From 0c1f48cbc1d5f3d5412c728c78f27a44cf30f71c Mon Sep 17 00:00:00 2001 From: Margo Crawford Date: Mon, 13 Jun 2022 15:48:54 -0700 Subject: [PATCH] Move oidcclient into config.supervisor.pinniped.dev Signed-off-by: Margo Crawford --- .../config/v1alpha1/register.go.tmpl | 2 + .../v1alpha1/types_oidcclient.go.tmpl | 0 apis/supervisor/oauth/v1alpha1/doc.go.tmpl | 10 -- .../oauth/v1alpha1/register.go.tmpl | 43 ------ ...g.supervisor.pinniped.dev_oidcclients.yaml | 4 +- deploy/supervisor/z0_crd_overlay.yaml | 6 +- generated/1.17/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 14 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 76 ----------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../{oauth => config}/v1alpha1/oidcclient.go | 2 +- .../oauth/v1alpha1/expansion_generated.go | 14 -- ....supervisor.pinniped.dev_oidcclients.yaml} | 4 +- generated/1.18/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 14 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 76 ----------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../{oauth => config}/v1alpha1/oidcclient.go | 2 +- .../oauth/v1alpha1/expansion_generated.go | 14 -- ...g.supervisor.pinniped.dev_oidcclients.yaml | 4 +- generated/1.19/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 14 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../config}/v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 76 ----------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../{oauth => config}/v1alpha1/oidcclient.go | 2 +- .../oauth/v1alpha1/expansion_generated.go | 14 -- ....supervisor.pinniped.dev_oidcclients.yaml} | 4 +- generated/1.20/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 14 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 76 ----------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../listers/config}/v1alpha1/oidcclient.go | 2 +- .../oauth/v1alpha1/expansion_generated.go | 14 -- ...g.supervisor.pinniped.dev_oidcclients.yaml | 125 +++++++++++++++++ ...h.supervisor.pinniped.dev_oidcclients.yaml | 125 ----------------- generated/1.21/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 14 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../config}/v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 76 ----------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../listers/config}/v1alpha1/oidcclient.go | 2 +- .../oauth/v1alpha1/expansion_generated.go | 14 -- ...g.supervisor.pinniped.dev_oidcclients.yaml | 125 +++++++++++++++++ ...h.supervisor.pinniped.dev_oidcclients.yaml | 125 ----------------- generated/1.22/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 14 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../config/v1alpha1/fake/fake_oidcclient.go | 129 ++++++++++++++++++ .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/fake/fake_oidcclient.go | 129 ------------------ .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 76 ----------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../{oauth => config}/v1alpha1/oidcclient.go | 2 +- .../oauth/v1alpha1/expansion_generated.go | 14 -- ...g.supervisor.pinniped.dev_oidcclients.yaml | 125 +++++++++++++++++ ...h.supervisor.pinniped.dev_oidcclients.yaml | 125 ----------------- generated/1.23/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 13 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 94 ------------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../listers/config/v1alpha1/oidcclient.go | 86 ++++++++++++ .../oauth/v1alpha1/expansion_generated.go | 14 -- .../listers/oauth/v1alpha1/oidcclient.go | 86 ------------ ...g.supervisor.pinniped.dev_oidcclients.yaml | 125 +++++++++++++++++ ...h.supervisor.pinniped.dev_oidcclients.yaml | 125 ----------------- generated/1.24/README.adoc | 99 ++++++-------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 13 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 94 ------------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../listers/config/v1alpha1/oidcclient.go | 86 ++++++++++++ .../oauth/v1alpha1/expansion_generated.go | 14 -- .../listers/oauth/v1alpha1/oidcclient.go | 86 ------------ ...g.supervisor.pinniped.dev_oidcclients.yaml | 125 +++++++++++++++++ ...h.supervisor.pinniped.dev_oidcclients.yaml | 125 ----------------- .../supervisor/config/v1alpha1/register.go | 2 + .../v1alpha1/types_oidcclient.go | 0 .../config/v1alpha1/zz_generated.deepcopy.go | 108 +++++++++++++++ .../apis/supervisor/oauth/v1alpha1/doc.go | 10 -- .../supervisor/oauth/v1alpha1/register.go | 43 ------ .../oauth/v1alpha1/zz_generated.deepcopy.go | 121 ---------------- .../clientset/versioned/clientset.go | 13 -- .../versioned/fake/clientset_generated.go | 7 - .../clientset/versioned/fake/register.go | 2 - .../clientset/versioned/scheme/register.go | 2 - .../typed/config/v1alpha1/config_client.go | 5 + .../v1alpha1/fake/fake_config_client.go | 4 + .../v1alpha1/fake/fake_oidcclient.go | 8 +- .../config/v1alpha1/generated_expansion.go | 2 + .../{oauth => config}/v1alpha1/oidcclient.go | 4 +- .../versioned/typed/oauth/v1alpha1/doc.go | 7 - .../typed/oauth/v1alpha1/fake/doc.go | 7 - .../oauth/v1alpha1/fake/fake_oauth_client.go | 27 ---- .../oauth/v1alpha1/generated_expansion.go | 8 -- .../typed/oauth/v1alpha1/oauth_client.go | 94 ------------- .../config/v1alpha1/interface.go | 7 + .../{oauth => config}/v1alpha1/oidcclient.go | 12 +- .../informers/externalversions/factory.go | 6 - .../informers/externalversions/generic.go | 7 +- .../externalversions/oauth/interface.go | 33 ----- .../oauth/v1alpha1/interface.go | 32 ----- .../config/v1alpha1/expansion_generated.go | 8 ++ .../listers/config/v1alpha1/oidcclient.go | 86 ++++++++++++ .../oauth/v1alpha1/expansion_generated.go | 14 -- .../listers/oauth/v1alpha1/oidcclient.go | 86 ------------ hack/lib/update-codegen.sh | 5 +- test/integration/kube_api_discovery_test.go | 22 +-- 294 files changed, 2740 insertions(+), 5419 deletions(-) rename apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go.tmpl (100%) delete mode 100644 apis/supervisor/oauth/v1alpha1/doc.go.tmpl delete mode 100644 apis/supervisor/oauth/v1alpha1/register.go.tmpl rename generated/1.17/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml => deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml (98%) rename generated/1.17/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.17/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.17/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.17/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/1.17/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.17/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.17/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (89%) delete mode 100644 generated/1.17/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go rename generated/1.17/client/supervisor/listers/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.17/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go rename generated/{1.18/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml => 1.17/crds/config.supervisor.pinniped.dev_oidcclients.yaml} (98%) rename generated/1.18/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.18/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.18/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.18/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/1.18/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.18/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.18/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.18/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go rename generated/1.18/client/supervisor/listers/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.18/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go rename deploy/supervisor/oauth.supervisor.pinniped.dev_oidcclients.yaml => generated/1.18/crds/config.supervisor.pinniped.dev_oidcclients.yaml (98%) rename generated/1.19/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.19/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.19/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.19/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/{1.21/client/supervisor/clientset/versioned/typed/oauth => 1.19/client/supervisor/clientset/versioned/typed/config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.19/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.19/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.19/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go rename generated/1.19/client/supervisor/listers/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.19/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go rename generated/1.19/crds/{oauth.supervisor.pinniped.dev_oidcclients.yaml => config.supervisor.pinniped.dev_oidcclients.yaml} (98%) rename generated/1.20/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.20/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.20/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.20/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/1.20/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.20/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.20/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.20/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go rename generated/{1.21/client/supervisor/listers/oauth => 1.20/client/supervisor/listers/config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.20/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go create mode 100644 generated/1.20/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.20/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename generated/1.21/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.21/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.21/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.21/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/{1.19/client/supervisor/clientset/versioned/typed/oauth => 1.21/client/supervisor/clientset/versioned/typed/config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.21/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.21/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.21/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go rename generated/{1.20/client/supervisor/listers/oauth => 1.21/client/supervisor/listers/config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.21/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go create mode 100644 generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.21/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename generated/1.22/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.22/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.22/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.22/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go create mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go rename generated/1.22/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go delete mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.22/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.22/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go rename generated/1.22/client/supervisor/listers/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.22/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go create mode 100644 generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.22/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename generated/1.23/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.23/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.23/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.23/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/1.23/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.23/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.23/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.23/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go create mode 100644 generated/1.23/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.23/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go delete mode 100644 generated/1.23/client/supervisor/listers/oauth/v1alpha1/oidcclient.go create mode 100644 generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.23/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename generated/1.24/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/1.24/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/1.24/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/1.24/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/1.24/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/1.24/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/1.24/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/1.24/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go create mode 100644 generated/1.24/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/1.24/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go delete mode 100644 generated/1.24/client/supervisor/listers/oauth/v1alpha1/oidcclient.go create mode 100644 generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml delete mode 100644 generated/1.24/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename generated/latest/apis/supervisor/{oauth => config}/v1alpha1/types_oidcclient.go (100%) delete mode 100644 generated/latest/apis/supervisor/oauth/v1alpha1/doc.go delete mode 100644 generated/latest/apis/supervisor/oauth/v1alpha1/register.go delete mode 100644 generated/latest/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go rename generated/latest/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/fake/fake_oidcclient.go (92%) rename generated/latest/client/supervisor/clientset/versioned/typed/{oauth => config}/v1alpha1/oidcclient.go (97%) delete mode 100644 generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go delete mode 100644 generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go delete mode 100644 generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go delete mode 100644 generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go delete mode 100644 generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go rename generated/latest/client/supervisor/informers/externalversions/{oauth => config}/v1alpha1/oidcclient.go (88%) delete mode 100644 generated/latest/client/supervisor/informers/externalversions/oauth/interface.go delete mode 100644 generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go create mode 100644 generated/latest/client/supervisor/listers/config/v1alpha1/oidcclient.go delete mode 100644 generated/latest/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go delete mode 100644 generated/latest/client/supervisor/listers/oauth/v1alpha1/oidcclient.go diff --git a/apis/supervisor/config/v1alpha1/register.go.tmpl b/apis/supervisor/config/v1alpha1/register.go.tmpl index 69045298..54c51699 100644 --- a/apis/supervisor/config/v1alpha1/register.go.tmpl +++ b/apis/supervisor/config/v1alpha1/register.go.tmpl @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/apis/supervisor/oauth/v1alpha1/types_oidcclient.go.tmpl b/apis/supervisor/config/v1alpha1/types_oidcclient.go.tmpl similarity index 100% rename from apis/supervisor/oauth/v1alpha1/types_oidcclient.go.tmpl rename to apis/supervisor/config/v1alpha1/types_oidcclient.go.tmpl diff --git a/apis/supervisor/oauth/v1alpha1/doc.go.tmpl b/apis/supervisor/oauth/v1alpha1/doc.go.tmpl deleted file mode 100644 index 75580481..00000000 --- a/apis/supervisor/oauth/v1alpha1/doc.go.tmpl +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/apis/supervisor/oauth/v1alpha1/register.go.tmpl b/apis/supervisor/oauth/v1alpha1/register.go.tmpl deleted file mode 100644 index 37ae1fbf..00000000 --- a/apis/supervisor/oauth/v1alpha1/register.go.tmpl +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.17/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 98% rename from generated/1.17/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename to deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml index 589a9154..4efa445e 100644 --- a/generated/1.17/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ b/deploy/supervisor/config.supervisor.pinniped.dev_oidcclients.yaml @@ -5,9 +5,9 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev + name: oidcclients.config.supervisor.pinniped.dev spec: - group: oauth.supervisor.pinniped.dev + group: config.supervisor.pinniped.dev names: categories: - pinniped diff --git a/deploy/supervisor/z0_crd_overlay.yaml b/deploy/supervisor/z0_crd_overlay.yaml index 130f780d..a658091b 100644 --- a/deploy/supervisor/z0_crd_overlay.yaml +++ b/deploy/supervisor/z0_crd_overlay.yaml @@ -41,11 +41,11 @@ metadata: spec: group: #@ pinnipedDevAPIGroupWithPrefix("idp.supervisor") -#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"oidcclients.oauth.supervisor.pinniped.dev"}}), expects=1 +#@overlay/match by=overlay.subset({"kind": "CustomResourceDefinition", "metadata":{"name":"oidcclients.config.supervisor.pinniped.dev"}}), expects=1 --- metadata: #@overlay/match missing_ok=True labels: #@ labels() - name: #@ pinnipedDevAPIGroupWithPrefix("oidcclients.oauth.supervisor") + name: #@ pinnipedDevAPIGroupWithPrefix("oidcclients.config.supervisor") spec: - group: #@ pinnipedDevAPIGroupWithPrefix("oauth.supervisor") + group: #@ pinnipedDevAPIGroupWithPrefix("config.supervisor") diff --git a/generated/1.17/README.adoc b/generated/1.17/README.adoc index 693d8d6b..624f035f 100644 --- a/generated/1.17/README.adoc +++ b/generated/1.17/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-17-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/register.go b/generated/1.17/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.17/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.17/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.17/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.17/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.17/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.17/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.17/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.17/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.17/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.17/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.17/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.17/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.17/client/supervisor/clientset/versioned/clientset.go b/generated/1.17/client/supervisor/clientset/versioned/clientset.go index c51ef35e..d1845d53 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.17/client/supervisor/clientset/versioned/clientset.go @@ -10,7 +10,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -20,7 +19,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -29,7 +27,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -42,11 +39,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -76,10 +68,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { @@ -94,7 +82,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - cs.oauthV1alpha1 = oauthv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) return &cs @@ -105,7 +92,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go index 7139764c..0bc2edfc 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.17/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -76,8 +74,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.17/client/supervisor/clientset/versioned/fake/register.go b/generated/1.17/client/supervisor/clientset/versioned/fake/register.go index 980ce98f..5717b4eb 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.17/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go index 676b0aae..3d881a08 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.17/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index f5c35bf5..49fcccef 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,6 +14,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -25,6 +26,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 406fcd8c..2a586f92 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index 69c8555d..8acb613c 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -6,7 +6,7 @@ package fake import ( - v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -17,13 +17,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index 322bcb9d..95c4ebfb 100644 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.17/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -8,7 +8,7 @@ package v1alpha1 import ( "time" - v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -43,7 +43,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index 1625045c..00000000 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 32dae26a..00000000 --- a/generated/1.17/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index ae8561df..33ffbf70 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 89% rename from generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 1996f202..c6e9344f 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.17/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -8,10 +8,10 @@ package v1alpha1 import ( time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.17/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -48,16 +48,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -68,7 +68,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.17/client/supervisor/informers/externalversions/factory.go b/generated/1.17/client/supervisor/informers/externalversions/factory.go index ac94e186..10a7bf92 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.17/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.17/client/supervisor/informers/externalversions/generic.go b/generated/1.17/client/supervisor/informers/externalversions/generic.go index 4f5c74e4..befa67ca 100644 --- a/generated/1.17/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.17/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.17/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.17/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index 06b9370b..00000000 --- a/generated/1.17/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 46d19a40..00000000 --- a/generated/1.17/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.17/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.17/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.17/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.17/client/supervisor/listers/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.17/client/supervisor/listers/oauth/v1alpha1/oidcclient.go rename to generated/1.17/client/supervisor/listers/config/v1alpha1/oidcclient.go index 8395809f..08c2ab25 100644 --- a/generated/1.17/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ b/generated/1.17/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.17/apis/supervisor/config/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/generated/1.17/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.17/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.17/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.18/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.17/crds/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 98% rename from generated/1.18/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename to generated/1.17/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 589a9154..4efa445e 100644 --- a/generated/1.18/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.17/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -5,9 +5,9 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev + name: oidcclients.config.supervisor.pinniped.dev spec: - group: oauth.supervisor.pinniped.dev + group: config.supervisor.pinniped.dev names: categories: - pinniped diff --git a/generated/1.18/README.adoc b/generated/1.18/README.adoc index f2346ef6..63ec9f13 100644 --- a/generated/1.18/README.adoc +++ b/generated/1.18/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-18-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/register.go b/generated/1.18/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.18/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.18/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.18/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.18/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.18/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.18/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.18/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.18/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.18/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.18/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.18/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.18/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.18/client/supervisor/clientset/versioned/clientset.go b/generated/1.18/client/supervisor/clientset/versioned/clientset.go index d9bb8ce9..1427efc1 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.18/client/supervisor/clientset/versioned/clientset.go @@ -10,7 +10,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -20,7 +19,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -29,7 +27,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -42,11 +39,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -76,10 +68,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { @@ -94,7 +82,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - cs.oauthV1alpha1 = oauthv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) return &cs @@ -105,7 +92,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go index be0ba580..4a5361d2 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.18/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -76,8 +74,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.18/client/supervisor/clientset/versioned/fake/register.go b/generated/1.18/client/supervisor/clientset/versioned/fake/register.go index 9a64a8a9..20b81309 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.18/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go index 1de4c05d..23788bd1 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.18/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 1bdb3362..24c1c6bf 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,6 +14,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -25,6 +26,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 0aeb5048..a653b66e 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index a177ce4a..f04ffb6d 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index 26026924..1e65bfbf 100644 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.18/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index 0483f163..00000000 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 17d59cf4..00000000 --- a/generated/1.18/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 54d42593..af4b30aa 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index c5869b86..bf495ab0 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.18/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.18/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.18/client/supervisor/informers/externalversions/factory.go b/generated/1.18/client/supervisor/informers/externalversions/factory.go index 158fded5..997de893 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.18/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.18/client/supervisor/informers/externalversions/generic.go b/generated/1.18/client/supervisor/informers/externalversions/generic.go index 43579b43..395cc6a8 100644 --- a/generated/1.18/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.18/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.18/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.18/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index 7a2b6531..00000000 --- a/generated/1.18/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 86b4efd0..00000000 --- a/generated/1.18/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.18/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.18/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.18/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.18/client/supervisor/listers/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.18/client/supervisor/listers/oauth/v1alpha1/oidcclient.go rename to generated/1.18/client/supervisor/listers/config/v1alpha1/oidcclient.go index 77d38f1e..79278890 100644 --- a/generated/1.18/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ b/generated/1.18/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.18/apis/supervisor/config/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/generated/1.18/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.18/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.18/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/deploy/supervisor/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.18/crds/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 98% rename from deploy/supervisor/oauth.supervisor.pinniped.dev_oidcclients.yaml rename to generated/1.18/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 589a9154..4efa445e 100644 --- a/deploy/supervisor/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.18/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -5,9 +5,9 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev + name: oidcclients.config.supervisor.pinniped.dev spec: - group: oauth.supervisor.pinniped.dev + group: config.supervisor.pinniped.dev names: categories: - pinniped diff --git a/generated/1.19/README.adoc b/generated/1.19/README.adoc index 6cd1eaa0..f04d438f 100644 --- a/generated/1.19/README.adoc +++ b/generated/1.19/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-19-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/register.go b/generated/1.19/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.19/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.19/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.19/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.19/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.19/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.19/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.19/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.19/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.19/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.19/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.19/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.19/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.19/client/supervisor/clientset/versioned/clientset.go b/generated/1.19/client/supervisor/clientset/versioned/clientset.go index 09f209c0..a5d5b43c 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.19/client/supervisor/clientset/versioned/clientset.go @@ -10,7 +10,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -20,7 +19,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -29,7 +27,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -42,11 +39,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -76,10 +68,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { @@ -94,7 +82,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - cs.oauthV1alpha1 = oauthv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) return &cs @@ -105,7 +92,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go index cc7334de..6fbd1410 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.19/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -76,8 +74,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.19/client/supervisor/clientset/versioned/fake/register.go b/generated/1.19/client/supervisor/clientset/versioned/fake/register.go index 31bd0f0b..93a34271 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.19/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go index bd2ef62e..0f2ac77b 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.19/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index ecfa976c..b34ed0d7 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,6 +14,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -25,6 +26,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index c725f508..eb035c6e 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index cdd06d71..ce4d4348 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index 93cd5805..eff0aae4 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.19/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index 9430b71b..00000000 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 0e347f19..00000000 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 33b72e12..76ca860c 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 749b0977..f1e4d5b9 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.19/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.19/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.19/client/supervisor/informers/externalversions/factory.go b/generated/1.19/client/supervisor/informers/externalversions/factory.go index 90fff5ef..0ad18aae 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.19/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.19/client/supervisor/informers/externalversions/generic.go b/generated/1.19/client/supervisor/informers/externalversions/generic.go index ffc852ca..6b246a62 100644 --- a/generated/1.19/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.19/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.19/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.19/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index 2b6d2943..00000000 --- a/generated/1.19/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 3db762a4..00000000 --- a/generated/1.19/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.19/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.19/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.19/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.19/client/supervisor/listers/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.19/client/supervisor/listers/oauth/v1alpha1/oidcclient.go rename to generated/1.19/client/supervisor/listers/config/v1alpha1/oidcclient.go index 7040f4c9..db99f57c 100644 --- a/generated/1.19/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ b/generated/1.19/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/config/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/generated/1.19/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.19/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.19/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.19/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.19/crds/config.supervisor.pinniped.dev_oidcclients.yaml similarity index 98% rename from generated/1.19/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml rename to generated/1.19/crds/config.supervisor.pinniped.dev_oidcclients.yaml index 589a9154..4efa445e 100644 --- a/generated/1.19/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ b/generated/1.19/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -5,9 +5,9 