mirror
/
hydra
mirror of https://github.com/ory/hydra
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: remove device challenge ID from API 

GitOrigin-RevId: 09c6740f87c8126e971a66c2b95f68c0dc0a611a
This commit is contained in:
Patrik 2025-10-17 16:32:58 +02:00 committed by ory-bot
parent 36f21d0f01
commit 3c33a64ac3
12 changed files with 1 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
consent/test/manager_test_helpers.go
View File

@ -989,5 +989,4 @@ func compareConsentRequestFlow(t *testing.T, a *flow.OAuth2ConsentRequest, b *fl
assert.EqualValues(t, a.Skip, b.ConsentSkip)
assert.EqualValues(t, a.LoginChallenge, b.ID)
assert.EqualValues(t, a.LoginSessionID, b.SessionID)
assert.EqualValues(t, a.DeviceChallenge, b.DeviceChallengeID.String())
}

1
flow/.snapshots/TestOAuth2ConsentRequest_MarshalJSON.json
View File

@ -10,7 +10,6 @@
"request_url": "",
"login_challenge": "",
"login_session_id": "",
"device_challenge_id": "",
"acr": "",
"amr": []
}

4
flow/consent_types.go
View File

@ -21,7 +21,6 @@ import (
)
const (
DeviceRequestDeniedErrorName = "device request denied"
ConsentRequestDeniedErrorName = "consent request denied"
LoginRequestDeniedErrorName = "login request denied"
)
@ -648,9 +647,6 @@ type OAuth2ConsentRequest struct {
// channel logout. It's value can generally be used to associate consecutive login requests by a certain user.
LoginSessionID sqlxx.NullString `json:"login_session_id"`
// DeviceChallenge is the device challenge this consent challenge belongs to, if this flow was initiated by a device.
DeviceChallenge sqlxx.NullString `json:"device_challenge_id" faker:"-"`
// ACR represents the Authentication AuthorizationContext Class Reference value for this authentication session. You can use it
// to express that, for example, a user authenticated using two factor authentication.
ACR string `json:"acr"`

1
flow/flow.go
View File

@ -453,7 +453,6 @@ func (f *Flow) GetConsentRequest(challenge string) *OAuth2ConsentRequest {
RequestURL: f.RequestURL,
LoginChallenge: sqlxx.NullString(f.ID),
LoginSessionID: f.SessionID,
DeviceChallenge: f.DeviceChallengeID,
ACR: f.ACR,
AMR: f.AMR,
Context: f.Context,

6
internal/httpclient/api/openapi.yaml
View File

@ -3256,7 +3256,6 @@ components:
- acr_values
- acr_values
display: display
device_challenge_id: device_challenge_id
skip: true
request_url: request_url
acr: acr
@ -3396,10 +3395,6 @@ components:
context:
title: "JSONRawMessage represents a json.RawMessage that works well with\
\ JSON, SQL, and Swagger."
device_challenge_id:
description: "DeviceChallenge is the device challenge this consent challenge\
\ belongs to, if this flow was initiated by a device."
type: string
login_challenge:
description: |-
LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate
@ -3536,7 +3531,6 @@ components:
- acr_values
- acr_values
display: display
device_challenge_id: device_challenge_id
skip: true
request_url: request_url
acr: acr

26
internal/httpclient/docs/OAuth2ConsentRequest.md
View File

@ -10,7 +10,6 @@ Name | Type | Description | Notes
**Client** | Pointer to [**OAuth2Client**](OAuth2Client.md) | | [optional]
**ConsentRequestId** | Pointer to **string** | ConsentRequestID is the ID of the consent request. | [optional]
**Context** | Pointer to **interface{}** | | [optional]
**DeviceChallengeId** | Pointer to **string** | DeviceChallenge is the device challenge this consent challenge belongs to, if this flow was initiated by a device. | [optional]
**LoginChallenge** | Pointer to **string** | LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate a login and consent request in the login & consent app. | [optional]
**LoginSessionId** | Pointer to **string** | LoginSessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the \"sid\" parameter in the ID Token and in OIDC Front-/Back- channel logout. It's value can generally be used to associate consecutive login requests by a certain user. | [optional]
**OidcContext** | Pointer to [**OAuth2ConsentRequestOpenIDConnectContext**](OAuth2ConsentRequestOpenIDConnectContext.md) | | [optional]
@ -194,31 +193,6 @@ HasContext returns a boolean if a field has been set.
`func (o *OAuth2ConsentRequest) UnsetContext()`
UnsetContext ensures that no value is present for Context, not even an explicit nil
### GetDeviceChallengeId
`func (o *OAuth2ConsentRequest) GetDeviceChallengeId() string`
GetDeviceChallengeId returns the DeviceChallengeId field if non-nil, zero value otherwise.
### GetDeviceChallengeIdOk
`func (o *OAuth2ConsentRequest) GetDeviceChallengeIdOk() (*string, bool)`
GetDeviceChallengeIdOk returns a tuple with the DeviceChallengeId field if it's non-nil, zero value otherwise
and a boolean to check if the value has been set.
### SetDeviceChallengeId
`func (o *OAuth2ConsentRequest) SetDeviceChallengeId(v string)`
SetDeviceChallengeId sets DeviceChallengeId field to given value.
### HasDeviceChallengeId
`func (o *OAuth2ConsentRequest) HasDeviceChallengeId() bool`
HasDeviceChallengeId returns a boolean if a field has been set.
### GetLoginChallenge
`func (o *OAuth2ConsentRequest) GetLoginChallenge() string`

