v1alpha1

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 8, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=openidclient.keycloak.crossplane.io +versionName=v1alpha1

Index

Constants

View Source
const (
	CRDGroup   = "openidclient.keycloak.crossplane.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source
var (
	Client_Kind             = "Client"
	Client_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Client_Kind}.String()
	Client_KindAPIVersion   = Client_Kind + "." + CRDGroupVersion.String()
	Client_GroupVersionKind = CRDGroupVersion.WithKind(Client_Kind)
)

Repository type metadata.

View Source
var (
	ClientDefaultScopes_Kind             = "ClientDefaultScopes"
	ClientDefaultScopes_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ClientDefaultScopes_Kind}.String()
	ClientDefaultScopes_KindAPIVersion   = ClientDefaultScopes_Kind + "." + CRDGroupVersion.String()
	ClientDefaultScopes_GroupVersionKind = CRDGroupVersion.WithKind(ClientDefaultScopes_Kind)
)

Repository type metadata.

View Source
var (
	ClientScope_Kind             = "ClientScope"
	ClientScope_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ClientScope_Kind}.String()
	ClientScope_KindAPIVersion   = ClientScope_Kind + "." + CRDGroupVersion.String()
	ClientScope_GroupVersionKind = CRDGroupVersion.WithKind(ClientScope_Kind)
)

Repository type metadata.

View Source
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AuthenticationFlowBindingOverridesInitParameters added in v0.5.0

type AuthenticationFlowBindingOverridesInitParameters struct {

	// Browser flow id, (flow needs to exist)
	BrowserID *string `json:"browserId,omitempty" tf:"browser_id,omitempty"`

	// Direct grant flow id (flow needs to exist)
	DirectGrantID *string `json:"directGrantId,omitempty" tf:"direct_grant_id,omitempty"`
}

func (*AuthenticationFlowBindingOverridesInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationFlowBindingOverridesInitParameters.

func (*AuthenticationFlowBindingOverridesInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationFlowBindingOverridesObservation

type AuthenticationFlowBindingOverridesObservation struct {

	// Browser flow id, (flow needs to exist)
	BrowserID *string `json:"browserId,omitempty" tf:"browser_id,omitempty"`

	// Direct grant flow id (flow needs to exist)
	DirectGrantID *string `json:"directGrantId,omitempty" tf:"direct_grant_id,omitempty"`
}

func (*AuthenticationFlowBindingOverridesObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationFlowBindingOverridesObservation.

func (*AuthenticationFlowBindingOverridesObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationFlowBindingOverridesParameters

type AuthenticationFlowBindingOverridesParameters struct {

	// Browser flow id, (flow needs to exist)
	// +kubebuilder:validation:Optional
	BrowserID *string `json:"browserId,omitempty" tf:"browser_id,omitempty"`

	// Direct grant flow id (flow needs to exist)
	// +kubebuilder:validation:Optional
	DirectGrantID *string `json:"directGrantId,omitempty" tf:"direct_grant_id,omitempty"`
}

func (*AuthenticationFlowBindingOverridesParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationFlowBindingOverridesParameters.

func (*AuthenticationFlowBindingOverridesParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationInitParameters added in v0.5.0

type AuthorizationInitParameters struct {

	// When true, resources can be managed remotely by the resource server. Defaults to false.
	AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement,omitempty" tf:"allow_remote_resource_management,omitempty"`

	// Dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. Could be one of AFFIRMATIVE, CONSENSUS, or UNANIMOUS. Applies to permissions.
	DecisionStrategy *string `json:"decisionStrategy,omitempty" tf:"decision_strategy,omitempty"`

	// When true, defaults set by Keycloak will be respected. Defaults to false.
	KeepDefaults *bool `json:"keepDefaults,omitempty" tf:"keep_defaults,omitempty"`

	// Dictates how policies are enforced when evaluating authorization requests. Can be one of ENFORCING, PERMISSIVE, or DISABLED.
	PolicyEnforcementMode *string `json:"policyEnforcementMode,omitempty" tf:"policy_enforcement_mode,omitempty"`
}

func (*AuthorizationInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationInitParameters.