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev + name: oidcclients.config.supervisor.pinniped.dev spec: - group: oauth.supervisor.pinniped.dev + group: config.supervisor.pinniped.dev names: categories: - pinniped diff --git a/generated/1.20/README.adoc b/generated/1.20/README.adoc index 1c559c9e..2e989cd3 100644 --- a/generated/1.20/README.adoc +++ b/generated/1.20/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.2/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-20-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/register.go b/generated/1.20/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.20/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.20/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.20/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.20/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.20/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.20/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.20/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.20/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.20/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.20/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.20/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.20/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.20/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.20/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.20/client/supervisor/clientset/versioned/clientset.go b/generated/1.20/client/supervisor/clientset/versioned/clientset.go index ec78cd88..47592892 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.20/client/supervisor/clientset/versioned/clientset.go @@ -10,7 +10,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -20,7 +19,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -29,7 +27,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -42,11 +39,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -76,10 +68,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { @@ -94,7 +82,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - cs.oauthV1alpha1 = oauthv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) return &cs @@ -105,7 +92,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go index cee1ca0d..4f710f0b 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.20/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -76,8 +74,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.20/client/supervisor/clientset/versioned/fake/register.go b/generated/1.20/client/supervisor/clientset/versioned/fake/register.go index b9ea3ea8..7587d602 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.20/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go index cd769223..af0ed68f 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.20/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 5baa9401..0af8db5d 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,6 +14,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -25,6 +26,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 67628cf9..68debe9b 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index 38aac300..b481c9ec 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index 32503911..2b2e4e9e 100644 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.20/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index 3bc1da70..00000000 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index ca9d2cf5..00000000 --- a/generated/1.20/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 399bc958..37340c6b 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 37efa298..0ebc789f 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.20/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.20/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.20/client/supervisor/informers/externalversions/factory.go b/generated/1.20/client/supervisor/informers/externalversions/factory.go index 6e6fffaa..60395f1f 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.20/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.20/client/supervisor/informers/externalversions/generic.go b/generated/1.20/client/supervisor/informers/externalversions/generic.go index d541574e..d063878c 100644 --- a/generated/1.20/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.20/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.20/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.20/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index b4cc533e..00000000 --- a/generated/1.20/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index ed7eacf5..00000000 --- a/generated/1.20/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.20/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.20/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.21/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.20/client/supervisor/listers/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.21/client/supervisor/listers/oauth/v1alpha1/oidcclient.go rename to generated/1.20/client/supervisor/listers/config/v1alpha1/oidcclient.go index ac6047cd..d3e12885 100644 --- a/generated/1.21/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ b/generated/1.20/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/config/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/generated/1.20/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.20/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.20/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.20/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.20/crds/config.supervisor.pinniped.dev_oidcclients.yaml new file mode 100644 index 00000000..4efa445e --- /dev/null +++ b/generated/1.20/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: oidcclients.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: OIDCClient + listKind: OIDCClientList + plural: oidcclients + singular: oidcclient + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCClient describes the configuration of an OIDC client. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC client. + properties: + allowedGrantTypes: + description: "allowedGrantTypes is a list of the allowed grant_type + param values that should be accepted during OIDC flows with this + client. \n Must only contain the following values: - authorization_code: + allows the client to perform the authorization code grant flow, + i.e. allows the webapp to authenticate users. This grant must always + be listed. - refresh_token: allows the client to perform refresh + grants for the user to extend the user's session. This grant must + be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: + allows the client to perform RFC8693 token exchange, which is a + step in the process to be able to get a cluster credential for the + user. This grant must be listed if allowedScopes lists pinniped:request-audience." + items: + enum: + - authorization_code + - refresh_token + - urn:ietf:params:oauth:grant-type:token-exchange + type: string + minItems: 1 + type: array + allowedRedirectURIs: + description: allowedRedirectURIs is a list of the allowed redirect_uri + param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. Must be https, unless it + is a loopback. + items: + type: string + minItems: 1 + type: array + allowedScopes: + description: "allowedScopes is a list of the allowed scopes param + values that should be accepted during OIDC flows with this client. + \n Must only contain the following values: - openid: The client + is allowed to request ID tokens. ID tokens only include the required + claims by default (iss, sub, aud, exp, iat). This scope must always + be listed. - offline_access: The client is allowed to request an + initial refresh token during the authorization code grant flow. + This scope must be listed if allowedGrantTypes lists refresh_token. + - pinniped:request-audience: The client is allowed to request a + new audience value during a RFC8693 token exchange, which is a step + in the process to be able to get a cluster credential for the user. + openid, username and groups scopes must be listed when this scope + is present. This scope must be listed if allowedGrantTypes lists + urn:ietf:params:oauth:grant-type:token-exchange. - username: The + client is allowed to request that ID tokens contain the user's username. + Without the username scope being requested and allowed, the ID token + will not contain the user's username. - groups: The client is allowed + to request that ID tokens contain the user's group membership, if + their group membership is discoverable by the Supervisor. Without + the groups scope being requested and allowed, the ID token will + not contain groups." + items: + enum: + - openid + - offline_access + - username + - groups + - pinniped:request-audience + type: string + minItems: 1 + type: array + required: + - allowedGrantTypes + - allowedRedirectURIs + - allowedScopes + type: object + status: + description: Status of the OIDC client. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.20/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.20/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 589a9154..00000000 --- a/generated/1.20/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,125 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev -spec: - group: oauth.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: "allowedGrantTypes is a list of the allowed grant_type - param values that should be accepted during OIDC flows with this - client. \n Must only contain the following values: - authorization_code: - allows the client to perform the authorization code grant flow, - i.e. allows the webapp to authenticate users. This grant must always - be listed. - refresh_token: allows the client to perform refresh - grants for the user to extend the user's session. This grant must - be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: - allows the client to perform RFC8693 token exchange, which is a - step in the process to be able to get a cluster credential for the - user. This grant must be listed if allowedScopes lists pinniped:request-audience." - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - allowedRedirectURIs: - description: allowedRedirectURIs is a list of the allowed redirect_uri - param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. Must be https, unless it - is a loopback. - items: - type: string - minItems: 1 - type: array - allowedScopes: - description: "allowedScopes is a list of the allowed scopes param - values that should be accepted during OIDC flows with this client. - \n Must only contain the following values: - openid: The client - is allowed to request ID tokens. ID tokens only include the required - claims by default (iss, sub, aud, exp, iat). This scope must always - be listed. - offline_access: The client is allowed to request an - initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a - new audience value during a RFC8693 token exchange, which is a step - in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope - is present. This scope must be listed if allowedGrantTypes lists - urn:ietf:params:oauth:grant-type:token-exchange. - username: The - client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token - will not contain the user's username. - groups: The client is allowed - to request that ID tokens contain the user's group membership, if - their group membership is discoverable by the Supervisor. Without - the groups scope being requested and allowed, the ID token will - not contain groups." - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/generated/1.21/README.adoc b/generated/1.21/README.adoc index 2a9ca757..7635b9a6 100644 --- a/generated/1.21/README.adoc +++ b/generated/1.21/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-21-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/register.go b/generated/1.21/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.21/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.21/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.21/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.21/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.21/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.21/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.21/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.21/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.21/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.21/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.21/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.21/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.21/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.21/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.21/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.21/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.21/client/supervisor/clientset/versioned/clientset.go b/generated/1.21/client/supervisor/clientset/versioned/clientset.go index 23d76422..aa52f6ae 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.21/client/supervisor/clientset/versioned/clientset.go @@ -10,7 +10,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -20,7 +19,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -29,7 +27,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -42,11 +39,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -76,10 +68,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { @@ -94,7 +82,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - cs.oauthV1alpha1 = oauthv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) return &cs @@ -105,7 +92,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go index 6a40aa3e..31bf30c1 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.21/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -76,8 +74,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.21/client/supervisor/clientset/versioned/fake/register.go b/generated/1.21/client/supervisor/clientset/versioned/fake/register.go index 8fb2f241..3a9d6a18 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.21/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go index ca3c854a..0629cdd4 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.21/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index cdfc9c9a..d2b845f9 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,6 +14,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -25,6 +26,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 8bf53fea..d8bf41b3 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index 078ab176..7dbc152b 100644 --- a/generated/1.19/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/1.19/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index c7e2f82b..10f97b4f 100644 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.21/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index 8e56072b..00000000 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 259f1b10..00000000 --- a/generated/1.21/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index e678f3e3..e3cf746d 100644 --- a/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index f56b83db..dda5d6d3 100644 --- a/generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.21/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.21/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.21/client/supervisor/informers/externalversions/factory.go b/generated/1.21/client/supervisor/informers/externalversions/factory.go index 5f2301a2..09200fa1 100644 --- a/generated/1.21/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.21/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.21/client/supervisor/informers/externalversions/generic.go b/generated/1.21/client/supervisor/informers/externalversions/generic.go index d08e96cf..7ea48934 100644 --- a/generated/1.21/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.21/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.21/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.21/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index d734d0d3..00000000 --- a/generated/1.21/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 05ad0a58..00000000 --- a/generated/1.21/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.21/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.21/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.20/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.21/client/supervisor/listers/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.20/client/supervisor/listers/oauth/v1alpha1/oidcclient.go rename to generated/1.21/client/supervisor/listers/config/v1alpha1/oidcclient.go index 9cb0fe48..72abf61d 100644 --- a/generated/1.20/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ b/generated/1.21/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.20/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.21/apis/supervisor/config/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/generated/1.21/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.21/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.21/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml new file mode 100644 index 00000000..4efa445e --- /dev/null +++ b/generated/1.21/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: oidcclients.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: OIDCClient + listKind: OIDCClientList + plural: oidcclients + singular: oidcclient + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCClient describes the configuration of an OIDC client. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC client. + properties: + allowedGrantTypes: + description: "allowedGrantTypes is a list of the allowed grant_type + param values that should be accepted during OIDC flows with this + client. \n Must only contain the following values: - authorization_code: + allows the client to perform the authorization code grant flow, + i.e. allows the webapp to authenticate users. This grant must always + be listed. - refresh_token: allows the client to perform refresh + grants for the user to extend the user's session. This grant must + be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: + allows the client to perform RFC8693 token exchange, which is a + step in the process to be able to get a cluster credential for the + user. This grant must be listed if allowedScopes lists pinniped:request-audience." + items: + enum: + - authorization_code + - refresh_token + - urn:ietf:params:oauth:grant-type:token-exchange + type: string + minItems: 1 + type: array + allowedRedirectURIs: + description: allowedRedirectURIs is a list of the allowed redirect_uri + param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. Must be https, unless it + is a loopback. + items: + type: string + minItems: 1 + type: array + allowedScopes: + description: "allowedScopes is a list of the allowed scopes param + values that should be accepted during OIDC flows with this client. + \n Must only contain the following values: - openid: The client + is allowed to request ID tokens. ID tokens only include the required + claims by default (iss, sub, aud, exp, iat). This scope must always + be listed. - offline_access: The client is allowed to request an + initial refresh token during the authorization code grant flow. + This scope must be listed if allowedGrantTypes lists refresh_token. + - pinniped:request-audience: The client is allowed to request a + new audience value during a RFC8693 token exchange, which is a step + in the process to be able to get a cluster credential for the user. + openid, username and groups scopes must be listed when this scope + is present. This scope must be listed if allowedGrantTypes lists + urn:ietf:params:oauth:grant-type:token-exchange. - username: The + client is allowed to request that ID tokens contain the user's username. + Without the username scope being requested and allowed, the ID token + will not contain the user's username. - groups: The client is allowed + to request that ID tokens contain the user's group membership, if + their group membership is discoverable by the Supervisor. Without + the groups scope being requested and allowed, the ID token will + not contain groups." + items: + enum: + - openid + - offline_access + - username + - groups + - pinniped:request-audience + type: string + minItems: 1 + type: array + required: + - allowedGrantTypes + - allowedRedirectURIs + - allowedScopes + type: object + status: + description: Status of the OIDC client. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.21/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.21/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 589a9154..00000000 --- a/generated/1.21/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,125 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev -spec: - group: oauth.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: "allowedGrantTypes is a list of the allowed grant_type - param values that should be accepted during OIDC flows with this - client. \n Must only contain the following values: - authorization_code: - allows the client to perform the authorization code grant flow, - i.e. allows the webapp to authenticate users. This grant must always - be listed. - refresh_token: allows the client to perform refresh - grants for the user to extend the user's session. This grant must - be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: - allows the client to perform RFC8693 token exchange, which is a - step in the process to be able to get a cluster credential for the - user. This grant must be listed if allowedScopes lists pinniped:request-audience." - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - allowedRedirectURIs: - description: allowedRedirectURIs is a list of the allowed redirect_uri - param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. Must be https, unless it - is a loopback. - items: - type: string - minItems: 1 - type: array - allowedScopes: - description: "allowedScopes is a list of the allowed scopes param - values that should be accepted during OIDC flows with this client. - \n Must only contain the following values: - openid: The client - is allowed to request ID tokens. ID tokens only include the required - claims by default (iss, sub, aud, exp, iat). This scope must always - be listed. - offline_access: The client is allowed to request an - initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a - new audience value during a RFC8693 token exchange, which is a step - in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope - is present. This scope must be listed if allowedGrantTypes lists - urn:ietf:params:oauth:grant-type:token-exchange. - username: The - client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token - will not contain the user's username. - groups: The client is allowed - to request that ID tokens contain the user's group membership, if - their group membership is discoverable by the Supervisor. Without - the groups scope being requested and allowed, the ID token will - not contain groups." - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/generated/1.22/README.adoc b/generated/1.22/README.adoc index 78e1cd46..5ba5e839 100644 --- a/generated/1.22/README.adoc +++ b/generated/1.22/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-22-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/register.go b/generated/1.22/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.22/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.22/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.22/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.22/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.22/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.22/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.22/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.22/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.22/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.22/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.22/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.22/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.22/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.22/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.22/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.22/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.22/client/supervisor/clientset/versioned/clientset.go b/generated/1.22/client/supervisor/clientset/versioned/clientset.go index dcdcab22..b110aa5d 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.22/client/supervisor/clientset/versioned/clientset.go @@ -10,7 +10,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -20,7 +19,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -29,7 +27,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -42,11 +39,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -76,10 +68,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) if err != nil { @@ -94,7 +82,6 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.NewForConfigOrDie(c) cs.iDPV1alpha1 = idpv1alpha1.NewForConfigOrDie(c) - cs.oauthV1alpha1 = oauthv1alpha1.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) return &cs @@ -105,7 +92,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go index 492217cf..919b66cf 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.22/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -79,8 +77,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.22/client/supervisor/clientset/versioned/fake/register.go b/generated/1.22/client/supervisor/clientset/versioned/fake/register.go index 690d6ee3..38fb0501 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.22/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go index 99bafb85..1fdb17cd 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.22/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 8b13c709..252b4962 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -14,6 +14,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -25,6 +26,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. func NewForConfig(c *rest.Config) (*ConfigV1alpha1Client, error) { config := *c diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 309e08b8..1ad242eb 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go new file mode 100644 index 00000000..49ce2584 --- /dev/null +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -0,0 +1,129 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeOIDCClients implements OIDCClientInterface +type FakeOIDCClients struct { + Fake *FakeConfigV1alpha1 + ns string +} + +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} + +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} + +// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. +func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCClient), err +} + +// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. +func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} + for _, item := range obj.(*v1alpha1.OIDCClientList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested oIDCClients. +func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) + +} + +// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. +func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCClient), err +} + +// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. +func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCClient), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCClient), err +} + +// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. +func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) + return err +} + +// Patch applies the patch and returns the patched oIDCClient. +func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.OIDCClient), err +} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index be9f6246..8d5bdab6 100644 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.22/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index 7f7620ad..00000000 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go deleted file mode 100644 index afddba32..00000000 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOIDCClients implements OIDCClientInterface -type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 - ns string -} - -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} - -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} - -// Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. -func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// List takes label and field selectors, and returns the list of OIDCClients that match those selectors. -func (c *FakeOIDCClients) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.OIDCClientList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(oidcclientsResource, oidcclientsKind, c.ns, opts), &v1alpha1.OIDCClientList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.OIDCClientList{ListMeta: obj.(*v1alpha1.OIDCClientList).ListMeta} - for _, item := range obj.(*v1alpha1.OIDCClientList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested oIDCClients. -func (c *FakeOIDCClients) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(oidcclientsResource, c.ns, opts)) - -} - -// Create takes the representation of a oIDCClient and creates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Create(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.CreateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Update takes the representation of a oIDCClient and updates it. Returns the server's representation of the oIDCClient, and an error, if there is any. -func (c *FakeOIDCClients) Update(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(oidcclientsResource, c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOIDCClients) UpdateStatus(ctx context.Context, oIDCClient *v1alpha1.OIDCClient, opts v1.UpdateOptions) (*v1alpha1.OIDCClient, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(oidcclientsResource, "status", c.ns, oIDCClient), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} - -// Delete takes name of the oIDCClient and deletes it. Returns an error if one occurs. -func (c *FakeOIDCClients) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(oidcclientsResource, c.ns, name), &v1alpha1.OIDCClient{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOIDCClients) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(oidcclientsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.OIDCClientList{}) - return err -} - -// Patch applies the patch and returns the patched oIDCClient. -func (c *FakeOIDCClients) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.OIDCClient, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(oidcclientsResource, c.ns, name, pt, data, subresources...), &v1alpha1.OIDCClient{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.OIDCClient), err -} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 1bf4eb28..00000000 --- a/generated/1.22/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index f2d9a689..9659ea3a 100644 --- a/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 73fd8a10..a7d6ba7f 100644 --- a/generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.22/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.22/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.22/client/supervisor/informers/externalversions/factory.go b/generated/1.22/client/supervisor/informers/externalversions/factory.go index b1a59943..1686a18c 100644 --- a/generated/1.22/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.22/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.22/client/supervisor/informers/externalversions/generic.go b/generated/1.22/client/supervisor/informers/externalversions/generic.go index 0380a5b8..9f22e409 100644 --- a/generated/1.22/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.22/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.22/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.22/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index 97090c7c..00000000 --- a/generated/1.22/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 19d5ccb1..00000000 --- a/generated/1.22/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.22/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.22/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.22/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.22/client/supervisor/listers/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.22/client/supervisor/listers/oauth/v1alpha1/oidcclient.go rename to generated/1.22/client/supervisor/listers/config/v1alpha1/oidcclient.go index e73a2114..fe4943b0 100644 --- a/generated/1.22/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ b/generated/1.22/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -6,7 +6,7 @@ package v1alpha1 import ( - v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.22/apis/supervisor/config/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/generated/1.22/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.22/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.22/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml new file mode 100644 index 00000000..4efa445e --- /dev/null +++ b/generated/1.22/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: oidcclients.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: OIDCClient + listKind: OIDCClientList + plural: oidcclients + singular: oidcclient + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCClient describes the configuration of an OIDC client. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC client. + properties: + allowedGrantTypes: + description: "allowedGrantTypes is a list of the allowed grant_type + param values that should be accepted during OIDC flows with this + client. \n Must only contain the following values: - authorization_code: + allows the client to perform the authorization code grant flow, + i.e. allows the webapp to authenticate users. This grant must always + be listed. - refresh_token: allows the client to perform refresh + grants for the user to extend the user's session. This grant must + be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: + allows the client to perform RFC8693 token exchange, which is a + step in the process to be able to get a cluster credential for the + user. This grant must be listed if allowedScopes lists pinniped:request-audience." + items: + enum: + - authorization_code + - refresh_token + - urn:ietf:params:oauth:grant-type:token-exchange + type: string + minItems: 1 + type: array + allowedRedirectURIs: + description: allowedRedirectURIs is a list of the allowed redirect_uri + param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. Must be https, unless it + is a loopback. + items: + type: string + minItems: 1 + type: array + allowedScopes: + description: "allowedScopes is a list of the allowed scopes param + values that should be accepted during OIDC flows with this client. + \n Must only contain the following values: - openid: The client + is allowed to request ID tokens. ID tokens only include the required + claims by default (iss, sub, aud, exp, iat). This scope must always + be listed. - offline_access: The client is allowed to request an + initial refresh token during the authorization code grant flow. + This scope must be listed if allowedGrantTypes lists refresh_token. + - pinniped:request-audience: The client is allowed to request a + new audience value during a RFC8693 token exchange, which is a step + in the process to be able to get a cluster credential for the user. + openid, username and groups scopes must be listed when this scope + is present. This scope must be listed if allowedGrantTypes lists + urn:ietf:params:oauth:grant-type:token-exchange. - username: The + client is allowed to request that ID tokens contain the user's username. + Without the username scope being requested and allowed, the ID token + will not contain the user's username. - groups: The client is allowed + to request that ID tokens contain the user's group membership, if + their group membership is discoverable by the Supervisor. Without + the groups scope being requested and allowed, the ID token will + not contain groups." + items: + enum: + - openid + - offline_access + - username + - groups + - pinniped:request-audience + type: string + minItems: 1 + type: array + required: + - allowedGrantTypes + - allowedRedirectURIs + - allowedScopes + type: object + status: + description: Status of the OIDC client. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.22/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.22/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 589a9154..00000000 --- a/generated/1.22/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,125 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev -spec: - group: oauth.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: "allowedGrantTypes is a list of the allowed grant_type - param values that should be accepted during OIDC flows with this - client. \n Must only contain the following values: - authorization_code: - allows the client to perform the authorization code grant flow, - i.e. allows the webapp to authenticate users. This grant must always - be listed. - refresh_token: allows the client to perform refresh - grants for the user to extend the user's session. This grant must - be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: - allows the client to perform RFC8693 token exchange, which is a - step in the process to be able to get a cluster credential for the - user. This grant must be listed if allowedScopes lists pinniped:request-audience." - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - allowedRedirectURIs: - description: allowedRedirectURIs is a list of the allowed redirect_uri - param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. Must be https, unless it - is a loopback. - items: - type: string - minItems: 1 - type: array - allowedScopes: - description: "allowedScopes is a list of the allowed scopes param - values that should be accepted during OIDC flows with this client. - \n Must only contain the following values: - openid: The client - is allowed to request ID tokens. ID tokens only include the required - claims by default (iss, sub, aud, exp, iat). This scope must always - be listed. - offline_access: The client is allowed to request an - initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a - new audience value during a RFC8693 token exchange, which is a step - in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope - is present. This scope must be listed if allowedGrantTypes lists - urn:ietf:params:oauth:grant-type:token-exchange. - username: The - client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token - will not contain the user's username. - groups: The client is allowed - to request that ID tokens contain the user's group membership, if - their group membership is discoverable by the Supervisor. Without - the groups scope being requested and allowed, the ID token will - not contain groups." - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/generated/1.23/README.adoc b/generated/1.23/README.adoc index d858f07a..78612146 100644 --- a/generated/1.23/README.adoc +++ b/generated/1.23/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-23-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/register.go b/generated/1.23/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.23/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.23/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.23/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.23/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.23/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.23/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.23/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.23/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.23/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.23/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.23/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.23/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.23/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.23/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.23/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.23/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.23/client/supervisor/clientset/versioned/clientset.go b/generated/1.23/client/supervisor/clientset/versioned/clientset.go index 0347d1bb..6f778d3a 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.23/client/supervisor/clientset/versioned/clientset.go @@ -11,7 +11,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -21,7 +20,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -30,7 +28,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -43,11 +40,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -100,10 +92,6 @@ func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) if err != nil { @@ -127,7 +115,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go index 26e5ff04..0c53ef8d 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.23/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -79,8 +77,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.23/client/supervisor/clientset/versioned/fake/register.go b/generated/1.23/client/supervisor/clientset/versioned/fake/register.go index 328aca4e..f46c7432 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.23/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go index 5d908f2e..b251a20d 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.23/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index 8327d19b..bca8a275 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -16,6 +16,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -27,6 +28,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index fd1c886c..9cda8fe3 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index 34cf2735..e810d4f6 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index 18287fd4..07983ea2 100644 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.23/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index c5ce6f9b..00000000 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 7891e154..00000000 --- a/generated/1.23/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new OauthV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index c2a3fb35..c23807e9 100644 --- a/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index a7fdc001..73b0bc9a 100644 --- a/generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.23/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.23/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.23/client/supervisor/informers/externalversions/factory.go b/generated/1.23/client/supervisor/informers/externalversions/factory.go index 690cfe62..25a2ea38 100644 --- a/generated/1.23/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.23/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.23/client/supervisor/informers/externalversions/generic.go b/generated/1.23/client/supervisor/informers/externalversions/generic.go index da434169..4d9f6dce 100644 --- a/generated/1.23/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.23/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.23/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.23/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index f5bbdc54..00000000 --- a/generated/1.23/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 6d128bf0..00000000 --- a/generated/1.23/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.23/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.23/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.23/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.23/client/supervisor/listers/config/v1alpha1/oidcclient.go new file mode 100644 index 00000000..b661faa8 --- /dev/null +++ b/generated/1.23/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OIDCClientLister helps list OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientLister interface { + // List lists all OIDCClients in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) + // OIDCClients returns an object that can list and get OIDCClients. + OIDCClients(namespace string) OIDCClientNamespaceLister + OIDCClientListerExpansion +} + +// oIDCClientLister implements the OIDCClientLister interface. +type oIDCClientLister struct { + indexer cache.Indexer +} + +// NewOIDCClientLister returns a new OIDCClientLister. +func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { + return &oIDCClientLister{indexer: indexer} +} + +// List lists all OIDCClients in the indexer. +func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCClient)) + }) + return ret, err +} + +// OIDCClients returns an object that can list and get OIDCClients. +func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { + return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OIDCClientNamespaceLister helps list and get OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientNamespaceLister interface { + // List lists all OIDCClients in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) + // Get retrieves the OIDCClient from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.OIDCClient, error) + OIDCClientNamespaceListerExpansion +} + +// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister +// interface. +type oIDCClientNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OIDCClients in the indexer for a given namespace. +func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCClient)) + }) + return ret, err +} + +// Get retrieves the OIDCClient from the indexer for a given namespace and name. +func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) + } + return obj.(*v1alpha1.OIDCClient), nil +} diff --git a/generated/1.23/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.23/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.23/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.23/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.23/client/supervisor/listers/oauth/v1alpha1/oidcclient.go deleted file mode 100644 index 28d81d93..00000000 --- a/generated/1.23/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.23/apis/supervisor/oauth/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml new file mode 100644 index 00000000..4efa445e --- /dev/null +++ b/generated/1.23/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: oidcclients.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: OIDCClient + listKind: OIDCClientList + plural: oidcclients + singular: oidcclient + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCClient describes the configuration of an OIDC client. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC client. + properties: + allowedGrantTypes: + description: "allowedGrantTypes is a list of the allowed grant_type + param values that should be accepted during OIDC flows with this + client. \n Must only contain the following values: - authorization_code: + allows the client to perform the authorization code grant flow, + i.e. allows the webapp to authenticate users. This grant must always + be listed. - refresh_token: allows the client to perform refresh + grants for the user to extend the user's session. This grant must + be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: + allows the client to perform RFC8693 token exchange, which is a + step in the process to be able to get a cluster credential for the + user. This grant must be listed if allowedScopes lists pinniped:request-audience." + items: + enum: + - authorization_code + - refresh_token + - urn:ietf:params:oauth:grant-type:token-exchange + type: string + minItems: 1 + type: array + allowedRedirectURIs: + description: allowedRedirectURIs is a list of the allowed redirect_uri + param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. Must be https, unless it + is a loopback. + items: + type: string + minItems: 1 + type: array + allowedScopes: + description: "allowedScopes is a list of the allowed scopes param + values that should be accepted during OIDC flows with this client. + \n Must only contain the following values: - openid: The client + is allowed to request ID tokens. ID tokens only include the required + claims by default (iss, sub, aud, exp, iat). This scope must always + be listed. - offline_access: The client is allowed to request an + initial refresh token during the authorization code grant flow. + This scope must be listed if allowedGrantTypes lists refresh_token. + - pinniped:request-audience: The client is allowed to request a + new audience value during a RFC8693 token exchange, which is a step + in the process to be able to get a cluster credential for the user. + openid, username and groups scopes must be listed when this scope + is present. This scope must be listed if allowedGrantTypes lists + urn:ietf:params:oauth:grant-type:token-exchange. - username: The + client is allowed to request that ID tokens contain the user's username. + Without the username scope being requested and allowed, the ID token + will not contain the user's username. - groups: The client is allowed + to request that ID tokens contain the user's group membership, if + their group membership is discoverable by the Supervisor. Without + the groups scope being requested and allowed, the ID token will + not contain groups." + items: + enum: + - openid + - offline_access + - username + - groups + - pinniped:request-audience + type: string + minItems: 1 + type: array + required: + - allowedGrantTypes + - allowedRedirectURIs + - allowedScopes + type: object + status: + description: Status of the OIDC client. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.23/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.23/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 589a9154..00000000 --- a/generated/1.23/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,125 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev -spec: - group: oauth.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: "allowedGrantTypes is a list of the allowed grant_type - param values that should be accepted during OIDC flows with this - client. \n Must only contain the following values: - authorization_code: - allows the client to perform the authorization code grant flow, - i.e. allows the webapp to authenticate users. This grant must always - be listed. - refresh_token: allows the client to perform refresh - grants for the user to extend the user's session. This grant must - be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: - allows the client to perform RFC8693 token exchange, which is a - step in the process to be able to get a cluster credential for the - user. This grant must be listed if allowedScopes lists pinniped:request-audience." - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - allowedRedirectURIs: - description: allowedRedirectURIs is a list of the allowed redirect_uri - param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. Must be https, unless it - is a loopback. - items: - type: string - minItems: 1 - type: array - allowedScopes: - description: "allowedScopes is a list of the allowed scopes param - values that should be accepted during OIDC flows with this client. - \n Must only contain the following values: - openid: The client - is allowed to request ID tokens. ID tokens only include the required - claims by default (iss, sub, aud, exp, iat). This scope must always - be listed. - offline_access: The client is allowed to request an - initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a - new audience value during a RFC8693 token exchange, which is a step - in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope - is present. This scope must be listed if allowedGrantTypes lists - urn:ietf:params:oauth:grant-type:token-exchange. - username: The - client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token - will not contain the user's username. - groups: The client is allowed - to request that ID tokens contain the user's group membership, if - their group membership is discoverable by the Supervisor. Without - the groups scope being requested and allowed, the ID token will - not contain groups." - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/generated/1.24/README.adoc b/generated/1.24/README.adoc index 381b2f7e..9255c3d4 100644 --- a/generated/1.24/README.adoc +++ b/generated/1.24/README.adoc @@ -12,7 +12,6 @@ - xref:{anchor_prefix}-identity-concierge-pinniped-dev-v1alpha1[$$identity.concierge.