diff --git a/apis/concierge/login/types_token.go.tmpl b/apis/concierge/login/types_token.go.tmpl index 91d36cfb..a0555f85 100644 --- a/apis/concierge/login/types_token.go.tmpl +++ b/apis/concierge/login/types_token.go.tmpl @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/apis/concierge/login/v1alpha1/types_token.go.tmpl b/apis/concierge/login/v1alpha1/types_token.go.tmpl index 9fba3369..cb5965a2 100644 --- a/apis/concierge/login/v1alpha1/types_token.go.tmpl +++ b/apis/concierge/login/v1alpha1/types_token.go.tmpl @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.17/README.adoc b/generated/1.17/README.adoc index e004e05e..23b14014 100644 --- a/generated/1.17/README.adoc +++ b/generated/1.17/README.adoc @@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. -| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. |=== diff --git a/generated/1.17/apis/concierge/login/types_token.go b/generated/1.17/apis/concierge/login/types_token.go index 91d36cfb..a0555f85 100644 --- a/generated/1.17/apis/concierge/login/types_token.go +++ b/generated/1.17/apis/concierge/login/types_token.go @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/generated/1.17/apis/concierge/login/v1alpha1/types_token.go b/generated/1.17/apis/concierge/login/v1alpha1/types_token.go index 9fba3369..cb5965a2 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/types_token.go @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 93defe45..999cd6d3 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } @@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } diff --git a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 2001aa60..4160d669 100644 --- a/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go index d92ad253..f43661bc 100644 --- a/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.17/apis/concierge/login/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.17/client/openapi/zz_generated.openapi.go b/generated/1.17/client/openapi/zz_generated.openapi.go index 821f0ba8..2aea6477 100644 --- a/generated/1.17/client/openapi/zz_generated.openapi.go +++ b/generated/1.17/client/openapi/zz_generated.openapi.go @@ -476,14 +476,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. Format: "", }, }, - "identityProvider": { + "authenticator": { SchemaProps: spec.SchemaProps{ - Description: "Reference to an identity provider which can fulfill this credential request.", + Description: "Reference to an authenticator which can validate this credential request.", Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), }, }, }, - Required: []string{"identityProvider"}, + Required: []string{"authenticator"}, }, }, Dependencies: []string{ diff --git a/generated/1.18/README.adoc b/generated/1.18/README.adoc index 3dc20e72..0361d216 100644 --- a/generated/1.18/README.adoc +++ b/generated/1.18/README.adoc @@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. -| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. |=== diff --git a/generated/1.18/apis/concierge/login/types_token.go b/generated/1.18/apis/concierge/login/types_token.go index 91d36cfb..a0555f85 100644 --- a/generated/1.18/apis/concierge/login/types_token.go +++ b/generated/1.18/apis/concierge/login/types_token.go @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/generated/1.18/apis/concierge/login/v1alpha1/types_token.go b/generated/1.18/apis/concierge/login/v1alpha1/types_token.go index 9fba3369..cb5965a2 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/types_token.go @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go index bdb74e19..c25c575d 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } @@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } diff --git a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 2001aa60..4160d669 100644 --- a/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go index d92ad253..f43661bc 100644 --- a/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.18/apis/concierge/login/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.18/client/openapi/zz_generated.openapi.go b/generated/1.18/client/openapi/zz_generated.openapi.go index d020267e..5dc7862a 100644 --- a/generated/1.18/client/openapi/zz_generated.openapi.go +++ b/generated/1.18/client/openapi/zz_generated.openapi.go @@ -476,14 +476,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. Format: "", }, }, - "identityProvider": { + "authenticator": { SchemaProps: spec.SchemaProps{ - Description: "Reference to an identity provider which can fulfill this credential request.", + Description: "Reference to an authenticator which can validate this credential request.", Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), }, }, }, - Required: []string{"identityProvider"}, + Required: []string{"authenticator"}, }, }, Dependencies: []string{ diff --git a/generated/1.19/README.adoc b/generated/1.19/README.adoc index 25625544..c33732fa 100644 --- a/generated/1.19/README.adoc +++ b/generated/1.19/README.adoc @@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp |=== | Field | Description | *`token`* __string__ | Bearer token supplied with the credential request. -| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request. +| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request. |=== diff --git a/generated/1.19/apis/concierge/login/types_token.go b/generated/1.19/apis/concierge/login/types_token.go index 91d36cfb..a0555f85 100644 --- a/generated/1.19/apis/concierge/login/types_token.go +++ b/generated/1.19/apis/concierge/login/types_token.go @@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference } type TokenCredentialRequestStatus struct { diff --git a/generated/1.19/apis/concierge/login/v1alpha1/types_token.go b/generated/1.19/apis/concierge/login/v1alpha1/types_token.go index 9fba3369..cb5965a2 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/types_token.