Go
In this document you can find code examples for the Ory Hydra Go SDK.
The Ory Hydra Go SDK is generated using go-swagger.
danger
Don't consume the /oauth2/auth and /oauth2/token endpoints using this SDK. Use
golang.org/x/oauth2. For more information visit the
Using OAuth2 guide.
info
Missing an example? Please create a feature request and it will be added here.
You can find more auto-generated examples of SDK usage in the documentation
hydra-client-go.
Installation
To install the Go SDK, run:
go get github.com/ory/hydra-client-go@<version-you-want>
Configuration
The following code example shows how to set up and configure Ory Hydra using the Go SDK:
package main
import (
client "github.com/ory/hydra-client-go"
)
func main() {
configuration := client.NewConfiguration()
configuration.Servers = []client.ServerConfiguration{
{
URL: "http://localhost:4445", // Admin API URL
},
}
// admin := client.NewAPIClient(configuration)
// admin.OAuth2Api.CreateOAuth2Client(...
configuration.Servers = []client.ServerConfiguration{
{
URL: "http://localhost:4445", // Public API URL
},
}
// hydraPublic := client.NewAPIClient(configuration)
// public.PublicApi.RevokeOAuth2Token(...
}
Making requests
The following code example shows how to make requests to the Ory Hydra Public API. In this example the request is used to create an OAuth 2.0 client:
package main
import (
"context"
"fmt"
"net/http"
"os"
client "github.com/ory/hydra-client-go"
)
func main() {
clientName := "example_client"
oAuth2Client := *client.NewOAuth2Client() // OAuth2Client |
oAuth2Client.SetClientId("example_client_id")
oAuth2Client.SetClientName(clientName)
configuration := client.NewConfiguration()
configuration.Servers = []client.ServerConfiguration{
{
URL: "http://localhost:4445", // Public API URL
},
}
apiClient := client.NewAPIClient(configuration)
resp, r, err := apiClient.OAuth2Api.CreateOAuth2Client(context.Background()).OAuth2Client(oAuth2Client).Execute()
if err != nil {
switch r.StatusCode {
case http.StatusConflict:
fmt.Fprintf(os.Stderr, "Conflict when creating oAuth2Client: %v\n", err)
default:
fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.CreateOAuth2Client``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
}
// response from `CreateOAuth2Client`: OAuth2Client
fmt.Fprintf(os.Stdout, "Created client with name %s\n", resp.GetClientName())
limit := int64(20)
offset := int64(0)
clients, r, err := apiClient.OAuth2Api.ListOAuth2Clients(context.Background()).Limit(limit).Offset(offset).ClientName(clientName).Execute()
if err != nil {
fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.ListOAuth2Clients``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
fmt.Fprintf(os.Stdout, "We have %d clients\n", len(clients))
fmt.Fprintf(os.Stdout, "First client name: %s\n", clients[0].GetClientName())
}
With Authentication
Some endpoints require basic authentication. The following code example shows how to make an authenticated request to the Ory Hydra Admin API:
package main
import (
"context"
"encoding/base64"
"fmt"
"net/http"
client "github.com/ory/hydra-client-go"
)
type BasicAuthTransport struct {
Username string
Password string
}
func (t BasicAuthTransport) RoundTrip(req *http.Request) (*http.Response, error) {
req.Header.Set("Authorization", fmt.Sprintf("Basic %s",
base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s",
t.Username, t.Password)))))
return http.DefaultTransport.RoundTrip(req)
}
func main() {
config := client.NewConfiguration()
config.Servers = []client.ServerConfiguration{
{
URL: "http://localhost:4445", // Admin API
},
}
c := client.NewAPIClient(config)
config.HTTPClient.Transport = BasicAuthTransport{Username: "foo", Password: "bar"}
req := c.OAuth2Api.GetOAuth2ConsentRequest(context.Background()).ConsentChallenge("consentChallenge_example")
fmt.Println(req.Execute())
}
Status codes and error handling
The following code example shows how to handle errors and status codes:
package main
import (