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-idp-supervisor-pinniped-dev-v1alpha1[$$idp.supervisor.pinniped.dev/v1alpha1$$] - xref:{anchor_prefix}-login-concierge-pinniped-dev-v1alpha1[$$login.concierge.pinniped.dev/v1alpha1$$] -- xref:{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1[$$oauth.supervisor.pinniped.dev/v1alpha1$$] [id="{anchor_prefix}-authentication-concierge-pinniped-dev-v1alpha1"] @@ -544,6 +543,51 @@ FederationDomainTLSSpec is a struct that describes the TLS configuration for an |=== +[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclient"] +==== OIDCClient + +OIDCClient describes the configuration of an OIDC client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclientlist[$$OIDCClientList$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. + +| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. +| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. +|=== + + + + +[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclientspec"] +==== OIDCClientSpec + +OIDCClientSpec is a struct that describes an OIDC Client. + +.Appears In: +**** +- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-config-v1alpha1-oidcclient[$$OIDCClient$$] +**** + +[cols="25a,75a", options="header"] +|=== +| Field | Description +| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. +| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. +| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. + Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. +|=== + + + + [id="{anchor_prefix}-identity-concierge-pinniped-dev-identity"] === identity.concierge.pinniped.dev/identity @@ -1333,56 +1377,3 @@ TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned |=== - -[id="{anchor_prefix}-oauth-supervisor-pinniped-dev-v1alpha1"] -=== oauth.supervisor.pinniped.dev/v1alpha1 - -Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-oauth-v1alpha1-oidcclient"] -==== OIDCClient - -OIDCClient describes the configuration of an OIDC client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-oauth-v1alpha1-oidcclientlist[$$OIDCClientList$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`metadata`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#objectmeta-v1-meta[$$ObjectMeta$$]__ | Refer to Kubernetes API documentation for fields of `metadata`. - -| *`spec`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-oauth-v1alpha1-oidcclientspec[$$OIDCClientSpec$$]__ | Spec of the OIDC client. -| *`status`* __xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-oauth-v1alpha1-oidcclientstatus[$$OIDCClientStatus$$]__ | Status of the OIDC client. -|=== - - - - -[id="{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-oauth-v1alpha1-oidcclientspec"] -==== OIDCClientSpec - -OIDCClientSpec is a struct that describes an OIDC Client. - -.Appears In: -**** -- xref:{anchor_prefix}-go-pinniped-dev-generated-1-24-apis-supervisor-oauth-v1alpha1-oidcclient[$$OIDCClient$$] -**** - -[cols="25a,75a", options="header"] -|=== -| Field | Description -| *`allowedRedirectURIs`* __string array__ | allowedRedirectURIs is a list of the allowed redirect_uri param values that should be accepted during OIDC flows with this client. Any other uris will be rejected. Must be https, unless it is a loopback. -| *`allowedGrantTypes`* __GrantType array__ | allowedGrantTypes is a list of the allowed grant_type param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - authorization_code: allows the client to perform the authorization code grant flow, i.e. allows the webapp to authenticate users. This grant must always be listed. - refresh_token: allows the client to perform refresh grants for the user to extend the user's session. This grant must be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: allows the client to perform RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. This grant must be listed if allowedScopes lists pinniped:request-audience. -| *`allowedScopes`* __Scope array__ | allowedScopes is a list of the allowed scopes param values that should be accepted during OIDC flows with this client. - Must only contain the following values: - openid: The client is allowed to request ID tokens. ID tokens only include the required claims by default (iss, sub, aud, exp, iat). This scope must always be listed. - offline_access: The client is allowed to request an initial refresh token during the authorization code grant flow. This scope must be listed if allowedGrantTypes lists refresh_token. - pinniped:request-audience: The client is allowed to request a new audience value during a RFC8693 token exchange, which is a step in the process to be able to get a cluster credential for the user. openid, username and groups scopes must be listed when this scope is present. This scope must be listed if allowedGrantTypes lists urn:ietf:params:oauth:grant-type:token-exchange. - username: The client is allowed to request that ID tokens contain the user's username. Without the username scope being requested and allowed, the ID token will not contain the user's username. - groups: The client is allowed to request that ID tokens contain the user's group membership, if their group membership is discoverable by the Supervisor. Without the groups scope being requested and allowed, the ID token will not contain groups. -|=== - - - - diff --git a/generated/1.24/apis/supervisor/config/v1alpha1/register.go b/generated/1.24/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/1.24/apis/supervisor/config/v1alpha1/register.go +++ b/generated/1.24/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/1.24/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/1.24/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/1.24/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/1.24/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.24/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/1.24/apis/supervisor/oauth/v1alpha1/doc.go b/generated/1.24/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/1.24/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/1.24/apis/supervisor/oauth/v1alpha1/register.go b/generated/1.24/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/1.24/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/1.24/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/1.24/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/1.24/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/1.24/client/supervisor/clientset/versioned/clientset.go b/generated/1.24/client/supervisor/clientset/versioned/clientset.go index faf9359f..39ee1be5 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/clientset.go +++ b/generated/1.24/client/supervisor/clientset/versioned/clientset.go @@ -11,7 +11,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -21,7 +20,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -30,7 +28,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -43,11 +40,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -100,10 +92,6 @@ func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) if err != nil { @@ -127,7 +115,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/1.24/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/1.24/client/supervisor/clientset/versioned/fake/clientset_generated.go index 3784bd68..f613b900 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/1.24/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -79,8 +77,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/1.24/client/supervisor/clientset/versioned/fake/register.go b/generated/1.24/client/supervisor/clientset/versioned/fake/register.go index 3ac8970f..e74fd77e 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/1.24/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.24/client/supervisor/clientset/versioned/scheme/register.go b/generated/1.24/client/supervisor/clientset/versioned/scheme/register.go index 696c9bcc..4e2cb90f 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/1.24/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index dc9ff4c2..975ae72c 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -16,6 +16,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -27,6 +28,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 19460208..79b8be68 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index ec6ea5cd..550031b4 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index cdbc0f4a..c7656132 100644 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/1.24/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index f35814e2..00000000 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 3f71b07e..00000000 --- a/generated/1.24/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new OauthV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 37374c24..4367467b 100644 --- a/generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index 51bc882d..ea999067 100644 --- a/generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/1.24/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/1.24/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/1.24/client/supervisor/informers/externalversions/factory.go b/generated/1.24/client/supervisor/informers/externalversions/factory.go index 1160af22..cd409f8c 100644 --- a/generated/1.24/client/supervisor/informers/externalversions/factory.go +++ b/generated/1.24/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/1.24/client/supervisor/informers/externalversions/generic.go b/generated/1.24/client/supervisor/informers/externalversions/generic.go index cff2d5db..c8e3dd37 100644 --- a/generated/1.24/client/supervisor/informers/externalversions/generic.go +++ b/generated/1.24/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/1.24/client/supervisor/informers/externalversions/oauth/interface.go b/generated/1.24/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index de6a600c..00000000 --- a/generated/1.24/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 7abf7d4f..00000000 --- a/generated/1.24/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/1.24/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/1.24/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/1.24/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/1.24/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/1.24/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.24/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/1.24/client/supervisor/listers/config/v1alpha1/oidcclient.go new file mode 100644 index 00000000..d69dd1fc --- /dev/null +++ b/generated/1.24/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OIDCClientLister helps list OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientLister interface { + // List lists all OIDCClients in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) + // OIDCClients returns an object that can list and get OIDCClients. + OIDCClients(namespace string) OIDCClientNamespaceLister + OIDCClientListerExpansion +} + +// oIDCClientLister implements the OIDCClientLister interface. +type oIDCClientLister struct { + indexer cache.Indexer +} + +// NewOIDCClientLister returns a new OIDCClientLister. +func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { + return &oIDCClientLister{indexer: indexer} +} + +// List lists all OIDCClients in the indexer. +func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCClient)) + }) + return ret, err +} + +// OIDCClients returns an object that can list and get OIDCClients. +func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { + return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OIDCClientNamespaceLister helps list and get OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientNamespaceLister interface { + // List lists all OIDCClients in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) + // Get retrieves the OIDCClient from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.OIDCClient, error) + OIDCClientNamespaceListerExpansion +} + +// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister +// interface. +type oIDCClientNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OIDCClients in the indexer for a given namespace. +func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCClient)) + }) + return ret, err +} + +// Get retrieves the OIDCClient from the indexer for a given namespace and name. +func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) + } + return obj.(*v1alpha1.OIDCClient), nil +} diff --git a/generated/1.24/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/1.24/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/1.24/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/1.24/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/1.24/client/supervisor/listers/oauth/v1alpha1/oidcclient.go deleted file mode 100644 index a969aa96..00000000 --- a/generated/1.24/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/1.24/apis/supervisor/oauth/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml new file mode 100644 index 00000000..4efa445e --- /dev/null +++ b/generated/1.24/crds/config.supervisor.pinniped.dev_oidcclients.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: oidcclients.config.supervisor.pinniped.dev +spec: + group: config.supervisor.pinniped.dev + names: + categories: + - pinniped + kind: OIDCClient + listKind: OIDCClientList + plural: oidcclients + singular: oidcclient + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: OIDCClient describes the configuration of an OIDC client. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec of the OIDC client. + properties: + allowedGrantTypes: + description: "allowedGrantTypes is a list of the allowed grant_type + param values that should be accepted during OIDC flows with this + client. \n Must only contain the following values: - authorization_code: + allows the client to perform the authorization code grant flow, + i.e. allows the webapp to authenticate users. This grant must always + be listed. - refresh_token: allows the client to perform refresh + grants for the user to extend the user's session. This grant must + be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: + allows the client to perform RFC8693 token exchange, which is a + step in the process to be able to get a cluster credential for the + user. This grant must be listed if allowedScopes lists pinniped:request-audience." + items: + enum: + - authorization_code + - refresh_token + - urn:ietf:params:oauth:grant-type:token-exchange + type: string + minItems: 1 + type: array + allowedRedirectURIs: + description: allowedRedirectURIs is a list of the allowed redirect_uri + param values that should be accepted during OIDC flows with this + client. Any other uris will be rejected. Must be https, unless it + is a loopback. + items: + type: string + minItems: 1 + type: array + allowedScopes: + description: "allowedScopes is a list of the allowed scopes param + values that should be accepted during OIDC flows with this client. + \n Must only contain the following values: - openid: The client + is allowed to request ID tokens. ID tokens only include the required + claims by default (iss, sub, aud, exp, iat). This scope must always + be listed. - offline_access: The client is allowed to request an + initial refresh token during the authorization code grant flow. + This scope must be listed if allowedGrantTypes lists refresh_token. + - pinniped:request-audience: The client is allowed to request a + new audience value during a RFC8693 token exchange, which is a step + in the process to be able to get a cluster credential for the user. + openid, username and groups scopes must be listed when this scope + is present. This scope must be listed if allowedGrantTypes lists + urn:ietf:params:oauth:grant-type:token-exchange. - username: The + client is allowed to request that ID tokens contain the user's username. + Without the username scope being requested and allowed, the ID token + will not contain the user's username. - groups: The client is allowed + to request that ID tokens contain the user's group membership, if + their group membership is discoverable by the Supervisor. Without + the groups scope being requested and allowed, the ID token will + not contain groups." + items: + enum: + - openid + - offline_access + - username + - groups + - pinniped:request-audience + type: string + minItems: 1 + type: array + required: + - allowedGrantTypes + - allowedRedirectURIs + - allowedScopes + type: object + status: + description: Status of the OIDC client. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/generated/1.24/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml b/generated/1.24/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml deleted file mode 100644 index 589a9154..00000000 --- a/generated/1.24/crds/oauth.supervisor.pinniped.dev_oidcclients.yaml +++ /dev/null @@ -1,125 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: oidcclients.oauth.supervisor.pinniped.dev -spec: - group: oauth.supervisor.pinniped.dev - names: - categories: - - pinniped - kind: OIDCClient - listKind: OIDCClientList - plural: oidcclients - singular: oidcclient - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: OIDCClient describes the configuration of an OIDC client. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec of the OIDC client. - properties: - allowedGrantTypes: - description: "allowedGrantTypes is a list of the allowed grant_type - param values that should be accepted during OIDC flows with this - client. \n Must only contain the following values: - authorization_code: - allows the client to perform the authorization code grant flow, - i.e. allows the webapp to authenticate users. This grant must always - be listed. - refresh_token: allows the client to perform refresh - grants for the user to extend the user's session. This grant must - be listed if allowedScopes lists offline_access. - urn:ietf:params:oauth:grant-type:token-exchange: - allows the client to perform RFC8693 token exchange, which is a - step in the process to be able to get a cluster credential for the - user. This grant must be listed if allowedScopes lists pinniped:request-audience." - items: - enum: - - authorization_code - - refresh_token - - urn:ietf:params:oauth:grant-type:token-exchange - type: string - minItems: 1 - type: array - allowedRedirectURIs: - description: allowedRedirectURIs is a list of the allowed redirect_uri - param values that should be accepted during OIDC flows with this - client. Any other uris will be rejected. Must be https, unless it - is a loopback. - items: - type: string - minItems: 1 - type: array - allowedScopes: - description: "allowedScopes is a list of the allowed scopes param - values that should be accepted during OIDC flows with this client. - \n Must only contain the following values: - openid: The client - is allowed to request ID tokens. ID tokens only include the required - claims by default (iss, sub, aud, exp, iat). This scope must always - be listed. - offline_access: The client is allowed to request an - initial refresh token during the authorization code grant flow. - This scope must be listed if allowedGrantTypes lists refresh_token. - - pinniped:request-audience: The client is allowed to request a - new audience value during a RFC8693 token exchange, which is a step - in the process to be able to get a cluster credential for the user. - openid, username and groups scopes must be listed when this scope - is present. This scope must be listed if allowedGrantTypes lists - urn:ietf:params:oauth:grant-type:token-exchange. - username: The - client is allowed to request that ID tokens contain the user's username. - Without the username scope being requested and allowed, the ID token - will not contain the user's username. - groups: The client is allowed - to request that ID tokens contain the user's group membership, if - their group membership is discoverable by the Supervisor. Without - the groups scope being requested and allowed, the ID token will - not contain groups." - items: - enum: - - openid - - offline_access - - username - - groups - - pinniped:request-audience - type: string - minItems: 1 - type: array - required: - - allowedGrantTypes - - allowedRedirectURIs - - allowedScopes - type: object - status: - description: Status of the OIDC client. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/generated/latest/apis/supervisor/config/v1alpha1/register.go b/generated/latest/apis/supervisor/config/v1alpha1/register.go index 69045298..54c51699 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/register.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/register.go @@ -32,6 +32,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &FederationDomain{}, &FederationDomainList{}, + &OIDCClient{}, + &OIDCClientList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/generated/latest/apis/supervisor/oauth/v1alpha1/types_oidcclient.go b/generated/latest/apis/supervisor/config/v1alpha1/types_oidcclient.go similarity index 100% rename from generated/latest/apis/supervisor/oauth/v1alpha1/types_oidcclient.go rename to generated/latest/apis/supervisor/config/v1alpha1/types_oidcclient.go diff --git a/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go index 856b8988..a55d88e7 100644 --- a/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go +++ b/generated/latest/apis/supervisor/config/v1alpha1/zz_generated.deepcopy.go @@ -150,3 +150,111 @@ func (in *FederationDomainTLSSpec) DeepCopy() *FederationDomainTLSSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. +func (in *OIDCClient) DeepCopy() *OIDCClient { + if in == nil { + return nil + } + out := new(OIDCClient) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClient) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]OIDCClient, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. +func (in *OIDCClientList) DeepCopy() *OIDCClientList { + if in == nil { + return nil + } + out := new(OIDCClientList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *OIDCClientList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { + *out = *in + if in.AllowedRedirectURIs != nil { + in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowedGrantTypes != nil { + in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes + *out = make([]GrantType, len(*in)) + copy(*out, *in) + } + if in.AllowedScopes != nil { + in, out := &in.AllowedScopes, &out.AllowedScopes + *out = make([]Scope, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. +func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { + if in == nil { + return nil + } + out := new(OIDCClientSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. +func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { + if in == nil { + return nil + } + out := new(OIDCClientStatus) + in.DeepCopyInto(out) + return out +} diff --git a/generated/latest/apis/supervisor/oauth/v1alpha1/doc.go b/generated/latest/apis/supervisor/oauth/v1alpha1/doc.go deleted file mode 100644 index 75580481..00000000 --- a/generated/latest/apis/supervisor/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,10 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=oauth.supervisor.pinniped.dev - -// Package v1alpha1 is the v1alpha1 version of the Pinniped supervisor oauth API. -package v1alpha1 diff --git a/generated/latest/apis/supervisor/oauth/v1alpha1/register.go b/generated/latest/apis/supervisor/oauth/v1alpha1/register.go deleted file mode 100644 index 37ae1fbf..00000000 --- a/generated/latest/apis/supervisor/oauth/v1alpha1/register.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -const GroupName = "oauth.supervisor.pinniped.dev" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &OIDCClient{}, - &OIDCClientList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} diff --git a/generated/latest/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go b/generated/latest/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 1aba8aea..00000000 --- a/generated/latest/apis/supervisor/oauth/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,121 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClient) DeepCopyInto(out *OIDCClient) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClient. -func (in *OIDCClient) DeepCopy() *OIDCClient { - if in == nil { - return nil - } - out := new(OIDCClient) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClient) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientList) DeepCopyInto(out *OIDCClientList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]OIDCClient, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientList. -func (in *OIDCClientList) DeepCopy() *OIDCClientList { - if in == nil { - return nil - } - out := new(OIDCClientList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OIDCClientList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientSpec) DeepCopyInto(out *OIDCClientSpec) { - *out = *in - if in.AllowedRedirectURIs != nil { - in, out := &in.AllowedRedirectURIs, &out.AllowedRedirectURIs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.AllowedGrantTypes != nil { - in, out := &in.AllowedGrantTypes, &out.AllowedGrantTypes - *out = make([]GrantType, len(*in)) - copy(*out, *in) - } - if in.AllowedScopes != nil { - in, out := &in.AllowedScopes, &out.AllowedScopes - *out = make([]Scope, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientSpec. -func (in *OIDCClientSpec) DeepCopy() *OIDCClientSpec { - if in == nil { - return nil - } - out := new(OIDCClientSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OIDCClientStatus) DeepCopyInto(out *OIDCClientStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCClientStatus. -func (in *OIDCClientStatus) DeepCopy() *OIDCClientStatus { - if in == nil { - return nil - } - out := new(OIDCClientStatus) - in.DeepCopyInto(out) - return out -} diff --git a/generated/latest/client/supervisor/clientset/versioned/clientset.go b/generated/latest/client/supervisor/clientset/versioned/clientset.go index cc05d311..206751d2 100644 --- a/generated/latest/client/supervisor/clientset/versioned/clientset.go +++ b/generated/latest/client/supervisor/clientset/versioned/clientset.go @@ -11,7 +11,6 @@ import ( configv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" flowcontrol "k8s.io/client-go/util/flowcontrol" @@ -21,7 +20,6 @@ type Interface interface { Discovery() discovery.DiscoveryInterface ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface - OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface } // Clientset contains the clients for groups. Each group has exactly one @@ -30,7 +28,6 @@ type Clientset struct { *discovery.DiscoveryClient configV1alpha1 *configv1alpha1.ConfigV1alpha1Client iDPV1alpha1 *idpv1alpha1.IDPV1alpha1Client - oauthV1alpha1 *oauthv1alpha1.OauthV1alpha1Client } // ConfigV1alpha1 retrieves the ConfigV1alpha1Client @@ -43,11 +40,6 @@ func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return c.iDPV1alpha1 } -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return c.oauthV1alpha1 -} - // Discovery retrieves the DiscoveryClient func (c *Clientset) Discovery() discovery.DiscoveryInterface { if c == nil { @@ -100,10 +92,6 @@ func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, if err != nil { return nil, err } - cs.oauthV1alpha1, err = oauthv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient) - if err != nil { - return nil, err - } cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) if err != nil { @@ -127,7 +115,6 @@ func New(c rest.Interface) *Clientset { var cs Clientset cs.configV1alpha1 = configv1alpha1.New(c) cs.iDPV1alpha1 = idpv1alpha1.New(c) - cs.oauthV1alpha1 = oauthv1alpha1.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) return &cs diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go index 6b73fc47..783ec35f 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/clientset_generated.go @@ -11,8 +11,6 @@ import ( fakeconfigv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1" fakeidpv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/idp/v1alpha1/fake" - oauthv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - fakeoauthv1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/discovery" @@ -79,8 +77,3 @@ func (c *Clientset) ConfigV1alpha1() configv1alpha1.ConfigV1alpha1Interface { func (c *Clientset) IDPV1alpha1() idpv1alpha1.IDPV1alpha1Interface { return &fakeidpv1alpha1.FakeIDPV1alpha1{Fake: &c.Fake} } - -// OauthV1alpha1 retrieves the OauthV1alpha1Client -func (c *Clientset) OauthV1alpha1() oauthv1alpha1.OauthV1alpha1Interface { - return &fakeoauthv1alpha1.FakeOauthV1alpha1{Fake: &c.Fake} -} diff --git a/generated/latest/client/supervisor/clientset/versioned/fake/register.go b/generated/latest/client/supervisor/clientset/versioned/fake/register.go index db9bb1a4..4d84f079 100644 --- a/generated/latest/client/supervisor/clientset/versioned/fake/register.go +++ b/generated/latest/client/supervisor/clientset/versioned/fake/register.go @@ -8,7 +8,6 @@ package fake import ( configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/latest/client/supervisor/clientset/versioned/scheme/register.go b/generated/latest/client/supervisor/clientset/versioned/scheme/register.go index 9456d619..7b874df0 100644 --- a/generated/latest/client/supervisor/clientset/versioned/scheme/register.go +++ b/generated/latest/client/supervisor/clientset/versioned/scheme/register.go @@ -8,7 +8,6 @@ package scheme import ( configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -22,7 +21,6 @@ var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ configv1alpha1.AddToScheme, idpv1alpha1.AddToScheme, - oauthv1alpha1.AddToScheme, } // AddToScheme adds all types of this clientset into the given scheme. This allows composition diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go index c946632a..ea41ad67 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/config_client.go @@ -16,6 +16,7 @@ import ( type ConfigV1alpha1Interface interface { RESTClient() rest.Interface FederationDomainsGetter + OIDCClientsGetter } // ConfigV1alpha1Client is used to interact with features provided by the config.supervisor.pinniped.dev group. @@ -27,6 +28,10 @@ func (c *ConfigV1alpha1Client) FederationDomains(namespace string) FederationDom return newFederationDomains(c, namespace) } +func (c *ConfigV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { + return newOIDCClients(c, namespace) +} + // NewForConfig creates a new ConfigV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go index 088e66a2..2ca19bd6 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_config_client.go @@ -19,6 +19,10 @@ func (c *FakeConfigV1alpha1) FederationDomains(namespace string) v1alpha1.Federa return &FakeFederationDomains{c, namespace} } +func (c *FakeConfigV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { + return &FakeOIDCClients{c, namespace} +} + // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeConfigV1alpha1) RESTClient() rest.Interface { diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go similarity index 92% rename from generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go rename to generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go index 89568d1a..aba465a9 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oidcclient.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/fake/fake_oidcclient.go @@ -8,7 +8,7 @@ package fake import ( "context" - v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -19,13 +19,13 @@ import ( // FakeOIDCClients implements OIDCClientInterface type FakeOIDCClients struct { - Fake *FakeOauthV1alpha1 + Fake *FakeConfigV1alpha1 ns string } -var oidcclientsResource = schema.GroupVersionResource{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} +var oidcclientsResource = schema.GroupVersionResource{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Resource: "oidcclients"} -var oidcclientsKind = schema.GroupVersionKind{Group: "oauth.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} +var oidcclientsKind = schema.GroupVersionKind{Group: "config.supervisor.pinniped.dev", Version: "v1alpha1", Kind: "OIDCClient"} // Get takes name of the oIDCClient, and returns the corresponding oIDCClient object, and an error if there is any. func (c *FakeOIDCClients) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.OIDCClient, err error) { diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go index ba9c9173..35b9ee3d 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/generated_expansion.go @@ -6,3 +6,5 @@ package v1alpha1 type FederationDomainExpansion interface{} + +type OIDCClientExpansion interface{} diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go similarity index 97% rename from generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go rename to generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go index 888c2a7e..68fa884e 100644 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oidcclient.go +++ b/generated/latest/client/supervisor/clientset/versioned/typed/config/v1alpha1/oidcclient.go @@ -9,7 +9,7 @@ import ( "context" "time" - v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" scheme "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -44,7 +44,7 @@ type oIDCClients struct { } // newOIDCClients returns a OIDCClients -func newOIDCClients(c *OauthV1alpha1Client, namespace string) *oIDCClients { +func newOIDCClients(c *ConfigV1alpha1Client, namespace string) *oIDCClients { return &oIDCClients{ client: c.RESTClient(), ns: namespace, diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go b/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go deleted file mode 100644 index e7a470b6..00000000 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go b/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go deleted file mode 100644 index 7906901b..00000000 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go deleted file mode 100644 index abcc6a0c..00000000 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/fake/fake_oauth_client.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOauthV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOauthV1alpha1) OIDCClients(namespace string) v1alpha1.OIDCClientInterface { - return &FakeOIDCClients{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOauthV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go b/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go deleted file mode 100644 index 87d22ea9..00000000 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,8 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type OIDCClientExpansion interface{} diff --git a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go b/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go deleted file mode 100644 index 80077607..00000000 --- a/generated/latest/client/supervisor/clientset/versioned/typed/oauth/v1alpha1/oauth_client.