CadolesKube/hydra-maester
7
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: CadolesKube:996cd767b7ebdd12e9518dca65a2173a05afae94
Branches Tags
CadolesKube:master CadolesKube:issue-151
...
compare: CadolesKube:1ed6229e78754232c80a7515a294636bb73f08dc
Branches Tags
CadolesKube:issue-151 CadolesKube:master

10 Commits
996cd767b7 ... 1ed6229e78

Author SHA1 Message Date
William Petit
1ed6229e78 feat: add 'UserinfoSignedResponseAlg' attribute to hydra.ory.sh_oauth2clients CRD
Some checks failed
Format / format (push) Failing after 6m3s
Details
CI / Prepare Dependencies (pull_request) Successful in 18m21s
Details
CI / Detected Repo Changes (pull_request) Successful in 8s
Details
Docker Image Scan / docker (pull_request) Failing after 21m14s
Details
Format / format (pull_request) Failing after 4m54s
Details
Licenses / License compliance (pull_request) Successful in 7m42s
Details
CI / Lint GithubAction files (pull_request) Has been skipped
Details
CI / Compile and test (pull_request) Failing after 9m23s
Details
CI / Run integration tests (pull_request) Failing after 15m8s
Details
CI / Build docker image (pull_request) Has been skipped
Details
Conventional commits / Validate PR title (pull_request_target) Failing after 9s
Details
CI / release (pull_request) Has been skipped
Details
2025-03-07 15:09:16 +01:00
ory-bot
e9be45f0b4 chore: update repository templates to 83e71e6e97
Some checks failed
CI / Prepare Dependencies (push) Successful in 19m3s
Details
CI / Detected Repo Changes (push) Successful in 12s
Details
Docker Image Scan / docker (push) Failing after 22m30s
Details
Format / format (push) Successful in 9m19s
Details
Synchronize Issue Labels / Synchronize Issue Labels (push) Has been skipped
Details
Licenses / License compliance (push) Successful in 9m17s
Details
CI / Lint GithubAction files (push) Has been skipped
Details
CI / Compile and test (push) Has been skipped
Details
CI / Run integration tests (push) Has been skipped
Details
CI / Build docker image (push) Has been skipped
Details
CI / release (push) Has been skipped
Details
2025-01-02 13:55:45 +00:00
ory-bot
7ae57adaa1 autogen: update license overview 2025-01-02 12:56:25 +00:00
ory-bot
b04e0a4ab2 chore: update repository templates to 44efd83ab7 2025-01-02 12:21:33 +00:00
ory-bot
80bb30395b chore: update repository templates to c091d79648 2025-01-02 12:18:45 +00:00
ory-bot
e61e2e6041 chore: update repository templates to cb2a20fceb 2024-12-31 10:43:06 +00:00
ory-bot
7f165b64cc chore: update repository templates to 6dd5819712 2024-12-31 10:36:26 +00:00
ory-bot
0cc8ddf593 chore: update repository templates to b1eed8856c 2024-12-30 22:59:19 +00:00
ory-bot
d25e97d335 autogen: update license overview 2024-12-30 13:10:40 +00:00
aeneasr
050546c301 chore: update repository templates to cbb120bd7c 2024-12-30 12:53:35 +00:00
7 changed files with 549 additions and 379 deletions
Expand all files Collapse all files

14
.github/workflows/licenses.yml vendored
View File

@ -8,10 +8,12 @@ on:
push:
branches:
- main
- v3
- master
jobs:
check:
licenses:
name: License compliance
runs-on: ubuntu-latest
steps:
- name: Install script
@ -20,8 +22,14 @@ jobs:
token: ${{ secrets.ORY_BOT_PAT || secrets.GITHUB_TOKEN }}
- name: Check licenses
uses: ory/ci/licenses/check@master
- name: Write licenses
- name: Write, commit, push licenses
uses: ory/ci/licenses/write@master
if:
${{ github.ref == 'refs/heads/main' || github.ref ==
'refs/heads/master' }}
'refs/heads/master' || github.ref == 'refs/heads/v3' }}
with:
author-email:
