Please refer to the user guide for in-depth documentation: https://ory.gitbooks.io/hydra/content/ Hydra offers OAuth 2.0 and OpenID Connect Core 1.0 capabilities as a service. Hydra is different, because it works with any existing authentication infrastructure, not just LDAP or SAML. By implementing a consent app (works with any programming language) you build a bridge between Hydra and your authentication infrastructure. Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Hydra is suitable for green- (new) and brownfield (existing) projects. If you are not familiar with OAuth 2.0 and are working on a greenfield project, we recommend evaluating if OAuth 2.0 really serves your purpose. Knowledge of OAuth 2.0 is imperative in understanding what Hydra does and how it works. The official repository is located at https://github.com/ory/hydra
This PHP package is automatically generated by the Swagger Codegen project:
- API version: Latest
- Build package: io.swagger.codegen.languages.PhpClientCodegen For more information, please visit https://www.ory.am
PHP 5.5 and later
To install the bindings via Composer, add the following to composer.json:
{
"repositories": [
{
"type": "git",
"url": "https://github.com/harborfront/ory-hydra-php-client.git"
}
],
"require": {
"harborfront/ory-hydra-php-client": "*@dev"
}
}
Then run composer install
Download the files and include autoload.php:
require_once('/path/to/hydra-php-client/vendor/autoload.php');To run the unit tests:
composer install
./vendor/bin/phpunit
Please follow the installation procedure and then run the following:
<?php
require_once(__DIR__ . '/vendor/autoload.php');
// Configure OAuth2 access token for authorization: oauth2
Ory\Hydra\Configuration::getDefaultConfiguration()->setAccessToken('YOUR_ACCESS_TOKEN');
$api_instance = new Ory\Hydra\Api\ClientsApi();
$body = new \Ory\Hydra\Model\OauthClient(); // \Ory\Hydra\Model\OauthClient |
try {
$result = $api_instance->createOAuthClient($body);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling ClientsApi->createOAuthClient: ', $e->getMessage(), PHP_EOL;
}
?>All URIs are relative to http://localhost
| Class | Method | HTTP request | Description |
|---|---|---|---|
| ClientsApi | createOAuthClient | POST /clients | Creates an OAuth 2.0 Client |
| ClientsApi | deleteOAuthClient | DELETE /clients/{id} | Deletes an OAuth 2.0 Client |
| ClientsApi | getOAuthClient | GET /clients/{id} | Fetches an OAuth 2.0 Client. |
| ClientsApi | listOAuthClients | GET /clients | Lists OAuth 2.0 Clients |
| ClientsApi | updateOAuthClient | PUT /clients/{id} | Updates an OAuth 2.0 Client |
| DefaultApi | health | GET /health | |
| GroupsApi | addMembersToGroup | POST /warden/groups/{id}/members | Add members to a group |
| GroupsApi | createGroup | POST /warden/groups | Create a group |
| GroupsApi | deleteGroup | DELETE /warden/groups/{id} | Delete a group by id |
| GroupsApi | findGroupsByMember | GET /warden/groups | Find group IDs by member |
| GroupsApi | getGroup | GET /warden/groups/{id} | Get a group by id |
| GroupsApi | removeMembersFromGroup | DELETE /warden/groups/{id}/members | Remove members from a group |
| HealthApi | getStatistics | GET /health/stats | Show instance statistics |
| JwksApi | createJwkKey | POST /keys/{set} | Generate a new JSON Web Key |
| JwksApi | deleteJwkKey | DELETE /keys/{set}/{kid} | Delete a JSON Web Key |
| JwksApi | deleteJwkSet | DELETE /keys/{set} | Delete a JSON Web Key |
| JwksApi | getJwkSet | GET /keys/{set} | Retrieves a JSON Web Key Set matching the set |
| JwksApi | getJwkSetKey | GET /keys/{set}/{kid} | Retrieves a JSON Web Key Set matching the set and the kid |
| JwksApi | updateJwkKey | PUT /keys/{set}/{kid} | Updates a JSON Web Key |
| JwksApi | updateJwkSet | PUT /keys/{set} | Updates a JSON Web Key Set |
| JwksApi | wellKnown | GET /.well-known/jwks.json | Public JWKs |
