Ory Hydra Go
In this document you can find code examples for the Ory Hydra Go SDK.
The Ory Hydra Go SDK is generated using go-swagger.
Don't consume the /oauth2/auth and /oauth2/token endpoints using this SDK. Use
golang.org/x/oauth2. For more information visit the
Using OAuth2 guide.
Missing an example? Please create a feature request and it will be added here.
You can find more auto-generated examples of SDK usage in the documentation
hydra-client-go.
Installation
To install the Go SDK, run:
go get github.com/ory/hydra-client-go@<version-you-want>
Configuration
The following code example shows how to set up and configure Ory Hydra using the Go SDK:
package main
import (
  client "github.com/ory/hydra-client-go"
)
func main() {
  configuration := client.NewConfiguration()
  configuration.Servers = []client.ServerConfiguration{
    {
      URL: "http://localhost:4445", // Admin API URL
    },
  }
  // admin := client.NewAPIClient(configuration)
  // admin.OAuth2Api.CreateOAuth2Client(...
  configuration.Servers = []client.ServerConfiguration{
    {
      URL: "http://localhost:4445", // Public API URL
    },
  }
  // hydraPublic := client.NewAPIClient(configuration)
  // public.PublicApi.RevokeOAuth2Token(...
}
Making requests
The following code example shows how to make requests to the Ory Hydra Public API. In this example the request is used to create an OAuth 2.0 client:
package main
import (
  "context"
  "fmt"
  "net/http"
  "os"
  client "github.com/ory/hydra-client-go"
)
func main() {
  clientName := "example_client"
  oAuth2Client := *client.NewOAuth2Client() // OAuth2Client |
  oAuth2Client.SetClientId("example_client_id")
  oAuth2Client.SetClientName(clientName)
  configuration := client.NewConfiguration()
  configuration.Servers = []client.ServerConfiguration{
    {
      URL: "http://localhost:4445", // Public API URL
    },
  }
  apiClient := client.NewAPIClient(configuration)
  resp, r, err := apiClient.OAuth2Api.CreateOAuth2Client(context.Background()).OAuth2Client(oAuth2Client).Execute()
  if err != nil {
    switch r.StatusCode {
    case http.StatusConflict:
      fmt.Fprintf(os.Stderr, "Conflict when creating oAuth2Client: %v\n", err)
    default:
      fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.CreateOAuth2Client``: %v\n", err)
      fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
  }
  // response from `CreateOAuth2Client`: OAuth2Client
  fmt.Fprintf(os.Stdout, "Created client with name %s\n", resp.GetClientName())
  limit := int64(20)
  offset := int64(0)
  clients, r, err := apiClient.OAuth2Api.ListOAuth2Clients(context.Background()).Limit(limit).Offset(offset).ClientName(clientName).Execute()
  if err != nil {
    fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.ListOAuth2Clients``: %v\n", err)
    fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
  }
  fmt.Fprintf(os.Stdout, "We have %d clients\n", len(clients))
  fmt.Fprintf(os.Stdout, "First client name: %s\n", clients[0].GetClientName())
}
With Authentication
Some endpoints require basic authentication. The following code example shows how to make an authenticated request to the Ory Hydra Admin API:
package main
import (
  "context"
  "encoding/base64"
  "fmt"
  "net/http"
  client "github.com/ory/hydra-client-go"
)
type BasicAuthTransport struct {
  Username string
  Password string
}
func (t BasicAuthTransport) RoundTrip(req *http.Request) (*http.Response, error) {
  req.Header.Set("Authorization", fmt.Sprintf("Basic %s",
    base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s",
      t.Username, t.Password)))))
  return http.DefaultTransport.RoundTrip(req)
}
func main() {
  config := client.NewConfiguration()
  config.Servers = []client.ServerConfiguration{
    {
      URL: "http://localhost:4445", // Admin API
    },
  }
  c := client.NewAPIClient(config)
  config.HTTPClient.Transport = BasicAuthTransport{Username: "foo", Password: "bar"}
  req := c.OAuth2Api.GetOAuth2ConsentRequest(context.Background()).ConsentChallenge("consentChallenge_example")
  fmt.Println(req.Execute())
}
Status codes and error handling
The following code example shows how to handle errors and status codes:
package main
import (
  "context"
  "fmt"
  "net/http"
  "os"
  client "github.com/ory/hydra-client-go"