${{ secrets.ORY_BOT_PAT &&
'60093411+ory-bot@users.noreply.github.com' ||
format('{0}@users.noreply.github.com', github.actor) }}
author-name: ${{ secrets.ORY_BOT_PAT && 'ory-bot' || github.actor }}

176
.reports/dep-licenses.csv Normal file
View File

@ -0,0 +1,176 @@
"github.com/go-logr/logr","Apache-2.0"
"github.com/asaskevich/govalidator","MIT"
"github.com/go-openapi/errors","Apache-2.0"
"github.com/go-openapi/runtime","Apache-2.0"
"github.com/go-openapi/strfmt","Apache-2.0"
"github.com/go-openapi/swag","Apache-2.0"
"github.com/google/uuid","BSD-3-Clause"
"github.com/josharian/intern","MIT"
"github.com/mailru/easyjson","MIT"
"github.com/mitchellh/mapstructure","MIT"
"github.com/oklog/ulid","Apache-2.0"
"go.mongodb.org/mongo-driver","Apache-2.0"
"golang.org/x/sync/errgroup","BSD-3-Clause"
"gopkg.in/yaml.v3","MIT"
"github.com/fsnotify/fsnotify","BSD-3-Clause"
"github.com/nxadm/tail","MIT"
"github.com/nxadm/tail/ratelimiter","MIT"
"github.com/onsi/ginkgo","MIT"
"github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable","MIT"
"golang.org/x/sys/unix","BSD-3-Clause"
"gopkg.in/tomb.v1","BSD-3-Clause"
"github.com/google/go-cmp/cmp","BSD-3-Clause"
"github.com/onsi/gomega","MIT"
"golang.org/x/net/html","BSD-3-Clause"
"golang.org/x/text","BSD-3-Clause"
"gopkg.in/yaml.v3","MIT"
"github.com/asaskevich/govalidator","MIT"
"github.com/beorn7/perks/quantile","MIT"
"github.com/cespare/xxhash/v2","MIT"
"github.com/davecgh/go-spew/spew","ISC"
"github.com/emicklei/go-restful/v3","MIT"
"github.com/evanphx/json-patch/v5","BSD-3-Clause"
"github.com/fsnotify/fsnotify","BSD-3-Clause"
"github.com/go-logr/logr","Apache-2.0"
"github.com/go-logr/stdr","Apache-2.0"
"github.com/go-logr/zapr","Apache-2.0"
"github.com/go-openapi/analysis","Apache-2.0"
"github.com/go-openapi/errors","Apache-2.0"
"github.com/go-openapi/jsonpointer","Apache-2.0"
"github.com/go-openapi/jsonreference","Apache-2.0"
"github.com/go-openapi/loads","Apache-2.0"
"github.com/go-openapi/runtime","Apache-2.0"
"github.com/go-openapi/runtime/middleware/denco","MIT"
"github.com/go-openapi/spec","Apache-2.0"
"github.com/go-openapi/strfmt","Apache-2.0"
"github.com/go-openapi/swag","Apache-2.0"
"github.com/go-openapi/validate","Apache-2.0"
"github.com/gogo/protobuf","BSD-3-Clause"
"github.com/golang/groupcache/lru","Apache-2.0"
"github.com/golang/protobuf","BSD-3-Clause"
"github.com/google/gnostic-models","Apache-2.0"
"github.com/google/go-cmp/cmp","BSD-3-Clause"
"github.com/google/gofuzz","Apache-2.0"
"github.com/google/uuid","BSD-3-Clause"
"github.com/imdario/mergo","BSD-3-Clause"
"github.com/josharian/intern","MIT"
"github.com/json-iterator/go","MIT"
"github.com/mailru/easyjson","MIT"
"github.com/matttproud/golang_protobuf_extensions/pbutil","Apache-2.0"
"github.com/mitchellh/mapstructure","MIT"
"github.com/modern-go/concurrent","Apache-2.0"
"github.com/modern-go/reflect2","Apache-2.0"
"github.com/munnerz/goautoneg","BSD-3-Clause"
"github.com/oklog/ulid","Apache-2.0"
"github.com/opentracing/opentracing-go","Apache-2.0"
"github.com/ory/hydra-maester","Apache-2.0"
"github.com/pkg/errors","BSD-2-Clause"
"github.com/prometheus/client_golang/prometheus","Apache-2.0"
"github.com/prometheus/client_model/go","Apache-2.0"
"github.com/prometheus/common","Apache-2.0"
"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg","BSD-3-Clause"
"github.com/prometheus/procfs","Apache-2.0"
"github.com/spf13/pflag","BSD-3-Clause"
"go.mongodb.org/mongo-driver","Apache-2.0"
"go.opentelemetry.io/otel","Apache-2.0"
"go.opentelemetry.io/otel/metric","Apache-2.0"