func (*AuthorizationInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationObservation

type AuthorizationObservation struct {

	// When true, resources can be managed remotely by the resource server. Defaults to false.
	AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement,omitempty" tf:"allow_remote_resource_management,omitempty"`

	// Dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. Could be one of AFFIRMATIVE, CONSENSUS, or UNANIMOUS. Applies to permissions.
	DecisionStrategy *string `json:"decisionStrategy,omitempty" tf:"decision_strategy,omitempty"`

	// When true, defaults set by Keycloak will be respected. Defaults to false.
	KeepDefaults *bool `json:"keepDefaults,omitempty" tf:"keep_defaults,omitempty"`

	// Dictates how policies are enforced when evaluating authorization requests. Can be one of ENFORCING, PERMISSIVE, or DISABLED.
	PolicyEnforcementMode *string `json:"policyEnforcementMode,omitempty" tf:"policy_enforcement_mode,omitempty"`
}

func (*AuthorizationObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationObservation.

func (*AuthorizationObservation) DeepCopyInto

func (in *AuthorizationObservation) DeepCopyInto(out *AuthorizationObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationParameters

type AuthorizationParameters struct {

	// When true, resources can be managed remotely by the resource server. Defaults to false.
	// +kubebuilder:validation:Optional
	AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement,omitempty" tf:"allow_remote_resource_management,omitempty"`

	// Dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. Could be one of AFFIRMATIVE, CONSENSUS, or UNANIMOUS. Applies to permissions.
	// +kubebuilder:validation:Optional
	DecisionStrategy *string `json:"decisionStrategy,omitempty" tf:"decision_strategy,omitempty"`

	// When true, defaults set by Keycloak will be respected. Defaults to false.
	// +kubebuilder:validation:Optional
	KeepDefaults *bool `json:"keepDefaults,omitempty" tf:"keep_defaults,omitempty"`

	// Dictates how policies are enforced when evaluating authorization requests. Can be one of ENFORCING, PERMISSIVE, or DISABLED.
	// +kubebuilder:validation:Optional
	PolicyEnforcementMode *string `json:"policyEnforcementMode" tf:"policy_enforcement_mode,omitempty"`
}

func (*AuthorizationParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationParameters.

func (*AuthorizationParameters) DeepCopyInto

func (in *AuthorizationParameters) DeepCopyInto(out *AuthorizationParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Client

type Client struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.accessType) || (has(self.initProvider) && has(self.initProvider.accessType))",message="spec.forProvider.accessType is a required parameter"
	Spec   ClientSpec   `json:"spec"`
	Status ClientStatus `json:"status,omitempty"`
}

Client is the Schema for the Clients API. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*Client) DeepCopy

func (in *Client) DeepCopy() *Client

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Client.

func (*Client) DeepCopyInto

func (in *Client) DeepCopyInto(out *Client)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Client) DeepCopyObject

func (in *Client) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Client) GetCondition

func (mg *Client) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Client.

func (*Client) GetConnectionDetailsMapping

func (tr *Client) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Client

func (*Client) GetDeletionPolicy

func (mg *Client) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Client.

func (*Client) GetID

func (tr *Client) GetID() string

GetID returns ID of underlying Terraform resource of this Client

func (*Client) GetInitParameters added in v0.5.0

func (tr *Client) GetInitParameters() (map[string]any, error)

GetInitParameters of this Client

func (*Client) GetManagementPolicies

func (mg *Client) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Client.

func (*Client) GetMergedParameters added in v0.6.0

func (tr *Client) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Client

func (*Client) GetObservation

func (tr *Client) GetObservation() (map[string]any, error)

GetObservation of this Client

func (*Client) GetParameters

func (tr *Client) GetParameters() (map[string]any, error)

GetParameters of this Client

func (*Client) GetProviderConfigReference

func (mg *Client) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Client.

func (*Client) GetPublishConnectionDetailsTo

func (mg *Client) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Client.

func (*Client) GetTerraformResourceType

func (mg *Client) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Client

func (*Client) GetTerraformSchemaVersion

func (tr *Client) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Client) GetWriteConnectionSecretToReference

func (mg *Client) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Client.

