Blame - charts/hydra-maester/crds/crd-oauth2clients.yaml - pcloud

blob: ebc9ebba9e50e7960da82f7f5a6fc6ed05c066fd [file] [log] [blame]

Giorgi Lekveishvili	925f0de	2024-03-14 18:51:56 +0400	[diff] [blame^]	1	---
				2	apiVersion: apiextensions.k8s.io/v1
				3	kind: CustomResourceDefinition
				4	metadata:
				5	annotations:
				6	controller-gen.kubebuilder.io/version: v0.5.0
				7	creationTimestamp: null
				8	name: oauth2clients.hydra.ory.sh
				9	spec:
				10	group: hydra.ory.sh
				11	names:
				12	kind: OAuth2Client
				13	listKind: OAuth2ClientList
				14	plural: oauth2clients
				15	singular: oauth2client
				16	scope: Namespaced
				17	versions:
				18	- name: v1alpha1
				19	schema:
				20	openAPIV3Schema:
				21	description: OAuth2Client is the Schema for the oauth2clients API
				22	properties:
				23	apiVersion:
				24	description:
				25	"APIVersion defines the versioned schema of this representation
				26	of an object. Servers should convert recognized schemas to the
				27	latest internal value, and may reject unrecognized values. More
				28	info:
				29	https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
				30	type: string
				31	kind:
				32	description:
				33	"Kind is a string value representing the REST resource this
				34	object represents. Servers may infer this from the endpoint the
				35	client submits requests to. Cannot be updated. In CamelCase.
				36	More info:
				37	https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
				38	type: string
				39	metadata:
				40	type: object
				41	spec:
				42	description:
				43	OAuth2ClientSpec defines the desired state of OAuth2Client
				44	properties:
				45	allowedCorsOrigins:
				46	description:
				47	AllowedCorsOrigins is an array of allowed CORS origins
				48	items:
				49	description:
				50	RedirectURI represents a redirect URI for the client
				51	pattern: \w+:/?/?[^\s]+
				52	type: string
				53	type: array
				54	audience:
				55	description:
				56	Audience is a whitelist defining the audiences this client
				57	is allowed to request tokens for
				58	items:
				59	type: string
				60	type: array
				61	clientName:
				62	description:
				63	ClientName is the human-readable string name of the client
				64	to be presented to the end-user during authorization.
				65	type: string
				66	grantTypes:
				67	description:
				68	GrantTypes is an array of grant types the client is allowed
				69	to use.
				70	items:
				71	description: GrantType represents an OAuth 2.0 grant type
				72	enum:
				73	- client_credentials
				74	- authorization_code
				75	- implicit
				76	- refresh_token
				77	type: string
				78	maxItems: 4
				79	minItems: 1
				80	type: array
				81	hydraAdmin:
				82	description:
				83	HydraAdmin is the optional configuration to use for managing
				84	this client
				85	properties:
				86	endpoint:
				87	description:
				88	Endpoint is the endpoint for the hydra instance on which
				89	to set up the client. This value will override the value
				90	provided to `--endpoint` (defaults to `"/clients"` in
				91	the application)
				92	pattern: (^$\|^/.*)
				93	type: string
				94	forwardedProto:
				95	description:
				96	ForwardedProto overrides the `--forwarded-proto` flag.
				97	The value "off" will force this to be off even if
				98	`--forwarded-proto` is specified
				99	pattern: (^$\|https?\|off)
				100	type: string
				101	port:
				102	description:
				103	Port is the port for the hydra instance on which to set
				104	up the client. This value will override the value
				105	provided to `--hydra-port`
				106	maximum: 65535
				107	type: integer
				108	url:
				109	description:
				110	URL is the URL for the hydra instance on which to set up
				111	the client. This value will override the value provided
				112	to `--hydra-url`
				113	maxLength: 64
				114	pattern: (^$\|^https?://.*)
				115	type: string
				116	type: object
				117	metadata:
				118	description: Metadata is abritrary data
				119	nullable: true
				120	type: object
				121	x-kubernetes-preserve-unknown-fields: true
				122	postLogoutRedirectUris:
				123	description:
				124	PostLogoutRedirectURIs is an array of the post logout
				125	redirect URIs allowed for the application
				126	items:
				127	description:
				128	RedirectURI represents a redirect URI for the client
				129	pattern: \w+:/?/?[^\s]+
				130	type: string
				131	type: array
				132	redirectUris:
				133	description:
				134	RedirectURIs is an array of the redirect URIs allowed for
				135	the application
				136	items:
				137	description:
				138	RedirectURI represents a redirect URI for the client
				139	pattern: \w+:/?/?[^\s]+
				140	type: string
				141	type: array
				142	responseTypes:
				143	description:
				144	ResponseTypes is an array of the OAuth 2.0 response type
				145	strings that the client can use at the authorization
				146	endpoint.
				147	items:
				148	description:
				149	ResponseType represents an OAuth 2.0 response type strings
				150	enum:
				151	- id_token
				152	- code
				153	- token
				154	- code token
				155	- code id_token
				156	- id_token token
				157	- code id_token token
				158	type: string
				159	maxItems: 3
				160	minItems: 1
				161	type: array
				162	scope:
				163	description:
				164	Scope is a string containing a space-separated list of scope
				165	values (as described in Section 3.3 of OAuth 2.0 [RFC6749])
				166	that the client can use when requesting access tokens.
				167	pattern: ([a-zA-Z0-9\.\*]+\s?)+
				168	type: string
				169	secretName:
				170	description:
				171	SecretName points to the K8s secret that contains this
				172	client's ID and password
				173	maxLength: 253
				174	minLength: 1
				175	pattern: '[a-z0-9]([-a-z0-9][a-z0-9])?(\.[a-z0-9]([-a-z0-9][a-z0-9])?)*'
				176	type: string
				177	tokenEndpointAuthMethod:
				178	allOf:
				179	- enum:
				180	- client_secret_basic
				181	- client_secret_post
				182	- private_key_jwt
				183	- none
				184	- enum:
				185	- client_secret_basic
				186	- client_secret_post
				187	- private_key_jwt
				188	- none
				189	description:
				190	Indication which authentication method shoud be used for the
				191	token endpoint
				192	type: string
				193	required:
				194	- grantTypes
				195	- scope
				196	- secretName
				197	type: object
				198	status:
				199	description:
				200	OAuth2ClientStatus defines the observed state of OAuth2Client
				201	properties:
				202	conditions:
				203	items:
				204	description:
				205	OAuth2ClientCondition contains condition information for
				206	an OAuth2Client
				207	properties:
				208	status:
				209	enum:
				210	- "True"
				211	- "False"
				212	- Unknown
				213	type: string
				214	type:
				215	type: string
				216	required:
				217	- status
				218	- type
				219	type: object
				220	type: array
				221	observedGeneration:
				222	description:
				223	ObservedGeneration represents the most recent generation
				224	observed by the daemon set controller.
				225	format: int64
				226	type: integer
				227	reconciliationError:
				228	description:
				229	ReconciliationError represents an error that occurred during
				230	the reconciliation process
				231	properties:
				232	description:
				233	description:
				234	Description is the description of the reconciliation
				235	error
				236	type: string
				237	statusCode:
				238	description:
				239	Code is the status code of the reconciliation error
				240	type: string
				241	type: object
				242	type: object
				243	type: object
				244	served: true
				245	storage: true
				246	subresources:
				247	status: {}
				248	status:
				249	acceptedNames:
				250	kind: ""
				251	plural: ""
				252	conditions: []
				253	storedVersions: []