From d0cfe99f10f1923997d4ca2638c307af9308671d Mon Sep 17 00:00:00 2001
From: whg517 <huagang517@126.com>
Date: Sun, 29 Sep 2024 20:04:51 +0800
Subject: [PATCH] feat(auth): add AuthenticationSpec support

---
 pkg/apis/authentication/v1alpha1/types.go     | 21 ++++++++++
 .../v1alpha1/zz_generated.deepcopy.go         | 40 +++++++++++++++++++
 2 files changed, 61 insertions(+)
 create mode 100644 pkg/apis/authentication/v1alpha1/types.go

diff --git a/pkg/apis/authentication/v1alpha1/types.go b/pkg/apis/authentication/v1alpha1/types.go
new file mode 100644
index 0000000..88b2501
--- /dev/null
+++ b/pkg/apis/authentication/v1alpha1/types.go
@@ -0,0 +1,21 @@
+package v1alpha1
+
+type AuthenticationSpec struct {
+	// +kubebuilder:validation:Required
+	AuthenticationClass string    `json:"authenticationClass"`
+	Oidc                *OidcSpec `json:"oidc,omitempty"`
+}
+
+// OidcSpec defines the OIDC spec.
+type OidcSpec struct {
+	// OIDC client credentials secret. It must contain the following keys:
+	//   - `CLIENT_ID`: The client ID of the OIDC client.
+	//   - `CLIENT_SECRET`: The client secret of the OIDC client.
+	// credentials will omit to pod environment variables.
+	// +kubebuilder:validation:Required
+	ClientCredentialsSecret string `json:"clientCredentialsSecret"`
+
+	// Extra scopes to request during the OIDC flow. e.g. `["email", "profile"]`
+	// +kubebuilder:validation:Optional
+	ExtraScopes []string `json:"extraScopes,omitempty"`
+}
diff --git a/pkg/apis/authentication/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/authentication/v1alpha1/zz_generated.deepcopy.go
index 864e91a..b0280cd 100644
--- a/pkg/apis/authentication/v1alpha1/zz_generated.deepcopy.go
+++ b/pkg/apis/authentication/v1alpha1/zz_generated.deepcopy.go
@@ -154,6 +154,26 @@ func (in *AuthenticationProvider) DeepCopy() *AuthenticationProvider {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AuthenticationSpec) DeepCopyInto(out *AuthenticationSpec) {
+	*out = *in
+	if in.Oidc != nil {
+		in, out := &in.Oidc, &out.Oidc
+		*out = new(OidcSpec)
+		(*in).DeepCopyInto(*out)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationSpec.
+func (in *AuthenticationSpec) DeepCopy() *AuthenticationSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(AuthenticationSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LDAPFieldNames) DeepCopyInto(out *LDAPFieldNames) {
 	*out = *in
@@ -264,6 +284,26 @@ func (in *OIDCTls) DeepCopy() *OIDCTls {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *OidcSpec) DeepCopyInto(out *OidcSpec) {
+	*out = *in
+	if in.ExtraScopes != nil {
+		in, out := &in.ExtraScopes, &out.ExtraScopes
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OidcSpec.
+func (in *OidcSpec) DeepCopy() *OidcSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(OidcSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *StaticCredentialsSecret) DeepCopyInto(out *StaticCredentialsSecret) {
 	*out = *in