From f709691d32acdc98d375b50d69b0ec36369baf59 Mon Sep 17 00:00:00 2001 From: Landry Benguigui Date: Fri, 28 Jun 2024 09:20:03 +0200 Subject: [PATCH] feat: add stored attributes for generic OIDC Co-authored-by: Simon Delicata --- pkg/apis/hub/v1alpha1/api_portal.go | 8 ++++++-- .../v1alpha1/crd/hub.traefik.io_apiportals.yaml | 14 ++++++++++---- pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go | 7 ++++++- 3 files changed, 22 insertions(+), 7 deletions(-) diff --git a/pkg/apis/hub/v1alpha1/api_portal.go b/pkg/apis/hub/v1alpha1/api_portal.go index f2df265..3153a23 100644 --- a/pkg/apis/hub/v1alpha1/api_portal.go +++ b/pkg/apis/hub/v1alpha1/api_portal.go @@ -88,9 +88,9 @@ type OIDCConfigStatus struct { // +optional Scopes string `json:"scopes,omitempty"` - // ExternalIDClaim is the name of the JWT claim containing the user external ID. + // UserIDClaim is the name of the JWT claim containing the user ID. // +optional - ExternalIDClaim string `json:"externalIdClaim,omitempty"` + UserIDClaim string `json:"userIdClaim,omitempty"` // FirstnameClaim is the name of the JWT claim containing the user firstname. // +optional @@ -111,6 +111,10 @@ type OIDCConfigStatus struct { // CompanyClaim is the name of the JWT claim containing the user company. // +optional CompanyClaim string `json:"companyClaim,omitempty"` + + // SyncedAttributes configure the user attributes to sync. + // +optional + SyncedAttributes []string `json:"syncedAttributes,omitempty"` } // APIPortalStatus is the status of an APIPortal. diff --git a/pkg/apis/hub/v1alpha1/crd/hub.traefik.io_apiportals.yaml b/pkg/apis/hub/v1alpha1/crd/hub.traefik.io_apiportals.yaml index a7ace5a..bc04170 100644 --- a/pkg/apis/hub/v1alpha1/crd/hub.traefik.io_apiportals.yaml +++ b/pkg/apis/hub/v1alpha1/crd/hub.traefik.io_apiportals.yaml @@ -89,10 +89,6 @@ spec: description: EmailClaim is the name of the JWT claim containing the user email. type: string - externalIdClaim: - description: ExternalIDClaim is the name of the JWT claim containing - the user external ID. - type: string firstnameClaim: description: FirstnameClaim is the name of the JWT claim containing the user firstname. @@ -121,6 +117,16 @@ spec: description: SecretName is the name of the secret containing the OIDC ClientSecret for accessing the exposed APIPortal WebUI. type: string + syncedAttributes: + description: SyncedAttributes configure the user attributes to + sync. + items: + type: string + type: array + userIdClaim: + description: UserIDClaim is the name of the JWT claim containing + the user ID. + type: string type: object syncedAt: format: date-time diff --git a/pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go index 1585f16..a6ab9b5 100644 --- a/pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/hub/v1alpha1/zz_generated.deepcopy.go @@ -305,7 +305,7 @@ func (in *APIPortalStatus) DeepCopyInto(out *APIPortalStatus) { if in.OIDC != nil { in, out := &in.OIDC, &out.OIDC *out = new(OIDCConfigStatus) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -1038,6 +1038,11 @@ func (in *HTTPClientConfigTLS) DeepCopy() *HTTPClientConfigTLS { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *OIDCConfigStatus) DeepCopyInto(out *OIDCConfigStatus) { *out = *in + if in.SyncedAttributes != nil { + in, out := &in.SyncedAttributes, &out.SyncedAttributes + *out = make([]string, len(*in)) + copy(*out, *in) + } return }