sdk: switch to swagger codegen sdk

.gitignore

@@ -13,6 +13,5 @@ output/
 _book/
 dist/
 coverage.*
-docs/api.swagger.json
 Dockerfile-plugin-*
 plugin-*.so

.travis.yml

@@ -23,7 +23,7 @@ before_install:
   - sudo apt-get install curl
 
 install:
-  - go get -u github.com/go-swagger/go-swagger github.com/bradfitz/goimports github.com/mattn/goveralls golang.org/x/tools/cmd/cover github.com/Masterminds/glide github.com/mitchellh/gox github.com/ory/go-acc
+  - go get -u github.com/go-swagger/go-swagger/cmd/swagger github.com/bradfitz/goimports github.com/mattn/goveralls golang.org/x/tools/cmd/cover github.com/Masterminds/glide github.com/mitchellh/gox github.com/ory/go-acc
   - git clone https://github.com/docker-library/official-images.git ~/official-images
   - glide install
   - go install github.com/ory/hydra

client/client.go

@@ -8,7 +8,7 @@ import (
 
 // Client represents an OAuth 2.0 Client.
 //
-// swagger:model oauthClient
+// swagger:model oAuth2Client
 type Client struct {
 	// ID is the id for this client.
 	ID string `json:"id" gorethink:"id"`

client/doc.go

@@ -1,14 +1,21 @@
-// Package client implements the OAuth 2.0 Client functionality and provides http handlers, http clients and storage adapters.
+// Package client implements OAuth 2.0 client management capabilities
+//
+// OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are granted
+// to applications that want to use OAuth 2.0 access and refresh tokens.
+//
+//
+// In ORY Hydra, OAuth 2.0 clients are used to manage ORY Hydra itself. These clients may gain highly privileged access
+// if configured that way. This endpoint should be well protected and only called by code you trust.
 package client
 
-// swagger:parameters createOAuthClient
+// swagger:parameters createOAuth2Client
 type swaggerCreateClientPayload struct {
 	// in: body
 	// required: true
 	Body Client
 }
 
-// swagger:parameters updateOAuthClient
+// swagger:parameters updateOAuth2Client
 type swaggerUpdateClientPayload struct {
 	// in: path
 	// required: true
@@ -20,13 +27,14 @@ type swaggerUpdateClientPayload struct {
 }
 
 // A list of clients.
-// swagger:response clientsList
+// swagger:response oAuth2ClientList
 type swaggerListClientsResult struct {
 	// in: body
+	// type: array
 	Body []Client
 }
 
-// swagger:parameters getOAuthClient deleteOAuthClient
+// swagger:parameters getOAuth2Client deleteOAuth2Client
 type swaggerQueryClientPayload struct {
 	// The id of the OAuth 2.0 Client.
 	//

client/handler.go

@@ -37,12 +37,14 @@ func (h *Handler) SetRoutes(r *httprouter.Router) {
 	r.DELETE(ClientsHandlerPath+"/:id", h.Delete)
 }
 
-// swagger:route POST /clients oauth2 clients createOAuthClient
+// swagger:route POST /clients oAuth2 createOAuth2Client
 //
-// Creates an OAuth 2.0 Client
+// Create an OAuth 2.0 client
+//
+// If you pass `client_secret` the secret will be used, otherwise a random secret will be generated. The secret will
+// be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep
+// it somwhere safe.
 //
-// Be aware that an OAuth 2.0 Client may gain highly priviledged access if configured that way. This
-// endpoint should be well protected and only called by code you trust.
 //
 // The subject making the request needs to be assigned to a policy containing:
 //
@@ -77,7 +79,7 @@ func (h *Handler) SetRoutes(r *httprouter.Router) {
 //       oauth2: hydra.clients
 //
 //     Responses:
-//       200: oauthClient
+//       200: oAuth2Client
 //       401: genericError
 //       403: genericError
 //       500: genericError
@@ -122,12 +124,13 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa
 	h.H.WriteCreated(w, r, ClientsHandlerPath+"/"+c.GetID(), &c)
 }
 