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/types_token.go @@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct { // Bearer token supplied with the credential request. Token string `json:"token,omitempty"` - // Reference to an identity provider which can fulfill this credential request. - IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"` + // Reference to an authenticator which can validate this credential request. + Authenticator corev1.TypedLocalObjectReference `json:"authenticator"` } // TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API. diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go index 6d295f18..50a88d8e 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.conversion.go @@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } @@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error { out.Token = in.Token - out.IdentityProvider = in.IdentityProvider + out.Authenticator = in.Authenticator return nil } diff --git a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go index 2001aa60..4160d669 100644 --- a/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/v1alpha1/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go index d92ad253..f43661bc 100644 --- a/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go +++ b/generated/1.19/apis/concierge/login/zz_generated.deepcopy.go @@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) { *out = *in - in.IdentityProvider.DeepCopyInto(&out.IdentityProvider) + in.Authenticator.DeepCopyInto(&out.Authenticator) return } diff --git a/generated/1.19/client/openapi/zz_generated.openapi.go b/generated/1.19/client/openapi/zz_generated.openapi.go index 7411987d..ef20e195 100644 --- a/generated/1.19/client/openapi/zz_generated.openapi.go +++ b/generated/1.19/client/openapi/zz_generated.openapi.go @@ -477,14 +477,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common. Format: "", }, }, - "identityProvider": { + "authenticator": { SchemaProps: spec.SchemaProps{ - Description: "Reference to an identity provider which can fulfill this credential request.", + Description: "Reference to an authenticator which can validate this credential request.", Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"), }, }, }, - Required: []string{"identityProvider"}, + Required: []string{"authenticator"}, }, }, Dependencies: []string{ diff --git a/internal/client/client.go b/internal/client/client.go index 28e4c188..b29849e8 100644 --- a/internal/client/client.go +++ b/internal/client/client.go @@ -34,8 +34,8 @@ func ExchangeToken(ctx context.Context, namespace string, idp corev1.TypedLocalO Namespace: namespace, }, Spec: v1alpha1.TokenCredentialRequestSpec{ - Token: token, - IdentityProvider: idp, + Token: token, + Authenticator: idp, }, }, metav1.CreateOptions{}) if err != nil { diff --git a/internal/client/client_test.go b/internal/client/client_test.go index 57cbf0d3..e30d4dd2 100644 --- a/internal/client/client_test.go +++ b/internal/client/client_test.go @@ -105,7 +105,7 @@ func TestExchangeToken(t *testing.T) { }, "spec": { "token": "test-token", - "identityProvider": { + "authenticator": { "apiGroup": "authentication.concierge.pinniped.dev", "kind": "WebhookAuthenticator", "name": "test-webhook" diff --git a/internal/controller/identityprovider/idpcache/cache.go b/internal/controller/identityprovider/idpcache/cache.go index ee51ca6c..dbf6954e 100644 --- a/internal/controller/identityprovider/idpcache/cache.go +++ b/internal/controller/identityprovider/idpcache/cache.go @@ -84,11 +84,11 @@ func (c *Cache) AuthenticateTokenCredentialRequest(ctx context.Context, req *log // Map the incoming request to a cache key. key := Key{ Namespace: req.Namespace, - Name: req.Spec.IdentityProvider.Name, - Kind: req.Spec.IdentityProvider.Kind, + Name: req.Spec.Authenticator.Name, + Kind: req.Spec.Authenticator.Kind, } - if req.Spec.IdentityProvider.APIGroup != nil { - key.APIGroup = *req.Spec.IdentityProvider.APIGroup + if req.Spec.Authenticator.APIGroup != nil { + key.APIGroup = *req.Spec.Authenticator.APIGroup } val := c.Get(key) diff --git a/internal/controller/identityprovider/idpcache/cache_test.go b/internal/controller/identityprovider/idpcache/cache_test.go index 8e2631d3..4b15b57b 100644 --- a/internal/controller/identityprovider/idpcache/cache_test.go +++ b/internal/controller/identityprovider/idpcache/cache_test.go @@ -75,7 +75,7 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) { Namespace: "test-namespace", }, Spec: loginapi.TokenCredentialRequestSpec{ - IdentityProvider: corev1.TypedLocalObjectReference{ + Authenticator: corev1.TypedLocalObjectReference{ APIGroup: &authv1alpha.SchemeGroupVersion.Group, Kind: "WebhookAuthenticator", Name: "test-name", @@ -85,10 +85,10 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) { Status: loginapi.TokenCredentialRequestStatus{}, } validRequestKey := Key{ - APIGroup: *validRequest.Spec.IdentityProvider.APIGroup, - Kind: validRequest.Spec.IdentityProvider.Kind, + APIGroup: *validRequest.Spec.Authenticator.APIGroup, + Kind: validRequest.Spec.Authenticator.Kind, Namespace: validRequest.Namespace, - Name: validRequest.Spec.IdentityProvider.Name, + Name: validRequest.Spec.Authenticator.Name, } mockCache := func(t *testing.T, res *authenticator.Response, authenticated bool, err error) *Cache { diff --git a/test/integration/concierge_credentialrequest_test.go b/test/integration/concierge_credentialrequest_test.go index b7196914..3467340a 100644 --- a/test/integration/concierge_credentialrequest_test.go +++ b/test/integration/concierge_credentialrequest_test.go @@ -154,8 +154,8 @@ func makeRequest(ctx context.Context, t *testing.T, spec loginv1alpha1.TokenCred func validCredentialRequestSpecWithRealToken(t *testing.T, idp corev1.TypedLocalObjectReference) loginv1alpha1.TokenCredentialRequestSpec { return loginv1alpha1.TokenCredentialRequestSpec{ - Token: library.IntegrationEnv(t).TestUser.Token, - IdentityProvider: idp, + Token: library.IntegrationEnv(t).TestUser.Token, + Authenticator: idp, } }