"go.opentelemetry.io/otel/trace","Apache-2.0"
"go.uber.org/multierr","MIT"
"go.uber.org/zap","MIT"
"golang.org/x/exp/maps","BSD-3-Clause"
"golang.org/x/net","BSD-3-Clause"
"golang.org/x/oauth2","BSD-3-Clause"
"golang.org/x/sync/errgroup","BSD-3-Clause"
"golang.org/x/sys/unix","BSD-3-Clause"
"golang.org/x/term","BSD-3-Clause"
"golang.org/x/text","BSD-3-Clause"
"golang.org/x/time/rate","BSD-3-Clause"
"gomodules.xyz/jsonpatch/v2","Apache-2.0"
"google.golang.org/protobuf","BSD-3-Clause"
"gopkg.in/inf.v0","BSD-3-Clause"
"gopkg.in/yaml.v2","Apache-2.0"
"gopkg.in/yaml.v3","MIT"
"k8s.io/api","Apache-2.0"
"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions","Apache-2.0"
"k8s.io/apimachinery/pkg","Apache-2.0"
"k8s.io/apimachinery/third_party/forked/golang","BSD-3-Clause"
"k8s.io/client-go","Apache-2.0"
"k8s.io/klog/v2","Apache-2.0"
"k8s.io/kube-openapi/pkg","Apache-2.0"
"k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json","BSD-3-Clause"
"k8s.io/kube-openapi/pkg/validation/spec","Apache-2.0"
"k8s.io/utils","Apache-2.0"
"k8s.io/utils/internal/third_party/forked/golang/net","BSD-3-Clause"
"sigs.k8s.io/controller-runtime","Apache-2.0"
"sigs.k8s.io/json","Apache-2.0"
"sigs.k8s.io/json","BSD-3-Clause"
"sigs.k8s.io/structured-merge-diff/v4","Apache-2.0"
"sigs.k8s.io/yaml","MIT"
"sigs.k8s.io/yaml","BSD-3-Clause"
"github.com/stretchr/testify","MIT"
"k8s.io/api","Apache-2.0"
"k8s.io/apimachinery","Apache-2.0"
"k8s.io/client-go","Apache-2.0"
"github.com/beorn7/perks/quantile","MIT"
"github.com/cespare/xxhash/v2","MIT"
"github.com/davecgh/go-spew/spew","ISC"
"github.com/emicklei/go-restful/v3","MIT"
"github.com/evanphx/json-patch/v5","BSD-3-Clause"
"github.com/fsnotify/fsnotify","BSD-3-Clause"
"github.com/go-logr/logr","Apache-2.0"
"github.com/go-openapi/jsonpointer","Apache-2.0"
"github.com/go-openapi/jsonreference","Apache-2.0"
"github.com/go-openapi/swag","Apache-2.0"
"github.com/gogo/protobuf","BSD-3-Clause"
"github.com/golang/groupcache/lru","Apache-2.0"
"github.com/golang/protobuf","BSD-3-Clause"
"github.com/google/gnostic-models","Apache-2.0"
"github.com/google/go-cmp/cmp","BSD-3-Clause"
"github.com/google/gofuzz","Apache-2.0"
"github.com/google/uuid","BSD-3-Clause"
"github.com/imdario/mergo","BSD-3-Clause"
"github.com/josharian/intern","MIT"
"github.com/json-iterator/go","MIT"
"github.com/mailru/easyjson","MIT"
"github.com/matttproud/golang_protobuf_extensions/pbutil","Apache-2.0"
"github.com/modern-go/concurrent","Apache-2.0"
"github.com/modern-go/reflect2","Apache-2.0"
"github.com/munnerz/goautoneg","BSD-3-Clause"
"github.com/pkg/errors","BSD-2-Clause"
"github.com/prometheus/client_golang/prometheus","Apache-2.0"
"github.com/prometheus/client_model/go","Apache-2.0"
"github.com/prometheus/common","Apache-2.0"
"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg","BSD-3-Clause"
"github.com/prometheus/procfs","Apache-2.0"
"github.com/spf13/pflag","BSD-3-Clause"
"golang.org/x/exp/maps","BSD-3-Clause"
"golang.org/x/net","BSD-3-Clause"
"golang.org/x/oauth2","BSD-3-Clause"
"golang.org/x/sys/unix","BSD-3-Clause"
"golang.org/x/term","BSD-3-Clause"
"golang.org/x/text","BSD-3-Clause"
"golang.org/x/time/rate","BSD-3-Clause"
"gomodules.xyz/jsonpatch/v2","Apache-2.0"
"google.golang.org/protobuf","BSD-3-Clause"
"gopkg.in/inf.v0","BSD-3-Clause"
"gopkg.in/yaml.v2","Apache-2.0"
"gopkg.in/yaml.v3","MIT"
"k8s.io/api","Apache-2.0"
"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions","Apache-2.0"
"k8s.io/apimachinery/pkg","Apache-2.0"
