/
keycloak_types.go
159 lines (150 loc) · 4.79 KB
/
keycloak_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
package argocd
type KeycloakAPIClient struct {
// Client ID.
// +kubebuilder:validation:Required
ClientID string `json:"clientId"`
// Client name.
// +optional
Name string `json:"name,omitempty"`
// What Client authentication type to use.
// +optional
ClientAuthenticatorType string `json:"clientAuthenticatorType,omitempty"`
// Client Secret. The Operator will automatically create a Secret based on this value.
// +optional
Secret string `json:"secret,omitempty"`
// Application base URL.
// +optional
BaseURL string `json:"baseUrl,omitempty"`
// Application Admin URL.
// +optional
AdminURL string `json:"adminUrl,omitempty"`
// Application root URL.
// +optional
RootURL string `json:"rootUrl,omitempty"`
// A list of valid Redirection URLs.
// +optional
RedirectUris []string `json:"redirectUris,omitempty"`
// A list of valid Web Origins.
// +optional
WebOrigins []string `json:"webOrigins,omitempty"`
// True if Standard flow is enabled.
// +optional
StandardFlowEnabled bool `json:"standardFlowEnabled"`
// A list of default client scopes. Default client scopes are
// always applied when issuing OpenID Connect tokens or SAML
// assertions for this client.
// +optional
DefaultClientScopes []string `json:"defaultClientScopes,omitempty"`
}
type KeycloakClientScope struct {
// +optional
Attributes map[string]string `json:"attributes,omitempty"`
// +optional
ID string `json:"id,omitempty"`
// +optional
Name string `json:"name,omitempty"`
// +optional
Protocol string `json:"protocol,omitempty"`
// Protocol Mappers.
// +optional
ProtocolMappers []KeycloakProtocolMapper `json:"protocolMappers,omitempty"`
}
type KeycloakProtocolMapper struct {
// Protocol Mapper ID.
// +optional
ID string `json:"id,omitempty"`
// Protocol Mapper Name.
// +optional
Name string `json:"name,omitempty"`
// Protocol to use.
// +optional
Protocol string `json:"protocol,omitempty"`
// Protocol Mapper to use
// +optional
ProtocolMapper string `json:"protocolMapper,omitempty"`
// Config options.
// +optional
Config map[string]string `json:"config,omitempty"`
}
type KeycloakIdentityProvider struct {
// Identity Provider Alias.
// +optional
Alias string `json:"alias,omitempty"`
// Identity Provider Display Name.
// +optional
DisplayName string `json:"displayName,omitempty"`
// Identity Provider ID.
// +optional
ProviderID string `json:"providerId,omitempty"`
// Identity Provider config.
// +optional
Config map[string]string `json:"config,omitempty"`
}
type TokenResponse struct {
// Token Response Access Token.
// +optional
AccessToken string `json:"access_token"`
// Token Response Error.
// +optional
Error string `json:"error"`
}
// KeycloakPostData defines the values required to update Keycloak Realm.
type keycloakConfig struct {
ArgoName string
ArgoNamespace string
Username string
Password string
KeycloakURL string
ArgoCDURL string
KeycloakServerCert []byte
VerifyTLS bool
}
type oidcConfig struct {
Name string `json:"name"`
Issuer string `json:"issuer"`
ClientID string `json:"clientID"`
ClientSecret string `json:"clientSecret"`
RequestedScope []string `json:"requestedScopes"`
RootCA string `json:"rootCA,omitempty"`
}
// KeycloakIdentityProviderMapper defines IdentityProvider Mappers
// issue: https://github.com/keycloak/keycloak-operator/issues/471
type KeycloakIdentityProviderMapper struct {
// Name
// +optional
Name string `json:"name,omitempty"`
// Identity Provider Alias.
// +optional
IdentityProviderAlias string `json:"identityProviderAlias,omitempty"`
// Identity Provider Mapper.
// +optional
IdentityProviderMapper string `json:"identityProviderMapper,omitempty"`
// Identity Provider Mapper config.
// +optional
Config map[string]string `json:"config,omitempty"`
}
// CustomKeycloakAPIRealm is an extention type of KeycloakAPIRealm as is it does not
// support IdentityProvider Mappers
// issue: https://github.com/keycloak/keycloak-operator/issues/471
type CustomKeycloakAPIRealm struct {
// Realm name.
Realm string `json:"realm"`
// Realm enabled flag.
// +optional
Enabled bool `json:"enabled"`
// Require SSL
// +optional
SslRequired string `json:"sslRequired,omitempty"`
// A set of Keycloak Clients.
// +optional
Clients []*KeycloakAPIClient `json:"clients,omitempty"`
// Client scopes
// +optional
ClientScopes []KeycloakClientScope `json:"clientScopes,omitempty"`
// A set of Identity Providers.
// +optional
IdentityProviders []*KeycloakIdentityProvider `json:"identityProviders,omitempty"`
// KeycloakIdentityProviderMapper defines IdentityProvider Mappers
// issue: https://github.com/keycloak/keycloak-operator/issues/471
IdentityProviderMappers []*KeycloakIdentityProviderMapper `json:"identityProviderMappers,omitempty"`
}