-// swagger:route PUT /clients/{id} oauth2 clients updateOAuthClient
+// swagger:route PUT /clients/{id} oAuth2 updateOAuth2Client
+//
+// Update an OAuth 2.0 Client
 //
-// Updates an OAuth 2.0 Client
+// If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will
+// be able to retrieve the client secret, so write it down and keep it safe.
 //
-// Be aware that an OAuth 2.0 Client may gain highly priviledged access if configured that way. This
-// endpoint should be well protected and only called by code you trust.
 //
 // The subject making the request needs to be assigned to a policy containing:
 //
@@ -162,7 +165,7 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa
 //       oauth2: hydra.clients
 //
 //     Responses:
-//       200: oauthClient
+//       200: oAuth2Client
 //       401: genericError
 //       403: genericError
 //       500: genericError
@@ -192,8 +195,12 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		return
 	}
 
+	var secret string
 	if len(c.Secret) > 0 && len(c.Secret) < 6 {
 		h.H.WriteError(w, r, errors.New("The client secret must be at least 6 characters long"))
+		return
+	} else {
+		secret = c.Secret
 	}
 
 	c.ID = ps.ByName("id")
@@ -202,14 +209,16 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request, ps httprouter.P
 		return
 	}
 
+	c.Secret = secret
 	h.H.WriteCreated(w, r, ClientsHandlerPath+"/"+c.GetID(), &c)
 }
 
-// swagger:route GET /clients oauth2 clients listOAuthClients
+// swagger:route GET /clients oAuth2 listOAuth2Clients
 //
-// Lists OAuth 2.0 Clients
+// List OAuth 2.0 Clients
+//
+// This endpoint never returns passwords.
 //
-// Never returns a client's secret.
 //
 // The subject making the request needs to be assigned to a policy containing:
 //
@@ -233,7 +242,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request, ps httprouter.P
 //       oauth2: hydra.clients
 //
 //     Responses:
-//       200: clientsList
+//       200: oAuth2ClientList
 //       401: genericError
 //       403: genericError
 //       500: genericError
@@ -254,19 +263,23 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par
 		return
 	}
 
-	for k, cc := range c {
-		cc.Secret = ""
-		c[k] = cc
+	clients := make([]Client, len(c))
+	k := 0
+	for _, cc := range c {
+		clients[k] = cc
+		clients[k].Secret = ""
+		k++
 	}
 
-	h.H.Write(w, r, c)
+	h.H.Write(w, r, clients)
 }
 
-// swagger:route GET /clients/{id} oauth2 clients getOAuthClient
+// swagger:route GET /clients/{id} oAuth2 getOAuth2Client
+//
+// Retrieve an OAuth 2.0 Client.
 //
-// Fetches an OAuth 2.0 Client.
+// This endpoint never returns passwords.
 //
-// Never returns the client's secret.
 //
 // The subject making the request needs to be assigned to a policy containing:
 //
@@ -301,7 +314,7 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par
 //       oauth2: hydra.clients
 //
 //     Responses:
-//       200: oauthClient
+//       200: oAuth2Client
 //       401: genericError
 //       403: genericError
 //       500: genericError
@@ -330,7 +343,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Para
 	h.H.Write(w, r, c)
 }
 
-// swagger:route DELETE /clients/{id} oauth2 clients deleteOAuthClient
+// swagger:route DELETE /clients/{id} oAuth2 deleteOAuth2Client
 //
 // Deletes an OAuth 2.0 Client
 //

client/manager_memory.go

@@ -1,9 +1,8 @@
 package client
 
 import (
-	"sync"
-
 	"context"
+	"sync"
 
 	"github.com/imdario/mergo"
 	"github.com/ory/fosite"
@@ -18,6 +17,17 @@ type MemoryManager struct {
 	sync.RWMutex
 }
 
+func NewMemoryManager(hasher fosite.Hasher) *MemoryManager {
+	if hasher == nil {
+		hasher = new(fosite.BCrypt)
+	}
+
+	return &MemoryManager{
+		Clients: map[string]Client{},
+		Hasher:  hasher,
+	}
+}
+
 func (m *MemoryManager) GetConcreteClient(id string) (*Client, error) {
 	m.RLock()
 	defer m.RUnlock()