Rename the IdentityProvider field to Authenticator in TokenCredentialRequest.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
parent
0f25657a35
commit
f3a83882a4
@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference
|
||||
}
|
||||
|
||||
type TokenCredentialRequestStatus struct {
|
||||
|
@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string `json:"token,omitempty"`
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"`
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference `json:"authenticator"`
|
||||
}
|
||||
|
||||
// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API.
|
||||
|
2
generated/1.17/README.adoc
generated
2
generated/1.17/README.adoc
generated
@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp
|
||||
|===
|
||||
| Field | Description
|
||||
| *`token`* __string__ | Bearer token supplied with the credential request.
|
||||
| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request.
|
||||
| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request.
|
||||
|===
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference
|
||||
}
|
||||
|
||||
type TokenCredentialRequestStatus struct {
|
||||
|
@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string `json:"token,omitempty"`
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"`
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference `json:"authenticator"`
|
||||
}
|
||||
|
||||
// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API.
|
||||
|
@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest
|
||||
|
||||
func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||
out.Token = in.Token
|
||||
out.IdentityProvider = in.IdentityProvider
|
||||
out.Authenticator = in.Authenticator
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest
|
||||
|
||||
func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||
out.Token = in.Token
|
||||
out.IdentityProvider = in.IdentityProvider
|
||||
out.Authenticator = in.Authenticator
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||
*out = *in
|
||||
in.IdentityProvider.DeepCopyInto(&out.IdentityProvider)
|
||||
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||
*out = *in
|
||||
in.IdentityProvider.DeepCopyInto(&out.IdentityProvider)
|
||||
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -476,14 +476,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"identityProvider": {
|
||||
"authenticator": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Reference to an identity provider which can fulfill this credential request.",
|
||||
Description: "Reference to an authenticator which can validate this credential request.",
|
||||
Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"),
|
||||
},
|
||||
},
|
||||
},
|
||||
Required: []string{"identityProvider"},
|
||||
Required: []string{"authenticator"},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
|
2
generated/1.18/README.adoc
generated
2
generated/1.18/README.adoc
generated
@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp
|
||||
|===
|
||||
| Field | Description
|
||||
| *`token`* __string__ | Bearer token supplied with the credential request.
|
||||
| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request.
|
||||
| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request.
|
||||
|===
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference
|
||||
}
|
||||
|
||||
type TokenCredentialRequestStatus struct {
|
||||
|
@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string `json:"token,omitempty"`
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"`
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference `json:"authenticator"`
|
||||
}
|
||||
|
||||
// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API.
|
||||
|
@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest
|
||||
|
||||
func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||
out.Token = in.Token
|
||||
out.IdentityProvider = in.IdentityProvider
|
||||
out.Authenticator = in.Authenticator
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest
|
||||
|
||||
func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||
out.Token = in.Token
|
||||
out.IdentityProvider = in.IdentityProvider
|
||||
out.Authenticator = in.Authenticator
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||
*out = *in
|
||||
in.IdentityProvider.DeepCopyInto(&out.IdentityProvider)
|
||||
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||
*out = *in
|
||||
in.IdentityProvider.DeepCopyInto(&out.IdentityProvider)
|
||||
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -476,14 +476,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"identityProvider": {
|
||||
"authenticator": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Reference to an identity provider which can fulfill this credential request.",
|
||||
Description: "Reference to an authenticator which can validate this credential request.",
|
||||
Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"),
|
||||
},
|
||||
},
|
||||
},
|
||||
Required: []string{"identityProvider"},
|
||||
Required: []string{"authenticator"},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
|
2
generated/1.19/README.adoc
generated
2
generated/1.19/README.adoc
generated
@ -328,7 +328,7 @@ TokenCredentialRequestSpec is the specification of a TokenCredentialRequest, exp
|
||||
|===
|
||||
| Field | Description
|
||||
| *`token`* __string__ | Bearer token supplied with the credential request.
|
||||
| *`identityProvider`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an identity provider which can fulfill this credential request.
|
||||
| *`authenticator`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#typedlocalobjectreference-v1-core[$$TypedLocalObjectReference$$]__ | Reference to an authenticator which can validate this credential request.
|
||||
|===
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference
|
||||
}
|
||||
|
||||
type TokenCredentialRequestStatus struct {
|
||||
|
@ -13,8 +13,8 @@ type TokenCredentialRequestSpec struct {
|
||||
// Bearer token supplied with the credential request.
|
||||
Token string `json:"token,omitempty"`
|
||||
|
||||
// Reference to an identity provider which can fulfill this credential request.
|
||||
IdentityProvider corev1.TypedLocalObjectReference `json:"identityProvider"`
|
||||
// Reference to an authenticator which can validate this credential request.
|
||||
Authenticator corev1.TypedLocalObjectReference `json:"authenticator"`
|
||||
}
|
||||
|
||||
// TokenCredentialRequestStatus is the status of a TokenCredentialRequest, returned on responses to the Pinniped API.
|
||||
|
@ -157,7 +157,7 @@ func Convert_login_TokenCredentialRequestList_To_v1alpha1_TokenCredentialRequest
|
||||
|
||||
func autoConvert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequestSpec(in *TokenCredentialRequestSpec, out *login.TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||
out.Token = in.Token
|
||||
out.IdentityProvider = in.IdentityProvider
|
||||
out.Authenticator = in.Authenticator
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -168,7 +168,7 @@ func Convert_v1alpha1_TokenCredentialRequestSpec_To_login_TokenCredentialRequest
|
||||
|
||||
func autoConvert_login_TokenCredentialRequestSpec_To_v1alpha1_TokenCredentialRequestSpec(in *login.TokenCredentialRequestSpec, out *TokenCredentialRequestSpec, s conversion.Scope) error {
|
||||
out.Token = in.Token
|
||||
out.IdentityProvider = in.IdentityProvider
|
||||
out.Authenticator = in.Authenticator
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||
*out = *in
|
||||
in.IdentityProvider.DeepCopyInto(&out.IdentityProvider)
|
||||
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -92,7 +92,7 @@ func (in *TokenCredentialRequestList) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TokenCredentialRequestSpec) DeepCopyInto(out *TokenCredentialRequestSpec) {
|
||||
*out = *in
|
||||
in.IdentityProvider.DeepCopyInto(&out.IdentityProvider)
|
||||
in.Authenticator.DeepCopyInto(&out.Authenticator)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -477,14 +477,14 @@ func schema_apis_concierge_login_v1alpha1_TokenCredentialRequestSpec(ref common.
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"identityProvider": {
|
||||
"authenticator": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Reference to an identity provider which can fulfill this credential request.",
|
||||
Description: "Reference to an authenticator which can validate this credential request.",
|
||||
Ref: ref("k8s.io/api/core/v1.TypedLocalObjectReference"),
|
||||
},
|
||||
},
|
||||
},
|
||||
Required: []string{"identityProvider"},
|
||||
Required: []string{"authenticator"},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
|
@ -35,7 +35,7 @@ func ExchangeToken(ctx context.Context, namespace string, idp corev1.TypedLocalO
|
||||
},
|
||||
Spec: v1alpha1.TokenCredentialRequestSpec{
|
||||
Token: token,
|
||||
IdentityProvider: idp,
|
||||
Authenticator: idp,
|
||||
},
|
||||
}, metav1.CreateOptions{})
|
||||
if err != nil {
|
||||
|
@ -105,7 +105,7 @@ func TestExchangeToken(t *testing.T) {
|
||||
},
|
||||
"spec": {
|
||||
"token": "test-token",
|
||||
"identityProvider": {
|
||||
"authenticator": {
|
||||
"apiGroup": "authentication.concierge.pinniped.dev",
|
||||
"kind": "WebhookAuthenticator",
|
||||
"name": "test-webhook"
|
||||
|
@ -84,11 +84,11 @@ func (c *Cache) AuthenticateTokenCredentialRequest(ctx context.Context, req *log
|
||||
// Map the incoming request to a cache key.
|
||||
key := Key{
|
||||
Namespace: req.Namespace,
|
||||
Name: req.Spec.IdentityProvider.Name,
|
||||
Kind: req.Spec.IdentityProvider.Kind,
|
||||
Name: req.Spec.Authenticator.Name,
|
||||
Kind: req.Spec.Authenticator.Kind,
|
||||
}
|
||||
if req.Spec.IdentityProvider.APIGroup != nil {
|
||||
key.APIGroup = *req.Spec.IdentityProvider.APIGroup
|
||||
if req.Spec.Authenticator.APIGroup != nil {
|
||||
key.APIGroup = *req.Spec.Authenticator.APIGroup
|
||||
}
|
||||
|
||||
val := c.Get(key)
|
||||
|
@ -75,7 +75,7 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) {
|
||||
Namespace: "test-namespace",
|
||||
},
|
||||
Spec: loginapi.TokenCredentialRequestSpec{
|
||||
IdentityProvider: corev1.TypedLocalObjectReference{
|
||||
Authenticator: corev1.TypedLocalObjectReference{
|
||||
APIGroup: &authv1alpha.SchemeGroupVersion.Group,
|
||||
Kind: "WebhookAuthenticator",
|
||||
Name: "test-name",
|
||||
@ -85,10 +85,10 @@ func TestAuthenticateTokenCredentialRequest(t *testing.T) {
|
||||
Status: loginapi.TokenCredentialRequestStatus{},
|
||||
}
|
||||
validRequestKey := Key{
|
||||
APIGroup: *validRequest.Spec.IdentityProvider.APIGroup,
|
||||
Kind: validRequest.Spec.IdentityProvider.Kind,
|
||||
APIGroup: *validRequest.Spec.Authenticator.APIGroup,
|
||||
Kind: validRequest.Spec.Authenticator.Kind,
|
||||
Namespace: validRequest.Namespace,
|
||||
Name: validRequest.Spec.IdentityProvider.Name,
|
||||
Name: validRequest.Spec.Authenticator.Name,
|
||||
}
|
||||
|
||||
mockCache := func(t *testing.T, res *authenticator.Response, authenticated bool, err error) *Cache {
|
||||
|
@ -155,7 +155,7 @@ func makeRequest(ctx context.Context, t *testing.T, spec loginv1alpha1.TokenCred
|
||||
func validCredentialRequestSpecWithRealToken(t *testing.T, idp corev1.TypedLocalObjectReference) loginv1alpha1.TokenCredentialRequestSpec {
|
||||
return loginv1alpha1.TokenCredentialRequestSpec{
|
||||
Token: library.IntegrationEnv(t).TestUser.Token,
|
||||
IdentityProvider: idp,
|
||||
Authenticator: idp,
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user