Allow scope to be passed as array (#150)

* feat: Allow scope to be passed as array Scopes are currently passed as a scope string, separating scopes by spaces. Clients can grow to many scopes, resulting in a very long string. This change allows us to specify scopes using the property scopeArray. That way, we can separate scopes by newlines. Additionally, this allows us to comment a single scope temporarily or add a comment for a specific scope, e.g. as a reason why that client has this scope granted. * feat: Deprecate scope in favor of scopeArray * feat: Use kubebuilder:deprecatedversion
2024-10-14 10:06:41 +02:00
parent aa0bff206a
commit 44cd2371d9
7 changed files with 79 additions and 6 deletions
--- a/config/crd/bases/hydra.ory.sh_oauth2clients.yaml
+++ b/config/crd/bases/hydra.ory.sh_oauth2clients.yaml
@ -202,8 +202,16 @@ spec:
                    Scope is a string containing a space-separated list of scope values (as
                    described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client
                    can use when requesting access tokens.
-                  pattern: ([a-zA-Z0-9\.\*]+\s?)+
+                    Use scopeArray instead.
+                  pattern: ([a-zA-Z0-9\.\*]+\s?)*
                  type: string
+                scopeArray:
+                  description: |-
+                    Scope is an array of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749])
+                    that the client can use when requesting access tokens.
+                  items:
+                    type: string
+                  type: array
                secretName:
                  description:
                    SecretName points to the K8s secret that contains this
@ -301,7 +309,6 @@ spec:
                  type: object
              required:
                - grantTypes
-                - scope
                - secretName
              type: object
            status: