Skip to content

Commit

Permalink
feat(auth): add AuthenticationSpec support
Browse files Browse the repository at this point in the history
  • Loading branch information
@whg517
whg517 committed Sep 29, 2024
1 parent e652b0c commit d0cfe99
Show file tree
Hide file tree
Showing 2 changed files with 61 additions and 0 deletions.
21 changes: 21 additions & 0 deletions pkg/apis/authentication/v1alpha1/types.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package v1alpha1

type AuthenticationSpec struct {
// +kubebuilder:validation:Required
AuthenticationClass string `json:"authenticationClass"`
Oidc *OidcSpec `json:"oidc,omitempty"`
}

// OidcSpec defines the OIDC spec.
type OidcSpec struct {
// OIDC client credentials secret. It must contain the following keys:
// - `CLIENT_ID`: The client ID of the OIDC client.
// - `CLIENT_SECRET`: The client secret of the OIDC client.
// credentials will omit to pod environment variables.
// +kubebuilder:validation:Required
ClientCredentialsSecret string `json:"clientCredentialsSecret"`

// Extra scopes to request during the OIDC flow. e.g. `["email", "profile"]`
// +kubebuilder:validation:Optional
ExtraScopes []string `json:"extraScopes,omitempty"`
}
40 changes: 40 additions & 0 deletions pkg/apis/authentication/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit d0cfe99

Please sign in to comment.