)
func main() {
  consentChallenge := "consentChallenge_example" // string |
  configuration := client.NewConfiguration()
  configuration.Servers = []client.ServerConfiguration{
    {
      URL: "http://localhost:4445", // Admin API
    },
  }
  apiClient := client.NewAPIClient(configuration)
  resp, r, err := apiClient.OAuth2Api.GetOAuth2ConsentRequest(context.Background()).ConsentChallenge(consentChallenge).Execute()
  if err != nil {
    switch r.StatusCode {
    case http.StatusNotFound:
      // Accessing to response details
      // cast err to *client.GenericOpenAPIError object first and then
      // to your desired type
      notFound, ok := err.(*client.GenericOpenAPIError).Model().(client.JsonError)
      fmt.Println(ok)
      fmt.Println(*notFound.ErrorDescription)
    case http.StatusGone:
      r, ok := err.(*client.GenericOpenAPIError).Model().(client.RequestWasHandledResponse)
      fmt.Println(r, ok)
      fmt.Println("It's gone")
    default:
      fmt.Fprintf(os.Stderr, "Error when calling `OAuth2Api.GetOAuth2ConsentRequest``: %v\n", err)
      fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
  }
  // response from `GetConsentRequest`: ConsentRequest
  fmt.Fprintf(os.Stdout, "Response from `OAuth2Api.GetOAuth2ConsentRequest`: %v\n", resp)
}
On every request
You may want to protect Ory Hydra using OAuth2 Access Tokens. In that case, you can enhance the SDK by using the OAuth2 Client:
package main
import (
  "context"
  client "github.com/ory/hydra-client-go"
  "golang.org/x/oauth2/clientcredentials"
)
func main() {
  config := client.NewConfiguration()
  config.Servers = []client.ServerConfiguration{
    {
      URL: "http://localhost:4444", // Public API URL
    },
  }
  creds := clientcredentials.Config{
    TokenURL:     "http://hydra.localhost:4444/oauth2/token",
    ClientID:     "my-client",
    ClientSecret: "my-secret",
    Scopes:       []string{"scope-a", "scope-b"},
  }
  config.HTTPClient = creds.Client(context.TODO())
  c := client.NewAPIClient(config)
  req := c.PublicApi.RevokeOAuth2Token(context.TODO())
  req.Execute()
}
Fake TLS termination
You can set Ory Hydra to HTTPS mode without actually accepting TLS connections, visit the Preparing for Production document to learn more. The following code example shows how to configure Ory Hydra to fake a TLS termination:
package main
import (
  "context"
  "fmt"
  "net/http"
  client "github.com/ory/hydra-client-go"
)
func main() {
  tlsTermClient := new(http.Client)
  rt := WithHeader(tlsTermClient.Transport)
  rt.Set("X-Forwarded-Proto", "https")
  tlsTermClient.Transport = rt
  config := client.NewConfiguration()
  config.Servers = []client.ServerConfiguration{
    {
      URL: "https://hydra.localhost:4444", // Public API URL
    },
  }
  config.HTTPClient = tlsTermClient
  c := client.NewAPIClient(config)
  fmt.Println(c.PublicApi.RevokeOAuth2Token(context.Background()).Token("some_token").Execute())
  // ...
}
type withHeader struct {
  http.Header
  rt http.RoundTripper
}
func WithHeader(rt http.RoundTripper) withHeader {
  if rt == nil {
    rt = http.DefaultTransport
  }
  return withHeader{Header: make(http.Header), rt: rt}
}
func (h withHeader) RoundTrip(req *http.Request) (*http.Response, error) {
  for k, v := range h.Header {
    req.Header[k] = v
  }
  return h.rt.RoundTrip(req)
}
Skip TLS verification
When using self-signed certificates we need to skip the TLS verification and accept all certificates. In production deployments, you would use a certificate signed by a trusted CA. The following code example shows how to configure Ory Hydra to skip the TLS verification:
package main
import (
  "context"
  "crypto/tls"
  "fmt"
  "net/http"
  client "github.com/ory/hydra-client-go"
)
func main() {
  skipTLSClient := &http.Client{
    Transport: &http.Transport{
      TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
    },
    Timeout: 10,
  }
  config := client.NewConfiguration()
  config.Servers = []client.ServerConfiguration{
    {
      URL: "https://hydra.localhost:4444", // Public API URL
    },
  }
  config.HTTPClient = skipTLSClient
  c := client.NewAPIClient(config)
  fmt.Println(c.PublicApi.RevokeOAuth2Token(context.Background()).Token("some_token").Execute())
  // ...
}