"k8s.io/apimachinery/third_party/forked/golang","BSD-3-Clause"
"k8s.io/client-go","Apache-2.0"
"k8s.io/klog/v2","Apache-2.0"
"k8s.io/kube-openapi/pkg","Apache-2.0"
"k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json","BSD-3-Clause"
"k8s.io/kube-openapi/pkg/validation/spec","Apache-2.0"
"k8s.io/utils","Apache-2.0"
"k8s.io/utils/internal/third_party/forked/golang/net","BSD-3-Clause"
"sigs.k8s.io/controller-runtime","Apache-2.0"
"sigs.k8s.io/json","Apache-2.0"
"sigs.k8s.io/json","BSD-3-Clause"
"sigs.k8s.io/structured-merge-diff/v4","Apache-2.0"
"sigs.k8s.io/yaml","MIT"
"sigs.k8s.io/yaml","BSD-3-Clause"
1 github.com/go-logr/logr Apache-2.0
2 github.com/asaskevich/govalidator MIT
3 github.com/go-openapi/errors Apache-2.0
4 github.com/go-openapi/runtime Apache-2.0
5 github.com/go-openapi/strfmt Apache-2.0
6 github.com/go-openapi/swag Apache-2.0
7 github.com/google/uuid BSD-3-Clause
8 github.com/josharian/intern MIT
9 github.com/mailru/easyjson MIT
10 github.com/mitchellh/mapstructure MIT
11 github.com/oklog/ulid Apache-2.0
12 go.mongodb.org/mongo-driver Apache-2.0
13 golang.org/x/sync/errgroup BSD-3-Clause
14 gopkg.in/yaml.v3 MIT
15 github.com/fsnotify/fsnotify BSD-3-Clause
16 github.com/nxadm/tail MIT
17 github.com/nxadm/tail/ratelimiter MIT
18 github.com/onsi/ginkgo MIT
19 github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable MIT
20 golang.org/x/sys/unix BSD-3-Clause
21 gopkg.in/tomb.v1 BSD-3-Clause
22 github.com/google/go-cmp/cmp BSD-3-Clause
23 github.com/onsi/gomega MIT
24 golang.org/x/net/html BSD-3-Clause
25 golang.org/x/text BSD-3-Clause
26 gopkg.in/yaml.v3 MIT
27 github.com/asaskevich/govalidator MIT
28 github.com/beorn7/perks/quantile MIT
29 github.com/cespare/xxhash/v2 MIT
30 github.com/davecgh/go-spew/spew ISC
31 github.com/emicklei/go-restful/v3 MIT
32 github.com/evanphx/json-patch/v5 BSD-3-Clause
33 github.com/fsnotify/fsnotify BSD-3-Clause
34 github.com/go-logr/logr Apache-2.0
35 github.com/go-logr/stdr Apache-2.0
36 github.com/go-logr/zapr Apache-2.0
37 github.com/go-openapi/analysis Apache-2.0
38 github.com/go-openapi/errors Apache-2.0
39 github.com/go-openapi/jsonpointer Apache-2.0
40 github.com/go-openapi/jsonreference Apache-2.0
41 github.com/go-openapi/loads Apache-2.0
42 github.com/go-openapi/runtime Apache-2.0
43 github.com/go-openapi/runtime/middleware/denco MIT
44 github.com/go-openapi/spec Apache-2.0
45 github.com/go-openapi/strfmt Apache-2.0
46 github.com/go-openapi/swag Apache-2.0
47 github.com/go-openapi/validate Apache-2.0
48 github.com/gogo/protobuf BSD-3-Clause
49 github.com/golang/groupcache/lru Apache-2.0
50 github.com/golang/protobuf BSD-3-Clause
51 github.com/google/gnostic-models Apache-2.0
52 github.com/google/go-cmp/cmp BSD-3-Clause
53 github.com/google/gofuzz Apache-2.0
54 github.com/google/uuid BSD-3-Clause
55 github.com/imdario/mergo BSD-3-Clause
56 github.com/josharian/intern MIT
57 github.com/json-iterator/go MIT
58 github.com/mailru/easyjson MIT
59 github.com/matttproud/golang_protobuf_extensions/pbutil Apache-2.0
60 github.com/mitchellh/mapstructure MIT
61 github.com/modern-go/concurrent Apache-2.0
62 github.com/modern-go/reflect2 Apache-2.0
63 github.com/munnerz/goautoneg BSD-3-Clause
64 github.com/oklog/ulid Apache-2.0
65 github.com/opentracing/opentracing-go Apache-2.0
66 github.com/ory/hydra-maester Apache-2.0
67 github.com/pkg/errors BSD-2-Clause
68 github.com/prometheus/client_golang/prometheus Apache-2.0
69 github.com/prometheus/client_model/go Apache-2.0
70 github.com/prometheus/common Apache-2.0
