feat: allow postLogoutRedirectsUris to be set (#54)
Closes #51 Signed-off-by: Clément BUCHART <clement@buchart.dev>
This commit is contained in:
Clément BUCHART
GitHub
@ -84,6 +84,9 @@ type OAuth2ClientSpec struct {
|
||||
// RedirectURIs is an array of the redirect URIs allowed for the application
|
||||
RedirectURIs []RedirectURI `json:"redirectUris,omitempty"`
|
||||
|
||||
// PostLogoutRedirectURIs is an array of the post logout redirect URIs allowed for the application
|
||||
PostLogoutRedirectURIs []RedirectURI `json:"postLogoutRedirectUris,omitempty"`
|
||||
|
||||
// Audience is a whitelist defining the audiences this client is allowed to request tokens for
|
||||
Audience []string `json:"audience,omitempty"`
|
||||
|
||||
@ -105,7 +108,7 @@ type OAuth2ClientSpec struct {
|
||||
// this client
|
||||
HydraAdmin HydraAdmin `json:"hydraAdmin,omitempty"`
|
||||
|
||||
// +kubebuilder:validation:Enum=;client_secret_basic;client_secret_post;private_key_jwt;none
|
||||
// +kubebuilder:validation:Enum=client_secret_basic;client_secret_post;private_key_jwt;none
|
||||
//
|
||||
// Indication which authentication method shoud be used for the token endpoint
|
||||
TokenEndpointAuthMethod TokenEndpointAuthMethod `json:"tokenEndpointAuthMethod,omitempty"`
|
||||
@ -126,7 +129,7 @@ type ResponseType string
|
||||
// RedirectURI represents a redirect URI for the client
|
||||
type RedirectURI string
|
||||
|
||||
// +kubebuilder:validation:Enum=;client_secret_basic;client_secret_post;private_key_jwt;none
|
||||
// +kubebuilder:validation:Enum=client_secret_basic;client_secret_post;private_key_jwt;none
|
||||
// TokenEndpointAuthMethod represents an authentication method for token endpoint
|
||||
type TokenEndpointAuthMethod string
|
||||
|
||||
@ -176,6 +179,7 @@ func (c *OAuth2Client) ToOAuth2ClientJSON() *hydra.OAuth2ClientJSON {
|
||||
GrantTypes: grantToStringSlice(c.Spec.GrantTypes),
|
||||
ResponseTypes: responseToStringSlice(c.Spec.ResponseTypes),
|
||||
RedirectURIs: redirectToStringSlice(c.Spec.RedirectURIs),
|
||||
PostLogoutRedirectURIs: redirectToStringSlice(c.Spec.PostLogoutRedirectURIs),
|
||||
Audience: c.Spec.Audience,
|
||||
Scope: c.Spec.Scope,
|
||||
Owner: fmt.Sprintf("%s/%s", c.Name, c.Namespace),
|
||||
|
||||
@ -106,6 +106,7 @@ func TestCreateAPI(t *testing.T) {
|
||||
"invalid scope": func() { created.Spec.Scope = "" },
|
||||
"missing secret name": func() { created.Spec.SecretName = "" },
|
||||
"invalid redirect URI": func() { created.Spec.RedirectURIs = []RedirectURI{"invalid"} },
|
||||
"invalid logout redirect URI": func() { created.Spec.PostLogoutRedirectURIs = []RedirectURI{"invalid"} },
|
||||
"invalid hydra url": func() { created.Spec.HydraAdmin.URL = "invalid" },
|
||||
"invalid hydra port high": func() { created.Spec.HydraAdmin.Port = 65536 },
|
||||
"invalid hydra endpoint": func() { created.Spec.HydraAdmin.Endpoint = "invalid" },
|
||||
|
||||
@ -20,6 +20,7 @@ limitations under the License.
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
@ -115,7 +116,22 @@ func (in *OAuth2ClientSpec) DeepCopyInto(out *OAuth2ClientSpec) {
|
||||
*out = make([]RedirectURI, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.PostLogoutRedirectURIs != nil {
|
||||
in, out := &in.PostLogoutRedirectURIs, &out.PostLogoutRedirectURIs
|
||||
*out = make([]RedirectURI, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.Audience != nil {
|
||||
in, out := &in.Audience, &out.Audience
|
||||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
out.HydraAdmin = in.HydraAdmin
|
||||
if in.Metadata != nil {
|
||||
in, out := &in.Metadata, &out.Metadata
|
||||
*out = make(json.RawMessage, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OAuth2ClientSpec.
|
||||
|
||||
Reference in New Issue
Block a user