func (*Client) LateInitialize

func (tr *Client) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Client using its observed tfState. returns True if there are any spec changes for the resource.

func (*Client) ResolveReferences added in v0.2.0

func (mg *Client) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Client.

func (*Client) SetConditions

func (mg *Client) SetConditions(c ...xpv1.Condition)

SetConditions of this Client.

func (*Client) SetDeletionPolicy

func (mg *Client) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Client.

func (*Client) SetManagementPolicies

func (mg *Client) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Client.

func (*Client) SetObservation

func (tr *Client) SetObservation(obs map[string]any) error

SetObservation for this Client

func (*Client) SetParameters

func (tr *Client) SetParameters(params map[string]any) error

SetParameters for this Client

func (*Client) SetProviderConfigReference

func (mg *Client) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Client.

func (*Client) SetPublishConnectionDetailsTo

func (mg *Client) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Client.

func (*Client) SetWriteConnectionSecretToReference

func (mg *Client) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Client.

type ClientDefaultScopes added in v0.2.0

type ClientDefaultScopes struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.defaultScopes) || (has(self.initProvider) && has(self.initProvider.defaultScopes))",message="spec.forProvider.defaultScopes is a required parameter"
	Spec   ClientDefaultScopesSpec   `json:"spec"`
	Status ClientDefaultScopesStatus `json:"status,omitempty"`
}

ClientDefaultScopes is the Schema for the ClientDefaultScopess API. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*ClientDefaultScopes) DeepCopy added in v0.2.0

func (in *ClientDefaultScopes) DeepCopy() *ClientDefaultScopes

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopes.

func (*ClientDefaultScopes) DeepCopyInto added in v0.2.0

func (in *ClientDefaultScopes) DeepCopyInto(out *ClientDefaultScopes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientDefaultScopes) DeepCopyObject added in v0.2.0

func (in *ClientDefaultScopes) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientDefaultScopes) GetCondition added in v0.2.0

func (mg *ClientDefaultScopes) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetConnectionDetailsMapping added in v0.2.0

func (tr *ClientDefaultScopes) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ClientDefaultScopes

func (*ClientDefaultScopes) GetDeletionPolicy added in v0.2.0

func (mg *ClientDefaultScopes) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetID added in v0.2.0

func (tr *ClientDefaultScopes) GetID() string

GetID returns ID of underlying Terraform resource of this ClientDefaultScopes

func (*ClientDefaultScopes) GetInitParameters added in v0.5.0

func (tr *ClientDefaultScopes) GetInitParameters() (map[string]any, error)

GetInitParameters of this ClientDefaultScopes

func (*ClientDefaultScopes) GetManagementPolicies added in v0.2.0

func (mg *ClientDefaultScopes) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetMergedParameters added in v0.6.0

func (tr *ClientDefaultScopes) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ClientDefaultScopes

func (*ClientDefaultScopes) GetObservation added in v0.2.0

func (tr *ClientDefaultScopes) GetObservation() (map[string]any, error)

GetObservation of this ClientDefaultScopes

func (*ClientDefaultScopes) GetParameters added in v0.2.0

func (tr *ClientDefaultScopes) GetParameters() (map[string]any, error)

GetParameters of this ClientDefaultScopes

func (*ClientDefaultScopes) GetProviderConfigReference added in v0.2.0

func (mg *ClientDefaultScopes) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetPublishConnectionDetailsTo added in v0.2.0

func (mg *ClientDefaultScopes) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetTerraformResourceType added in v0.2.0

func (mg *ClientDefaultScopes) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ClientDefaultScopes

func (*ClientDefaultScopes) GetTerraformSchemaVersion added in v0.2.0

func (tr *ClientDefaultScopes) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ClientDefaultScopes) GetWriteConnectionSecretToReference added in v0.2.0

func (mg *ClientDefaultScopes) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ClientDefaultScopes.

func (*ClientDefaultScopes) LateInitialize added in v0.2.0

func (tr *ClientDefaultScopes) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ClientDefaultScopes using its observed tfState. returns True if there are any spec changes for the resource.