71 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg BSD-3-Clause
72 github.com/prometheus/procfs Apache-2.0
73 github.com/spf13/pflag BSD-3-Clause
74 go.mongodb.org/mongo-driver Apache-2.0
75 go.opentelemetry.io/otel Apache-2.0
76 go.opentelemetry.io/otel/metric Apache-2.0
77 go.opentelemetry.io/otel/trace Apache-2.0
78 go.uber.org/multierr MIT
79 go.uber.org/zap MIT
80 golang.org/x/exp/maps BSD-3-Clause
81 golang.org/x/net BSD-3-Clause
82 golang.org/x/oauth2 BSD-3-Clause
83 golang.org/x/sync/errgroup BSD-3-Clause
84 golang.org/x/sys/unix BSD-3-Clause
85 golang.org/x/term BSD-3-Clause
86 golang.org/x/text BSD-3-Clause
87 golang.org/x/time/rate BSD-3-Clause
88 gomodules.xyz/jsonpatch/v2 Apache-2.0
89 google.golang.org/protobuf BSD-3-Clause
90 gopkg.in/inf.v0 BSD-3-Clause
91 gopkg.in/yaml.v2 Apache-2.0
92 gopkg.in/yaml.v3 MIT
93 k8s.io/api Apache-2.0
94 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions Apache-2.0
95 k8s.io/apimachinery/pkg Apache-2.0
96 k8s.io/apimachinery/third_party/forked/golang BSD-3-Clause
97 k8s.io/client-go Apache-2.0
98 k8s.io/klog/v2 Apache-2.0
99 k8s.io/kube-openapi/pkg Apache-2.0
100 k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json BSD-3-Clause
101 k8s.io/kube-openapi/pkg/validation/spec Apache-2.0
102 k8s.io/utils Apache-2.0
103 k8s.io/utils/internal/third_party/forked/golang/net BSD-3-Clause
104 sigs.k8s.io/controller-runtime Apache-2.0
105 sigs.k8s.io/json Apache-2.0
106 sigs.k8s.io/json BSD-3-Clause
107 sigs.k8s.io/structured-merge-diff/v4 Apache-2.0
108 sigs.k8s.io/yaml MIT
109 sigs.k8s.io/yaml BSD-3-Clause
110 github.com/stretchr/testify MIT
111 k8s.io/api Apache-2.0
112 k8s.io/apimachinery Apache-2.0
113 k8s.io/client-go Apache-2.0
114 github.com/beorn7/perks/quantile MIT
115 github.com/cespare/xxhash/v2 MIT
116 github.com/davecgh/go-spew/spew ISC
117 github.com/emicklei/go-restful/v3 MIT
118 github.com/evanphx/json-patch/v5 BSD-3-Clause
119 github.com/fsnotify/fsnotify BSD-3-Clause
120 github.com/go-logr/logr Apache-2.0
121 github.com/go-openapi/jsonpointer Apache-2.0
122 github.com/go-openapi/jsonreference Apache-2.0
123 github.com/go-openapi/swag Apache-2.0
124 github.com/gogo/protobuf BSD-3-Clause
125 github.com/golang/groupcache/lru Apache-2.0
126 github.com/golang/protobuf BSD-3-Clause
127 github.com/google/gnostic-models Apache-2.0
128 github.com/google/go-cmp/cmp BSD-3-Clause
129 github.com/google/gofuzz Apache-2.0
130 github.com/google/uuid BSD-3-Clause
131 github.com/imdario/mergo BSD-3-Clause
132 github.com/josharian/intern MIT
133 github.com/json-iterator/go MIT
134 github.com/mailru/easyjson MIT
135 github.com/matttproud/golang_protobuf_extensions/pbutil Apache-2.0
136 github.com/modern-go/concurrent Apache-2.0
137 github.com/modern-go/reflect2 Apache-2.0
138 github.com/munnerz/goautoneg BSD-3-Clause
139 github.com/pkg/errors BSD-2-Clause
140 github.com/prometheus/client_golang/prometheus Apache-2.0
141 github.com/prometheus/client_model/go Apache-2.0
142 github.com/prometheus/common Apache-2.0
143 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg BSD-3-Clause
144 github.com/prometheus/procfs Apache-2.0
145 github.com/spf13/pflag BSD-3-Clause
146 golang.org/x/exp/maps BSD-3-Clause
147 golang.org/x/net BSD-3-Clause
148 golang.org/x/oauth2 BSD-3-Clause
149 golang.org/x/sys/unix BSD-3-Clause
150 golang.org/x/term BSD-3-Clause
151 golang.org/x/text BSD-3-Clause
152 golang.org/x/time/rate BSD-3-Clause
153 gomodules.xyz/jsonpatch/v2 Apache-2.0
154 google.golang.org/protobuf BSD-3-Clause
155 gopkg.in/inf.v0 BSD-3-Clause
