret will expire or 0 if it will not expire. The time is
|
||
|
// represented as the number of seconds from 1970-01-01T00:00:00Z as
|
||
|
// measured in UTC until the date/time of expiration.
|
||
|
//
|
||
|
// This feature is currently not supported and it's value will always
|
||
|
// be set to 0.
|
||
|
ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty"`
|
||
|
|
||
|
// ClientURI is an URL string of a web page providing information about the client.
|
||
|
// If present, the server SHOULD display this URL to the end-user in
|
||
|
// a clickable fashion.
|
||
|
ClientURI string `json:"client_uri,omitempty"`
|
||
|
|
||
|
// contacts
|
||
|
Contacts StringSlicePipeDelimiter `json:"contacts,omitempty"`
|
||
|
|
||
|
// CreatedAt returns the timestamp of the client's creation.
|
||
|
// Format: date-time
|
||
|
CreatedAt strfmt.DateTime `json:"created_at,omitempty"`
|
||
|
|
||
|
// Boolean value specifying whether the RP requires that iss (issuer) and sid (session ID) query parameters be
|
||
|
// included to identify the RP session with the OP when the frontchannel_logout_uri is used.
|
||
|
// If omitted, the default value is false.
|
||
|
FrontchannelLogoutSessionRequired bool `json:"frontchannel_logout_session_required,omitempty"`
|
||
|
|
||
|
// RP URL that will cause the RP to log itself out when rendered in an iframe by the OP. An iss (issuer) query
|
||
|
// parameter and a sid (session ID) query parameter MAY be included by the OP to enable the RP to validate the
|
||
|
// request and to determine which of the potentially multiple sessions is to be logged out; if either is
|
||
|
// included, both MUST be.
|
||
|
FrontchannelLogoutURI string `json:"frontchannel_logout_uri,omitempty"`
|
||
|
|
||
|
// grant types
|
||
|
GrantTypes StringSlicePipeDelimiter `json:"grant_types,omitempty"`
|
||
|
|
||
|
// jwks
|
||
|
Jwks JoseJSONWebKeySet `json:"jwks,omitempty"`
|
||
|
|
||
|
// URL for the Client's JSON Web Key Set [JWK] document. If the Client signs requests to the Server, it contains
|
||
|
// the signing key(s) the Server uses to validate signatures from the Client. The JWK Set MAY also contain the
|
||
|
// Client's encryption keys(s), which are used by the Server to encrypt responses to the Client. When both signing
|
||
|
// and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the referenced
|
||
|
// JWK Set to indicate each key's intended usage. Although some algorithms allow the same key to be used for both
|
||
|
// signatures and encryption, doing so is NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used
|
||
|
// to provide X.509 representations of keys provided. When used, the bare key values MUST still be present and MUST
|
||
|
// match those in the certificate.
|
||
|
JwksURI string `json:"jwks_uri,omitempty"`
|
||
|
|
||
|
// LogoURI is an URL string that references a logo for the client.
|
||
|
LogoURI string `json:"logo_uri,omitempty"`
|
||
|
|
||
|
// metadata
|
||
|
Metadata JSONRawMessage `json:"metadata,omitempty"`
|
||
|
|
||
|
// Owner is a string identifying the owner of the OAuth 2.0 Client.
|
||
|
Owner string `json:"owner,omitempty"`
|
||
|
|
||
|
// PolicyURI is a URL string that points to a human-readable privacy policy document
|
||
|
// that describes how the deployment organization collects, uses,
|
||
|
// retains, and discloses personal data.
|
||
|
PolicyURI string `json:"policy_uri,omitempty"`
|
||
|
|
||
|
// post logout redirect uris
|
||
|
PostLogoutRedirectUris StringSlicePipeDelimiter `json:"post_logout_redirect_uris,omitempty"`
|
||
|
|
||
|
// redirect uris
|
||
|
RedirectUris StringSlicePipeDelimiter `json:"redirect_uris,omitempty"`
|
||
|
|
||
|
// JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent to the OP. All Request Objects
|
||
|
// from this Client MUST be rejected, if not signed with this algorithm.
|
||
|
RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty"`
|
||
|
|
||
|
// request uris
|
||
|
RequestUris StringSlicePipeDelimiter `json:"request_uris,omitempty"`
|
||
|
|
||
|
// response types
|
||
|
ResponseTypes StringSlicePipeDelimiter `json:"response_types,omitempty"`
|
||
|
|
||
|
// Scope is a string containing a space-separated list of scope values (as
|
||
|
// described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client
|
||
|
// can use when requesting access tokens.
|
||
|
// Pattern: ([a-zA-Z0-9\.\*]+\s?)+
|
||
|
Scope string `json:"scope,omitempty"`
|
||
|
|
||
|
// URL using the https scheme to be used in calculating Pseudonymous Identifiers by the OP. The URL references a
|
||
|
// file with a single JSON array of redirect_uri values.
|
||
|
SectorIdentifierURI string `json:"sector_identifier_uri,omitempty"`
|
||
|
|
||
|
// SubjectType requested for responses to this Client. The subject_types_supported Discovery parameter contains a
|
||
|
// list of the supported subject_type values for this server. Valid types include `pairwise` and `public`.