37
internal/httpclient/model_o_auth2_consent_request.go
View File

@ -31,8 +31,6 @@ type OAuth2ConsentRequest struct {
// ConsentRequestID is the ID of the consent request.
ConsentRequestId *string `json:"consent_request_id,omitempty"`
Context interface{} `json:"context,omitempty"`
// DeviceChallenge is the device challenge this consent challenge belongs to, if this flow was initiated by a device.
DeviceChallengeId *string `json:"device_challenge_id,omitempty"`
// LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate a login and consent request in the login & consent app.
LoginChallenge *string `json:"login_challenge,omitempty"`
// LoginSessionID is the login session ID. If the user-agent reuses a login session (via cookie / remember flag) this ID will remain the same. If the user-agent did not have an existing authentication session (e.g. remember is false) this will be a new random value. This value is used as the \"sid\" parameter in the ID Token and in OIDC Front-/Back- channel logout. It's value can generally be used to associate consecutive login requests by a certain user.
@ -253,38 +251,6 @@ func (o *OAuth2ConsentRequest) SetContext(v interface{}) {
o.Context = v
}
// GetDeviceChallengeId returns the DeviceChallengeId field value if set, zero value otherwise.
func (o *OAuth2ConsentRequest) GetDeviceChallengeId() string {
if o == nil || IsNil(o.DeviceChallengeId) {
var ret string
return ret
}
return *o.DeviceChallengeId
}
// GetDeviceChallengeIdOk returns a tuple with the DeviceChallengeId field value if set, nil otherwise
// and a boolean to check if the value has been set.
func (o *OAuth2ConsentRequest) GetDeviceChallengeIdOk() (*string, bool) {
if o == nil || IsNil(o.DeviceChallengeId) {
return nil, false
}
return o.DeviceChallengeId, true
}
// HasDeviceChallengeId returns a boolean if a field has been set.
func (o *OAuth2ConsentRequest) HasDeviceChallengeId() bool {
if o != nil && !IsNil(o.DeviceChallengeId) {
return true
}
return false
}
// SetDeviceChallengeId gets a reference to the given string and assigns it to the DeviceChallengeId field.
func (o *OAuth2ConsentRequest) SetDeviceChallengeId(v string) {
o.DeviceChallengeId = &v
}
// GetLoginChallenge returns the LoginChallenge field value if set, zero value otherwise.
func (o *OAuth2ConsentRequest) GetLoginChallenge() string {
if o == nil || IsNil(o.LoginChallenge) {
@ -567,9 +533,6 @@ func (o OAuth2ConsentRequest) ToMap() (map[string]interface{}, error) {
if o.Context != nil {
toSerialize["context"] = o.Context
}
if !IsNil(o.DeviceChallengeId) {
toSerialize["device_challenge_id"] = o.DeviceChallengeId
}
if !IsNil(o.LoginChallenge) {
toSerialize["login_challenge"] = o.LoginChallenge
}

1
oauth2/.snapshots/TestAuthCodeFlowE2E-auth_code_flow-strategy=jwt-access_and_id_tokens_with_extra_claims_consent_request.json
View File

@ -41,7 +41,6 @@
"subject_type": "",
"tos_uri": ""
},
"device_challenge_id": "",
"oidc_context": {},
"requested_access_token_audience": [],
"requested_scope": [

1
oauth2/.snapshots/TestAuthCodeFlowE2E-auth_code_flow-strategy=opaque-access_and_id_tokens_with_extra_claims_consent_request.json
View File

@ -41,7 +41,6 @@
"subject_type": "",
"tos_uri": ""
},
"device_challenge_id": "",
"oidc_context": {},
"requested_access_token_audience": [],
"requested_scope": [

2
oauth2/oauth2_device_code_test.go
View File

@ -837,7 +837,7 @@ func TestDeviceCodeWithDefaultStrategy(t *testing.T) {
loginFlowResp2, err := hc.Get(acceptResp.RedirectTo)
require.NoError(t, err)
require.Equal(t, http.StatusForbidden, loginFlowResp2.StatusCode)
require.Equalf(t, http.StatusForbidden, loginFlowResp2.StatusCode, "requested %q", acceptResp.RedirectTo)
})
}

4
spec/api.json
View File

@ -974,10 +974,6 @@
"context": {
"$ref": "#/components/schemas/JSONRawMessage"
},
"device_challenge_id": {
"description": "DeviceChallenge is the device challenge this consent challenge belongs to, if this flow was initiated by a device.",
"type": "string"
},
"login_challenge": {
"description": "LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate\na login and consent request in the login \u0026 consent app.",
"type": "string"

4
spec/swagger.json
View File

@ -3112,10 +3112,6 @@
"context": {
"$ref": "#/definitions/JSONRawMessage"
},
"device_challenge_id": {
"description": "DeviceChallenge is the device challenge this consent challenge belongs to, if this flow was initiated by a device.",
"type": "string"
},
"login_challenge": {
"description": "LoginChallenge is the login challenge this consent challenge belongs to. It can be used to associate\na login and consent request in the login \u0026 consent app.",
"type": "string"