func (*ClientDefaultScopes) ResolveReferences added in v0.2.0

func (mg *ClientDefaultScopes) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetConditions added in v0.2.0

func (mg *ClientDefaultScopes) SetConditions(c ...xpv1.Condition)

SetConditions of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetDeletionPolicy added in v0.2.0

func (mg *ClientDefaultScopes) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetManagementPolicies added in v0.2.0

func (mg *ClientDefaultScopes) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetObservation added in v0.2.0

func (tr *ClientDefaultScopes) SetObservation(obs map[string]any) error

SetObservation for this ClientDefaultScopes

func (*ClientDefaultScopes) SetParameters added in v0.2.0

func (tr *ClientDefaultScopes) SetParameters(params map[string]any) error

SetParameters for this ClientDefaultScopes

func (*ClientDefaultScopes) SetProviderConfigReference added in v0.2.0

func (mg *ClientDefaultScopes) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetPublishConnectionDetailsTo added in v0.2.0

func (mg *ClientDefaultScopes) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetWriteConnectionSecretToReference added in v0.2.0

func (mg *ClientDefaultScopes) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ClientDefaultScopes.

type ClientDefaultScopesInitParameters added in v0.5.0

type ClientDefaultScopesInitParameters struct {

	// An array of client scope names to attach to this client.
	DefaultScopes []*string `json:"defaultScopes,omitempty" tf:"default_scopes,omitempty"`
}

func (*ClientDefaultScopesInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesInitParameters.

func (*ClientDefaultScopesInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesList added in v0.2.0

type ClientDefaultScopesList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClientDefaultScopes `json:"items"`
}

ClientDefaultScopesList contains a list of ClientDefaultScopess

func (*ClientDefaultScopesList) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesList.

func (*ClientDefaultScopesList) DeepCopyInto added in v0.2.0

func (in *ClientDefaultScopesList) DeepCopyInto(out *ClientDefaultScopesList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientDefaultScopesList) DeepCopyObject added in v0.2.0

func (in *ClientDefaultScopesList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientDefaultScopesList) GetItems added in v0.2.0

func (l *ClientDefaultScopesList) GetItems() []resource.Managed

GetItems of this ClientDefaultScopesList.

type ClientDefaultScopesObservation added in v0.2.0

type ClientDefaultScopesObservation struct {

	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// An array of client scope names to attach to this client.
	DefaultScopes []*string `json:"defaultScopes,omitempty" tf:"default_scopes,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The realm this client and scopes exists in.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`
}

func (*ClientDefaultScopesObservation) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesObservation.

func (*ClientDefaultScopesObservation) DeepCopyInto added in v0.2.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesParameters added in v0.2.0

type ClientDefaultScopesParameters struct {

	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/openidclient/v1alpha1.Client
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// An array of client scope names to attach to this client.
	// +kubebuilder:validation:Optional
	DefaultScopes []*string `json:"defaultScopes,omitempty" tf:"default_scopes,omitempty"`

	// The realm this client and scopes exists in.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*ClientDefaultScopesParameters) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesParameters.

func (*ClientDefaultScopesParameters) DeepCopyInto added in v0.2.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesSpec added in v0.2.0

type ClientDefaultScopesSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ClientDefaultScopesParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ClientDefaultScopesInitParameters `json:"initProvider,omitempty"`
}

ClientDefaultScopesSpec defines the desired state of ClientDefaultScopes

func (*ClientDefaultScopesSpec) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesSpec.

func (*ClientDefaultScopesSpec) DeepCopyInto added in v0.2.0

func (in *ClientDefaultScopesSpec) DeepCopyInto(out *ClientDefaultScopesSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesStatus added in v0.2.0

type ClientDefaultScopesStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ClientDefaultScopesObservation `json:"atProvider,omitempty"`
}

ClientDefaultScopesStatus defines the observed state of ClientDefaultScopes.

func (*ClientDefaultScopesStatus) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesStatus.