| Oauth2Api | createOAuthClient | POST /clients | Creates an OAuth 2.0 Client |
| Oauth2Api | deleteOAuthClient | DELETE /clients/{id} | Deletes an OAuth 2.0 Client |
| Oauth2Api | getOAuthClient | GET /clients/{id} | Fetches an OAuth 2.0 Client. |
| Oauth2Api | introspectOAuthToken | POST /oauth2/introspect | Introspect an OAuth2 access token |
| Oauth2Api | listOAuthClients | GET /clients | Lists OAuth 2.0 Clients |
| Oauth2Api | oauthAuth | GET /oauth2/auth | The OAuth 2.0 Auth endpoint |
| Oauth2Api | oauthToken | POST /oauth2/token | The OAuth 2.0 Token endpoint |
| Oauth2Api | revokeOAuthToken | POST /oauth2/revoke | Revoke an OAuth2 access token |
| Oauth2Api | updateOAuthClient | PUT /clients/{id} | Updates an OAuth 2.0 Client |
| Oauth2Api | wellKnown | GET /.well-known/jwks.json | Public JWKs |
| Oauth2Api | wellKnownHandler | GET /.well-known/openid-configuration | Server well known configuration |
| OpenidconnectApi | wellKnown | GET /.well-known/jwks.json | Public JWKs |
| OpenidconnectApi | wellKnownHandler | GET /.well-known/openid-configuration | Server well known configuration |
| PoliciesApi | createPolicy | POST /policies | Create an access control policy |
| PoliciesApi | deletePolicy | DELETE /policies/{id} | Delete an access control policy |
| PoliciesApi | getPolicy | GET /policies/{id} | Get an access control policy |
| PoliciesApi | listPolicies | GET /policies | List access control policies |
| PoliciesApi | updatePolicy | PUT /policies/{id} | Update an access control policy |
| WardenApi | addMembersToGroup | POST /warden/groups/{id}/members | Add members to a group |
| WardenApi | createGroup | POST /warden/groups | Create a group |
| WardenApi | deleteGroup | DELETE /warden/groups/{id} | Delete a group by id |
| WardenApi | findGroupsByMember | GET /warden/groups | Find group IDs by member |
| WardenApi | getGroup | GET /warden/groups/{id} | Get a group by id |
| WardenApi | removeMembersFromGroup | DELETE /warden/groups/{id}/members | Remove members from a group |
| WardenApi | wardenAllowed | POST /warden/allowed | Check if a subject is allowed to do something |
| WardenApi | wardenTokenAllowed | POST /warden/token/allowed | Check if the subject of a token is allowed to do something |
- AllowedRequest
- Body
- ConsentStrategy
- Context
- CreateRequest
- Duration
- FieldLogger
- Firewall
- Group
- Handler
- Headers
- IDTokenClaims
- InlineResponse200
- InlineResponse2001
- InlineResponse2002
- InlineResponse2003
- InlineResponse401
- Jwk
- JwkSet
- Manager
- MembersRequest
- OAuth2Provider
- OauthClient
- Policy
- PolicyConditions
- Session
- Store
- SwaggerCreatePolicyParameters
- SwaggerGetPolicyParameters
- SwaggerJwkCreateKey
- SwaggerJwkSetKeyQuery
- SwaggerJwkSetQuery
- SwaggerJwkUpdateKey
- SwaggerJwkUpdateSet
- SwaggerListPolicyParameters
- SwaggerListPolicyResponse
- SwaggerUpdatePolicyParameters
- SwaggerWardenAllowedParameters
- SwaggerWardenAllowedResponse
- SwaggerWardenAllowedResponseBody
- SwaggerWardenTokenAllowedParameters
- SwaggerWardenTokenAllowedResponse
- SwaggerWardenTokenAllowedResponseBody
- TokenAllowedRequest
- URL
- Userinfo
- WardenTokenAllowedBody
- WellKnown
- Writer
- Type: OAuth
- Flow: accessCode
- Authorization URL: /oauth2/auth
- Scopes:
- hydra.clients: A scope required to manage OAuth 2.0 Clients
- hydra.groups: A scope required to manage warden groups
- hydra.keys.create: A scope required to create JSON Web Keys
- hydra.keys.delete: A scope required to delete JSON Web Keys
- hydra.keys.get: A scope required to fetch JSON Web Keys
- hydra.keys.update: A scope required to get JSON Web Keys
- hydra.policies: A scope required to manage access control policies
- hydra.warden: A scope required to make access control inquiries
- offline: A scope required when requesting refresh tokens
- openid: Request an OpenID Connect ID Token