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "net/http" - - v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" - "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OauthV1alpha1Interface interface { - RESTClient() rest.Interface - OIDCClientsGetter -} - -// OauthV1alpha1Client is used to interact with features provided by the oauth.supervisor.pinniped.dev group. -type OauthV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OauthV1alpha1Client) OIDCClients(namespace string) OIDCClientInterface { - return newOIDCClients(c, namespace) -} - -// NewForConfig creates a new OauthV1alpha1Client for the given config. -// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), -// where httpClient was generated with rest.HTTPClientFor(c). -func NewForConfig(c *rest.Config) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - httpClient, err := rest.HTTPClientFor(&config) - if err != nil { - return nil, err - } - return NewForConfigAndClient(&config, httpClient) -} - -// NewForConfigAndClient creates a new OauthV1alpha1Client for the given config and http client. -// Note the http client provided takes precedence over the configured transport values. -func NewForConfigAndClient(c *rest.Config, h *http.Client) (*OauthV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientForConfigAndClient(&config, h) - if err != nil { - return nil, err - } - return &OauthV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OauthV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OauthV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OauthV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OauthV1alpha1Client { - return &OauthV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OauthV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go index 5273529b..a86c165c 100644 --- a/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/interface.go @@ -13,6 +13,8 @@ import ( type Interface interface { // FederationDomains returns a FederationDomainInformer. FederationDomains() FederationDomainInformer + // OIDCClients returns a OIDCClientInformer. + OIDCClients() OIDCClientInformer } type version struct { @@ -30,3 +32,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) FederationDomains() FederationDomainInformer { return &federationDomainInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// OIDCClients returns a OIDCClientInformer. +func (v *version) OIDCClients() OIDCClientInformer { + return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go similarity index 88% rename from generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go rename to generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go index d3eec3d2..00d2f521 100644 --- a/generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/oidcclient.go +++ b/generated/latest/client/supervisor/informers/externalversions/config/v1alpha1/oidcclient.go @@ -9,10 +9,10 @@ import ( "context" time "time" - oauthv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" + configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" versioned "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned" internalinterfaces "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/oauth/v1alpha1" + v1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/listers/config/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -49,16 +49,16 @@ func NewFilteredOIDCClientInformer(client versioned.Interface, namespace string, if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).List(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OauthV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) + return client.ConfigV1alpha1().OIDCClients(namespace).Watch(context.TODO(), options) }, }, - &oauthv1alpha1.OIDCClient{}, + &configv1alpha1.OIDCClient{}, resyncPeriod, indexers, ) @@ -69,7 +69,7 @@ func (f *oIDCClientInformer) defaultInformer(client versioned.Interface, resyncP } func (f *oIDCClientInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&oauthv1alpha1.OIDCClient{}, f.defaultInformer) + return f.factory.InformerFor(&configv1alpha1.OIDCClient{}, f.defaultInformer) } func (f *oIDCClientInformer) Lister() v1alpha1.OIDCClientLister { diff --git a/generated/latest/client/supervisor/informers/externalversions/factory.go b/generated/latest/client/supervisor/informers/externalversions/factory.go index d3c714e7..252195d3 100644 --- a/generated/latest/client/supervisor/informers/externalversions/factory.go +++ b/generated/latest/client/supervisor/informers/externalversions/factory.go @@ -14,7 +14,6 @@ import ( config "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/config" idp "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/idp" internalinterfaces "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/internalinterfaces" - oauth "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/oauth" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -163,7 +162,6 @@ type SharedInformerFactory interface { Config() config.Interface IDP() idp.Interface - Oauth() oauth.Interface } func (f *sharedInformerFactory) Config() config.Interface { @@ -173,7 +171,3 @@ func (f *sharedInformerFactory) Config() config.Interface { func (f *sharedInformerFactory) IDP() idp.Interface { return idp.New(f, f.namespace, f.tweakListOptions) } - -func (f *sharedInformerFactory) Oauth() oauth.Interface { - return oauth.New(f, f.namespace, f.tweakListOptions) -} diff --git a/generated/latest/client/supervisor/informers/externalversions/generic.go b/generated/latest/client/supervisor/informers/externalversions/generic.go index ba708933..eb3f5543 100644 --- a/generated/latest/client/supervisor/informers/externalversions/generic.go +++ b/generated/latest/client/supervisor/informers/externalversions/generic.go @@ -10,7 +10,6 @@ import ( v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" - oauthv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -44,6 +43,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=config.supervisor.pinniped.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("federationdomains"): return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().FederationDomains().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("oidcclients"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Config().V1alpha1().OIDCClients().Informer()}, nil // Group=idp.supervisor.pinniped.dev, Version=v1alpha1 case idpv1alpha1.SchemeGroupVersion.WithResource("activedirectoryidentityproviders"): @@ -53,10 +54,6 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource case idpv1alpha1.SchemeGroupVersion.WithResource("oidcidentityproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.IDP().V1alpha1().OIDCIdentityProviders().Informer()}, nil - // Group=oauth.supervisor.pinniped.dev, Version=v1alpha1 - case oauthv1alpha1.SchemeGroupVersion.WithResource("oidcclients"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Oauth().V1alpha1().OIDCClients().Informer()}, nil - } return nil, fmt.Errorf("no informer found for %v", resource) diff --git a/generated/latest/client/supervisor/informers/externalversions/oauth/interface.go b/generated/latest/client/supervisor/informers/externalversions/oauth/interface.go deleted file mode 100644 index b0c7105b..00000000 --- a/generated/latest/client/supervisor/informers/externalversions/oauth/interface.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package oauth - -import ( - internalinterfaces "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/internalinterfaces" - v1alpha1 "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go b/generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go deleted file mode 100644 index 48e12497..00000000 --- a/generated/latest/client/supervisor/informers/externalversions/oauth/v1alpha1/interface.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "go.pinniped.dev/generated/latest/client/supervisor/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // OIDCClients returns a OIDCClientInformer. - OIDCClients() OIDCClientInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// OIDCClients returns a OIDCClientInformer. -func (v *version) OIDCClients() OIDCClientInformer { - return &oIDCClientInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go b/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go index d59892c4..bda2f20e 100644 --- a/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go +++ b/generated/latest/client/supervisor/listers/config/v1alpha1/expansion_generated.go @@ -12,3 +12,11 @@ type FederationDomainListerExpansion interface{} // FederationDomainNamespaceListerExpansion allows custom methods to be added to // FederationDomainNamespaceLister. type FederationDomainNamespaceListerExpansion interface{} + +// OIDCClientListerExpansion allows custom methods to be added to +// OIDCClientLister. +type OIDCClientListerExpansion interface{} + +// OIDCClientNamespaceListerExpansion allows custom methods to be added to +// OIDCClientNamespaceLister. +type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/latest/client/supervisor/listers/config/v1alpha1/oidcclient.go b/generated/latest/client/supervisor/listers/config/v1alpha1/oidcclient.go new file mode 100644 index 00000000..34297ee1 --- /dev/null +++ b/generated/latest/client/supervisor/listers/config/v1alpha1/oidcclient.go @@ -0,0 +1,86 @@ +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// OIDCClientLister helps list OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientLister interface { + // List lists all OIDCClients in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) + // OIDCClients returns an object that can list and get OIDCClients. + OIDCClients(namespace string) OIDCClientNamespaceLister + OIDCClientListerExpansion +} + +// oIDCClientLister implements the OIDCClientLister interface. +type oIDCClientLister struct { + indexer cache.Indexer +} + +// NewOIDCClientLister returns a new OIDCClientLister. +func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { + return &oIDCClientLister{indexer: indexer} +} + +// List lists all OIDCClients in the indexer. +func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCClient)) + }) + return ret, err +} + +// OIDCClients returns an object that can list and get OIDCClients. +func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { + return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// OIDCClientNamespaceLister helps list and get OIDCClients. +// All objects returned here must be treated as read-only. +type OIDCClientNamespaceLister interface { + // List lists all OIDCClients in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) + // Get retrieves the OIDCClient from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.OIDCClient, error) + OIDCClientNamespaceListerExpansion +} + +// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister +// interface. +type oIDCClientNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all OIDCClients in the indexer for a given namespace. +func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.OIDCClient)) + }) + return ret, err +} + +// Get retrieves the OIDCClient from the indexer for a given namespace and name. +func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) + } + return obj.(*v1alpha1.OIDCClient), nil +} diff --git a/generated/latest/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go b/generated/latest/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go deleted file mode 100644 index c19310da..00000000 --- a/generated/latest/client/supervisor/listers/oauth/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// OIDCClientListerExpansion allows custom methods to be added to -// OIDCClientLister. -type OIDCClientListerExpansion interface{} - -// OIDCClientNamespaceListerExpansion allows custom methods to be added to -// OIDCClientNamespaceLister. -type OIDCClientNamespaceListerExpansion interface{} diff --git a/generated/latest/client/supervisor/listers/oauth/v1alpha1/oidcclient.go b/generated/latest/client/supervisor/listers/oauth/v1alpha1/oidcclient.go deleted file mode 100644 index 189936b6..00000000 --- a/generated/latest/client/supervisor/listers/oauth/v1alpha1/oidcclient.go +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/oauth/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// OIDCClientLister helps list OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientLister interface { - // List lists all OIDCClients in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // OIDCClients returns an object that can list and get OIDCClients. - OIDCClients(namespace string) OIDCClientNamespaceLister - OIDCClientListerExpansion -} - -// oIDCClientLister implements the OIDCClientLister interface. -type oIDCClientLister struct { - indexer cache.Indexer -} - -// NewOIDCClientLister returns a new OIDCClientLister. -func NewOIDCClientLister(indexer cache.Indexer) OIDCClientLister { - return &oIDCClientLister{indexer: indexer} -} - -// List lists all OIDCClients in the indexer. -func (s *oIDCClientLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// OIDCClients returns an object that can list and get OIDCClients. -func (s *oIDCClientLister) OIDCClients(namespace string) OIDCClientNamespaceLister { - return oIDCClientNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// OIDCClientNamespaceLister helps list and get OIDCClients. -// All objects returned here must be treated as read-only. -type OIDCClientNamespaceLister interface { - // List lists all OIDCClients in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) - // Get retrieves the OIDCClient from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.OIDCClient, error) - OIDCClientNamespaceListerExpansion -} - -// oIDCClientNamespaceLister implements the OIDCClientNamespaceLister -// interface. -type oIDCClientNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all OIDCClients in the indexer for a given namespace. -func (s oIDCClientNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.OIDCClient, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.OIDCClient)) - }) - return ret, err -} - -// Get retrieves the OIDCClient from the indexer for a given namespace and name. -func (s oIDCClientNamespaceLister) Get(name string) (*v1alpha1.OIDCClient, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("oidcclient"), name) - } - return obj.(*v1alpha1.OIDCClient), nil -} diff --git a/hack/lib/update-codegen.sh b/hack/lib/update-codegen.sh index f50499ad..59a0887b 100755 --- a/hack/lib/update-codegen.sh +++ b/hack/lib/update-codegen.sh @@ -124,7 +124,7 @@ echo "generating API-related code for our public API groups..." "deepcopy" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ - "supervisor/config:v1alpha1 supervisor/idp:v1alpha1 supervisor/oauth:v1alpha1 concierge/config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1 concierge/identity:v1alpha1" \ + "supervisor/config:v1alpha1 supervisor/idp:v1alpha1 concierge/config:v1alpha1 concierge/authentication:v1alpha1 concierge/login:v1alpha1 concierge/identity:v1alpha1" \ --go-header-file "${ROOT}/hack/boilerplate.go.txt" -v "$debug_level" 2>&1 | sed "s|^|gen-api > |" ) @@ -160,7 +160,7 @@ echo "generating client code for our public API groups..." "client,lister,informer" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/client/supervisor" \ "${BASE_PKG}/generated/${KUBE_MINOR_VERSION}/apis" \ - "supervisor/config:v1alpha1 supervisor/idp:v1alpha1 supervisor/oauth:v1alpha1" \ + "supervisor/config:v1alpha1 supervisor/idp:v1alpha1" \ --go-header-file "${ROOT}/hack/boilerplate.go.txt" -v "$debug_level" 2>&1 | sed "s|^|gen-client > |" ) @@ -181,7 +181,6 @@ crd-ref-docs \ (cd apis && controller-gen paths=./supervisor/config/v1alpha1 crd output:crd:artifacts:config=../crds && controller-gen paths=./supervisor/idp/v1alpha1 crd output:crd:artifacts:config=../crds && - controller-gen paths=./supervisor/oauth/v1alpha1 crd output:crd:artifacts:config=../crds && controller-gen paths=./concierge/config/v1alpha1 crd output:crd:artifacts:config=../crds && controller-gen paths=./concierge/authentication/v1alpha1 crd output:crd:artifacts:config=../crds ) diff --git a/test/integration/kube_api_discovery_test.go b/test/integration/kube_api_discovery_test.go index c0d243cf..e375bc75 100644 --- a/test/integration/kube_api_discovery_test.go +++ b/test/integration/kube_api_discovery_test.go @@ -53,7 +53,6 @@ func TestGetAPIResourceList(t *testing.T) { configConciergeGV := makeGV("config", "concierge") idpSupervisorGV := makeGV("idp", "supervisor") configSupervisorGV := makeGV("config", "supervisor") - oauthSupervisorGV := makeGV("oauth", "supervisor") tests := []struct { group metav1.APIGroup @@ -141,25 +140,6 @@ func TestGetAPIResourceList(t *testing.T) { Kind: "FederationDomain", Verbs: []string{"get", "patch", "update"}, }, - }, - }, - }, - { - group: metav1.APIGroup{ - Name: oauthSupervisorGV.Group, - Versions: []metav1.GroupVersionForDiscovery{ - { - GroupVersion: oauthSupervisorGV.String(), - Version: oauthSupervisorGV.Version, - }, - }, - PreferredVersion: metav1.GroupVersionForDiscovery{ - GroupVersion: oauthSupervisorGV.String(), - Version: oauthSupervisorGV.Version, - }, - }, - resourceByVersion: map[string][]metav1.APIResource{ - oauthSupervisorGV.String(): { { Name: "oidcclients", SingularName: "oidcclient", @@ -518,7 +498,7 @@ func TestCRDAdditionalPrinterColumns_Parallel(t *testing.T) { {Name: "Age", Type: "date", JSONPath: ".metadata.creationTimestamp"}, }, }, - addSuffix("oidcclients.oauth.supervisor"): { + addSuffix("oidcclients.config.supervisor"): { "v1alpha1": []apiextensionsv1.CustomResourceColumnDefinition{ {Name: "Age", Type: "date", JSONPath: ".metadata.creationTimestamp"}, },