func (*ClientDefaultScopesStatus) DeepCopyInto added in v0.2.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientInitParameters added in v0.5.0

type ClientInitParameters struct {

	// The amount of time in seconds before an access token expires. This will override the default for the realm.
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// Specifies the type of client, which can be one of the following:
	AccessType *string `json:"accessType,omitempty" tf:"access_type,omitempty"`

	// URL to the admin interface of the client.
	AdminURL *string `json:"adminUrl,omitempty" tf:"admin_url,omitempty"`

	// Override realm authentication flow bindings
	AuthenticationFlowBindingOverrides []AuthenticationFlowBindingOverridesInitParameters `json:"authenticationFlowBindingOverrides,omitempty" tf:"authentication_flow_binding_overrides,omitempty"`

	// When this block is present, fine-grained authorization will be enabled for this client. The client's access_type must be CONFIDENTIAL, and service_accounts_enabled must be true. This block has the following arguments:
	Authorization []AuthorizationInitParameters `json:"authorization,omitempty" tf:"authorization,omitempty"`

	// Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.
	BackchannelLogoutRevokeOfflineSessions *bool `json:"backchannelLogoutRevokeOfflineSessions,omitempty" tf:"backchannel_logout_revoke_offline_sessions,omitempty"`

	// When true, a sid (session ID) claim will be included in the logout token when the backchannel logout URL is used. Defaults to true.
	BackchannelLogoutSessionRequired *bool `json:"backchannelLogoutSessionRequired,omitempty" tf:"backchannel_logout_session_required,omitempty"`

	// The URL that will cause the client to log itself out when a logout request is sent to this realm. If omitted, no logout request will be sent to the client is this case.
	BackchannelLogoutURL *string `json:"backchannelLogoutUrl,omitempty" tf:"backchannel_logout_url,omitempty"`

	// Default URL to use when the auth server needs to redirect or link back to the client.
	BaseURL *string `json:"baseUrl,omitempty" tf:"base_url,omitempty"`

	// Defaults to client-secret. The authenticator type for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. A default Keycloak installation will have the following available types:
	ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty" tf:"client_authenticator_type,omitempty"`

	// Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.
	ClientOfflineSessionIdleTimeout *string `json:"clientOfflineSessionIdleTimeout,omitempty" tf:"client_offline_session_idle_timeout,omitempty"`

	// Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.
	ClientOfflineSessionMaxLifespan *string `json:"clientOfflineSessionMaxLifespan,omitempty" tf:"client_offline_session_max_lifespan,omitempty"`

	// Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// When true, users have to consent to client access. Defaults to false.
	ConsentRequired *bool `json:"consentRequired,omitempty" tf:"consent_required,omitempty"`

	// The text to display on the consent screen about permissions specific to this client. This is applicable only when display_on_consent_screen is true.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// When true, the OAuth2 Resource Owner Password Grant will be enabled for this client. Defaults to false.
	DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled,omitempty" tf:"direct_access_grants_enabled,omitempty"`

	// When true, the consent screen will display information about the client itself. Defaults to false. This is applicable only when consent_required is true.
	DisplayOnConsentScreen *bool `json:"displayOnConsentScreen,omitempty" tf:"display_on_consent_screen,omitempty"`

	// When false, this client will not be able to initiate a login or obtain access tokens. Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When true, the parameter session_state will not be included in OpenID Connect Authentication Response.
	ExcludeSessionStateFromAuthResponse *bool `json:"excludeSessionStateFromAuthResponse,omitempty" tf:"exclude_session_state_from_auth_response,omitempty"`

	// A map of key/value pairs to add extra configuration attributes to this client. Use this attribute at your own risk, as it may conflict with top-level configuration attributes in future provider updates. For example, the extra_config map can be used to set Authentication Context Class Reference (ACR) to Level of Authentication (LoA) mapping
	ExtraConfig map[string]*string `json:"extraConfig,omitempty" tf:"extra_config,omitempty"`

	// When true, frontchannel logout will be enabled for this client. Specify the url with frontchannel_logout_url. Defaults to false.
	FrontchannelLogoutEnabled *bool `json:"frontchannelLogoutEnabled,omitempty" tf:"frontchannel_logout_enabled,omitempty"`