|
||
|
SubjectType string `json:"subject_type,omitempty"`
|
||
|
|
||
|
// Requested Client Authentication method for the Token Endpoint. The options are client_secret_post,
|
||
|
// client_secret_basic, private_key_jwt, and none.
|
||
|
TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty"`
|
||
|
|
||
|
// Requested Client Authentication signing algorithm for the Token Endpoint.
|
||
|
TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty"`
|
||
|
|
||
|
// TermsOfServiceURI is a URL string that points to a human-readable terms of service
|
||
|
// document for the client that describes a contractual relationship
|
||
|
// between the end-user and the client that the end-user accepts when
|
||
|
// authorizing the client.
|
||
|
TosURI string `json:"tos_uri,omitempty"`
|
||
|
|
||
|
// UpdatedAt returns the timestamp of the last update.
|
||
|
// Format: date-time
|
||
|
UpdatedAt strfmt.DateTime `json:"updated_at,omitempty"`
|
||
|
|
||
|
// JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. If this is specified, the response will be JWT
|
||
|
// [JWT] serialized, and signed using JWS. The default, if omitted, is for the UserInfo Response to return the Claims
|
||
|
// as a UTF-8 encoded JSON object using the application/json content-type.
|
||
|
UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty"`
|
||
|
}
|
||
|
|
||
|
// Validate validates this o auth2 client
|
||
|
func (m *OAuth2Client) Validate(formats strfmt.Registry) error {
|
||
|
var res []error
|
||
|
|
||
|
if err := m.validateAllowedCorsOrigins(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateAudience(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateContacts(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateCreatedAt(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateGrantTypes(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validatePostLogoutRedirectUris(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateRedirectUris(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateRequestUris(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateResponseTypes(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateScope(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.validateUpdatedAt(formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if len(res) > 0 {
|
||
|
return errors.CompositeValidationError(res...)
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateAllowedCorsOrigins(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.AllowedCorsOrigins) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.AllowedCorsOrigins.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("allowed_cors_origins")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateAudience(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.Audience) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.Audience.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("audience")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateContacts(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.Contacts) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.Contacts.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("contacts")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateCreatedAt(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.CreatedAt) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := validate.FormatOf("created_at", "body", "date-time", m.CreatedAt.String(), formats); err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateGrantTypes(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.GrantTypes) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.GrantTypes.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("grant_types")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validatePostLogoutRedirectUris(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.PostLogoutRedirectUris) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.PostLogoutRedirectUris.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("post_logout_redirect_uris")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateRedirectUris(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.RedirectUris) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.RedirectUris.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("redirect_uris")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateRequestUris(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.RequestUris) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.RequestUris.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("request_uris")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateResponseTypes(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.ResponseTypes) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := m.ResponseTypes.Validate(formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("response_types")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateScope(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.Scope) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := validate.Pattern("scope", "body", m.Scope, `([a-zA-Z0-9\.\*]+\s?)+`); err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) validateUpdatedAt(formats strfmt.Registry) error {
|
||
|
if swag.IsZero(m.UpdatedAt) { // not required
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
if err := validate.FormatOf("updated_at", "body", "date-time", m.UpdatedAt.String(), formats); err != nil {
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// ContextValidate validate this o auth2 client based on the context it is used
|
||
|
func (m *OAuth2Client) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||
|
var res []error
|
||
|
|
||
|
if err := m.contextValidateAllowedCorsOrigins(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidateAudience(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidateContacts(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidateGrantTypes(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidatePostLogoutRedirectUris(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidateRedirectUris(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidateRequestUris(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if err := m.contextValidateResponseTypes(ctx, formats); err != nil {
|
||
|
res = append(res, err)
|
||
|
}
|
||
|
|
||
|
if len(res) > 0 {
|
||
|
return errors.CompositeValidationError(res...)
|
||
|
}
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateAllowedCorsOrigins(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.AllowedCorsOrigins.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("allowed_cors_origins")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateAudience(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.Audience.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("audience")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateContacts(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.Contacts.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("contacts")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateGrantTypes(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.GrantTypes.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("grant_types")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidatePostLogoutRedirectUris(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.PostLogoutRedirectUris.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("post_logout_redirect_uris")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateRedirectUris(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.RedirectUris.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("redirect_uris")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateRequestUris(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.RequestUris.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("request_uris")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
func (m *OAuth2Client) contextValidateResponseTypes(ctx context.Context, formats strfmt.Registry) error {
|
||
|
|
||
|
if err := m.ResponseTypes.ContextValidate(ctx, formats); err != nil {
|
||
|
if ve, ok := err.(*errors.Validation); ok {
|
||
|
return ve.ValidateName("response_types")
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
return nil
|
||
|
}
|
||
|
|
||
|
// MarshalBinary interface implementation
|
||
|
func (m *OAuth2Client) MarshalBinary() ([]byte, error) {
|
||
|
if m == nil {
|
||
|
return nil, nil
|
||
|
}
|
||
|
return swag.WriteJSON(m)
|
||
|
}
|
||
|
|
||
|
// UnmarshalBinary interface implementation
|
||
|
func (m *OAuth2Client) UnmarshalBinary(b []byte) error {
|
||
|
var res OAuth2Client
|
||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||
|
return err
|
||
|
}
|
||
|
*m = res
|
||
|
return nil
|
||
|
}
|