156 gopkg.in/yaml.v2 Apache-2.0
157 gopkg.in/yaml.v3 MIT
158 k8s.io/api Apache-2.0
159 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions Apache-2.0
160 k8s.io/apimachinery/pkg Apache-2.0
161 k8s.io/apimachinery/third_party/forked/golang BSD-3-Clause
162 k8s.io/client-go Apache-2.0
163 k8s.io/klog/v2 Apache-2.0
164 k8s.io/kube-openapi/pkg Apache-2.0
165 k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json BSD-3-Clause
166 k8s.io/kube-openapi/pkg/validation/spec Apache-2.0
167 k8s.io/utils Apache-2.0
168 k8s.io/utils/internal/third_party/forked/golang/net BSD-3-Clause
169 sigs.k8s.io/controller-runtime Apache-2.0
170 sigs.k8s.io/json Apache-2.0
171 sigs.k8s.io/json BSD-3-Clause
172 sigs.k8s.io/structured-merge-diff/v4 Apache-2.0
173 sigs.k8s.io/yaml MIT
174 sigs.k8s.io/yaml BSD-3-Clause

5
api/v1alpha1/oauth2client_types.go
View File

@ -225,6 +225,11 @@ type OAuth2ClientSpec struct {
// Indicates if a deleted OAuth2Client custom resource should delete the database row or not.
// Value 1 means deletion of the OAuth2 client, value 2 means keep an orphan oauth2 client.
DeletionPolicy OAuth2ClientDeletionPolicy `json:"deletionPolicy,omitempty"`
// +kubebuilder:validation:type=string
//
// UserInfoSignedResponseAlg value specifying the JWS alg algorithm for signing UserInfo Responses
UserInfoSignedResponseAlg string `json:"userInfoSignedResponseAlg,omitempty"`
}
// GrantType represents an OAuth 2.0 grant type

143
config/crd/bases/hydra.ory.sh_oauth2clients.yaml
View File

@ -37,75 +37,64 @@ spec:
metadata:
type: object
spec:
description:
OAuth2ClientSpec defines the desired state of OAuth2Client
description: OAuth2ClientSpec defines the desired state of OAuth2Client
properties:
allowedCorsOrigins:
description:
AllowedCorsOrigins is an array of allowed CORS origins
description: AllowedCorsOrigins is an array of allowed CORS origins
items:
description:
RedirectURI represents a redirect URI for the client
description: RedirectURI represents a redirect URI for the client
pattern: \w+:/?/?[^\s]+
type: string
type: array
audience:
description:
Audience is a whitelist defining the audiences this client
description: Audience is a whitelist defining the audiences this client
is allowed to request tokens for
items:
type: string
type: array
backChannelLogoutSessionRequired:
default: false
description:
BackChannelLogoutSessionRequired Boolean value specifying
whether the RP requires that a sid (session ID) Claim be
included in the Logout Token to identify the RP session with
the OP when the backchannel_logout_uri is used. If omitted,
the default value is false.
description: BackChannelLogoutSessionRequired Boolean value specifying
whether the RP requires that a sid (session ID) Claim be included
in the Logout Token to identify the RP session with the OP when
the backchannel_logout_uri is used. If omitted, the default value
is false.
type: boolean
backChannelLogoutURI:
description:
BackChannelLogoutURI RP URL that will cause the RP to log
itself out when sent a Logout Token by the OP
description: BackChannelLogoutURI RP URL that will cause the RP to
log itself out when sent a Logout Token by the OP
pattern: (^$|^https?://.*)
type: string
clientName:
description:
ClientName is the human-readable string name of the client
description: ClientName is the human-readable string name of the client
to be presented to the end-user during authorization.
type: string
deletionPolicy:
description: |-
Indicates if a deleted OAuth2Client custom resource should delete the database row or not.