"context"
"fmt"
"net/http"
"os"
client "github.com/ory/hydra-client-go"
)
func main() {
consentChallenge := "consentChallenge_example" // string |
configuration := client.NewConfiguration()
configuration.Servers = []client.ServerConfiguration{
{
URL: "http://localhost:4445", // Admin API
},
}
apiClient := client.NewAPIClient(configuration)
resp, r, err := apiClient.OAuth2Api.GetOAuth2ConsentRequest(context.Background()).ConsentChallenge(consentChallenge).Execute()
if err != nil {
switch r.StatusCode {
case http.StatusNotFound:
// Accessing to response details
// cast err to *client.GenericOpenAPIError object first and then
// to your desired type
notFound, ok := err.(*client.GenericOpenAPIError).Model().(client.JsonError)
fmt.Println(ok)
fmt.Println(*notFound.ErrorDescription)
case http.StatusGone:
r, ok := err.(*client.GenericOpenAPIError).Model().(client.RequestWasHandledResponse)
fmt.Println(r, ok)
fmt.Println("It's gone")
default:
fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.GetOAuth2ConsentRequest``: %v\n", err)
fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
}
}
// response from `GetConsentRequest`: ConsentRequest
fmt.Fprintf(os.Stdout, "Response from `OAuth2Api.GetOAuth2ConsentRequest`: %v\n", resp)
}
On every request
You may want to protect Ory Hydra using OAuth2 Access Tokens. In that case, you can enhance the SDK by using the OAuth2 Client:
package main
import (
"context"
client "github.com/ory/hydra-client-go"
"golang.org/x/oauth2/clientcredentials"
)
func main() {
config := client.NewConfiguration()
config.Servers = []client.ServerConfiguration{
{
URL: "http://localhost:4444", // Public API URL
},
}
creds := clientcredentials.Config{
TokenURL: "http://hydra.localhost:4444/oauth2/token",
ClientID: "my-client",
ClientSecret: "my-secret",
Scopes: []string{"scope-a", "scope-b"},
}
config.HTTPClient = creds.Client(context.TODO())
c := client.NewAPIClient(config)
req := c.PublicApi.RevokeOAuth2Token(context.TODO())
req.Execute()
}
Fake TLS termination
You can set Ory Hydra to HTTPS mode without actually accepting TLS connections, visit Preparing for Production to learn more. The following code example shows how to configure Ory Hydra to fake a TLS termination:
package main
import (
"context"
"fmt"
"net/http"
client "github.com/ory/hydra-client-go"
)
func main() {
tlsTermClient := new(http.Client)
rt := WithHeader(tlsTermClient.Transport)
rt.Set("X-Forwarded-Proto", "https")
tlsTermClient.Transport = rt
config := client.NewConfiguration()
config.Servers = []client.ServerConfiguration{
{
URL: "https://hydra.localhost:4444", // Public API URL
},
}
config.HTTPClient = tlsTermClient
c := client.NewAPIClient(config)
fmt.Println(c.PublicApi.RevokeOAuth2Token(context.Background()).Token("some_token").Execute())
// ...
}
type withHeader struct {
http.Header
rt http.RoundTripper
}
func WithHeader(rt http.RoundTripper) withHeader {
if rt == nil {
rt = http.DefaultTransport
}
return withHeader{Header: make(http.Header), rt: rt}
}
func (h withHeader) RoundTrip(req *http.Request) (*http.Response, error) {
for k, v := range h.Header {
req.Header[k] = v
}
return h.rt.RoundTrip(req)
}
Skip TLS verification
When using self-signed certificates we need to skip the TLS verification and accept all certificates. In production deployments, you would use a certificate signed by a trusted CA. The following code example shows how to configure Ory Hydra to skip the TLS verification:
package main
import (
"context"
"crypto/tls"
"fmt"
"net/http"
client "github.com/ory/hydra-client-go"
)
func main() {
skipTLSClient := &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
},
Timeout: 10,
}
config := client.NewConfiguration()
config.Servers = []client.ServerConfiguration{
{
URL: "https://hydra.localhost:4444", // Public API URL
},
}
config.HTTPClient = skipTLSClient
c := client.NewAPIClient(config)
fmt.Println(c.PublicApi.RevokeOAuth2Token(context.Background()).Token("some_token").Execute())
// ...
}