Value 0 means deletion of the OAuth2 client, value 1 means keep an orphan oauth2 client.
Value 1 means deletion of the OAuth2 client, value 2 means keep an orphan oauth2 client.
enum:
- 0
- 1
- 2
type: integer
frontChannelLogoutSessionRequired:
default: false
description:
FrontChannelLogoutSessionRequired Boolean value specifying
whether the RP requires that iss (issuer) and sid (session
ID) query parameters be included to identify the RP session
with the OP when the frontchannel_logout_uri is used
description: FrontChannelLogoutSessionRequired Boolean value specifying
whether the RP requires that iss (issuer) and sid (session ID) query
parameters be included to identify the RP session with the OP when
the frontchannel_logout_uri is used
type: boolean
frontChannelLogoutURI:
description:
FrontChannelLogoutURI RP URL that will cause the RP to log
itself out when rendered in an iframe by the OP. An iss
(issuer) query parameter and a sid (session ID) query
parameter MAY be included by the OP to enable the RP to
validate the request and to determine which of the
potentially multiple sessions is to be logged out; if either
is included, both MUST be
description: FrontChannelLogoutURI RP URL that will cause the RP to
log itself out when rendered in an iframe by the OP. An iss (issuer)
query parameter and a sid (session ID) query parameter MAY be included
by the OP to enable the RP to validate the request and to determine
which of the potentially multiple sessions is to be logged out;
if either is included, both MUST be
pattern: (^$|^https?://.*)
type: string
grantTypes:
description:
GrantTypes is an array of grant types the client is allowed
description: GrantTypes is an array of grant types the client is allowed
to use.
items:
description: GrantType represents an OAuth 2.0 grant type
@ -155,10 +144,9 @@ spec:
type: string
type: object
jwksUri:
description:
JwksUri Define the URL where the JSON Web Key Set should be
fetched from when performing the private_key_jwt client
authentication method.
description: JwksUri Define the URL where the JSON Web Key Set should
be fetched from when performing the private_key_jwt client authentication
method.
pattern: (^$|^https?://.*)
type: string
metadata:
@ -167,22 +155,18 @@ spec:
type: object
x-kubernetes-preserve-unknown-fields: true
postLogoutRedirectUris:
description:
PostLogoutRedirectURIs is an array of the post logout
description: PostLogoutRedirectURIs is an array of the post logout
redirect URIs allowed for the application
items:
description:
RedirectURI represents a redirect URI for the client
description: RedirectURI represents a redirect URI for the client
pattern: \w+:/?/?[^\s]+
type: string
type: array
redirectUris:
description:
RedirectURIs is an array of the redirect URIs allowed for
the application
description: RedirectURIs is an array of the redirect URIs allowed
for the application
items:
description:
RedirectURI represents a redirect URI for the client
description: RedirectURI represents a redirect URI for the client
pattern: \w+:/?/?[^\s]+
type: string
type: array
@ -191,8 +175,8 @@ spec:
ResponseTypes is an array of the OAuth 2.0 response type strings that the client can
use at the authorization endpoint.
items:
description:
ResponseType represents an OAuth 2.0 response type strings
description: ResponseType represents an OAuth 2.0 response type
strings
enum:
- id_token
- code
@ -221,8 +205,7 @@ spec:
type: string
type: array
secretName:
description:
SecretName points to the K8s secret that contains this
description: SecretName points to the K8s secret that contains this
client's ID and password
maxLength: 253
minLength: 1
@ -230,8 +213,7 @@ spec:
type: string
skipConsent:
default: false
description:
SkipConsent skips the consent screen for this client.
description: SkipConsent skips the consent screen for this client.
type: boolean
tokenEndpointAuthMethod:
allOf:
@ -245,9 +227,8 @@ spec:
- client_secret_post
- private_key_jwt
- none
description:
Indication which authentication method should be used for
the token endpoint
description: Indication which authentication method should be used
for the token endpoint
type: string
tokenLifespans:
description: |-
@ -258,76 +239,78 @@ spec:
description: |-
AuthorizationCodeGrantAccessTokenLifespan is the access token lifespan
issued on an authorization_code grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
authorization_code_grant_id_token_lifespan:
description: |-
AuthorizationCodeGrantIdTokenLifespan is the id token lifespan
issued on an authorization_code grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
authorization_code_grant_refresh_token_lifespan:
description: |-
AuthorizationCodeGrantRefreshTokenLifespan is the refresh token lifespan
issued on an authorization_code grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
client_credentials_grant_access_token_lifespan:
description: |-
AuthorizationCodeGrantRefreshTokenLifespan is the access token lifespan
issued on a client_credentials grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
implicit_grant_access_token_lifespan:
description: |-
ImplicitGrantAccessTokenLifespan is the access token lifespan
issued on an implicit grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
implicit_grant_id_token_lifespan:
description: |-
ImplicitGrantIdTokenLifespan is the id token lifespan
issued on an implicit grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
jwt_bearer_grant_access_token_lifespan:
description: |-
JwtBearerGrantAccessTokenLifespan is the access token lifespan
issued on a jwt_bearer grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
refresh_token_grant_access_token_lifespan:
description: |-
RefreshTokenGrantAccessTokenLifespan is the access token lifespan
issued on a refresh_token grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
refresh_token_grant_id_token_lifespan:
description: |-
RefreshTokenGrantIdTokenLifespan is the id token lifespan
issued on a refresh_token grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
refresh_token_grant_refresh_token_lifespan:
description: |-
RefreshTokenGrantRefreshTokenLifespan is the refresh token lifespan
issued on a refresh_token grant.
pattern: "[0-9]+(ns|us|ms|s|m|h)"
pattern: '[0-9]+(ns|us|ms|s|m|h)'
type: string
type: object
userInfoSignedResponseAlg:
description: UserInfoSignedResponseAlg value specifying the JWS alg
algorithm for signing UserInfo Responses
type: string
required:
- grantTypes
- secretName
type: object
status:
description:
OAuth2ClientStatus defines the observed state of OAuth2Client
description: OAuth2ClientStatus defines the observed state of OAuth2Client
properties:
conditions:
items:
description:
OAuth2ClientCondition contains condition information for
an OAuth2Client
description: OAuth2ClientCondition contains condition information
for an OAuth2Client
properties:
status:
enum:
@ -343,24 +326,20 @@ spec:
type: object
type: array
observedGeneration:
description:
ObservedGeneration represents the most recent generation
description: ObservedGeneration represents the most recent generation
observed by the daemon set controller.
format: int64
type: integer
reconciliationError:
description:
ReconciliationError represents an error that occurred during
the reconciliation process
description: ReconciliationError represents an error that occurred
during the reconciliation process
properties:
description:
description:
Description is the description of the reconciliation
description: Description is the description of the reconciliation
error
type: string
statusCode:
description:
Code is the status code of the reconciliation error
description: Code is the status code of the reconciliation error
type: string
type: object
type: object

2
config/default/manager_image_patch.yaml
View File

@ -8,6 +8,6 @@ spec:
spec:
containers:
# Change the value of image field below to your controller image URL
- image: controller:latest
- image: reg.cadoles.com/wpetit/hydra-maester
name: manager
imagePullPolicy: IfNotPresent

2
hydra/types.go
View File

@ -44,6 +44,7 @@ type OAuth2ClientJSON struct {
RefreshTokenGrantAccessTokenLifespan string `json:"refresh_token_grant_access_token_lifespan,omitempty"`
RefreshTokenGrantIdTokenLifespan string `json:"refresh_token_grant_id_token_lifespan,omitempty"`
RefreshTokenGrantRefreshTokenLifespan string `json:"refresh_token_grant_refresh_token_lifespan,omitempty"`
UserInfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty"`
}
// Oauth2ClientCredentials represents client ID and password fetched from a
@ -104,6 +105,7 @@ func FromOAuth2Client(c *hydrav1alpha1.OAuth2Client) (*OAuth2ClientJSON, error)
RefreshTokenGrantAccessTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantAccessTokenLifespan,
RefreshTokenGrantIdTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantIdTokenLifespan,
RefreshTokenGrantRefreshTokenLifespan: c.Spec.TokenLifespans.RefreshTokenGrantRefreshTokenLifespan,
UserInfoSignedResponseAlg: c.Spec.UserInfoSignedResponseAlg,
}, nil
}