	// The frontchannel logout url. This is applicable only when frontchannel_logout_enabled is true.
	FrontchannelLogoutURL *string `json:"frontchannelLogoutUrl,omitempty" tf:"frontchannel_logout_url,omitempty"`

	// Allow to include all roles mappings in the access token.
	FullScopeAllowed *bool `json:"fullScopeAllowed,omitempty" tf:"full_scope_allowed,omitempty"`

	// When true, the OAuth2 Implicit Grant will be enabled for this client. Defaults to false.
	ImplicitFlowEnabled *bool `json:"implicitFlowEnabled,omitempty" tf:"implicit_flow_enabled,omitempty"`

	// When true, the client with the specified client_id is assumed to already exist, and it will be imported into state instead of being created. This attribute is useful when dealing with clients that Keycloak creates automatically during realm creation, such as account and admin-cli. Note, that the client will not be removed during destruction if import is true.
	Import *bool `json:"import,omitempty" tf:"import,omitempty"`

	// The client login theme. This will override the default theme for the realm.
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// The display name of this client in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.
	Oauth2DeviceAuthorizationGrantEnabled *bool `json:"oauth2DeviceAuthorizationGrantEnabled,omitempty" tf:"oauth2_device_authorization_grant_enabled,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	Oauth2DevicePollingInterval *string `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The challenge method to use for Proof Key for Code Exchange. Can be either plain or S256 or set to empty value “.
	PkceCodeChallengeMethod *string `json:"pkceCodeChallengeMethod,omitempty" tf:"pkce_code_challenge_method,omitempty"`

	// When specified, this URL is prepended to any relative URLs found within valid_redirect_uris, web_origins, and admin_url. NOTE: Due to limitations in the Keycloak API, when the root_url attribute is used, the valid_redirect_uris, web_origins, and admin_url attributes will be required.
	RootURL *string `json:"rootUrl,omitempty" tf:"root_url,omitempty"`

	// When true, the OAuth2 Client Credentials grant will be enabled for this client. Defaults to false.
	ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled,omitempty" tf:"service_accounts_enabled,omitempty"`

	// When true, the OAuth2 Authorization Code Grant will be enabled for this client. Defaults to false.
	StandardFlowEnabled *bool `json:"standardFlowEnabled,omitempty" tf:"standard_flow_enabled,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response. If this is false then no refresh_token will be generated.  Defaults to true.
	UseRefreshTokens *bool `json:"useRefreshTokens,omitempty" tf:"use_refresh_tokens,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response if the client_credentials grant is used and a user session will be created. If this is false then no refresh_token will be generated and the associated user session will be removed, in accordance with OAuth 2.0 RFC6749 Section 4.4.3. Defaults to false.
	UseRefreshTokensClientCredentials *bool `json:"useRefreshTokensClientCredentials,omitempty" tf:"use_refresh_tokens_client_credentials,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful logout.
	ValidPostLogoutRedirectUris []*string `json:"validPostLogoutRedirectUris,omitempty" tf:"valid_post_logout_redirect_uris,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful login or logout. Simple
	// wildcards in the form of an asterisk can be used here. This attribute must be set if either standard_flow_enabled or implicit_flow_enabled
	// is set to true.
	ValidRedirectUris []*string `json:"validRedirectUris,omitempty" tf:"valid_redirect_uris,omitempty"`

	// A list of allowed CORS origins. To permit all valid redirect URIs, add +. Note that this will not include the * wildcard. To permit all origins, explicitly add *."
	WebOrigins []*string `json:"webOrigins,omitempty" tf:"web_origins,omitempty"`
}

func (*ClientInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientInitParameters.

func (*ClientInitParameters) DeepCopyInto added in v0.5.0

func (in *ClientInitParameters) DeepCopyInto(out *ClientInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientList

type ClientList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Client `json:"items"`
}

ClientList contains a list of Clients

func (*ClientList) DeepCopy

func (in *ClientList) DeepCopy() *ClientList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientList.

func (*ClientList) DeepCopyInto

func (in *ClientList) DeepCopyInto(out *ClientList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientList) DeepCopyObject

func (in *ClientList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientList) GetItems

func (l *ClientList) GetItems() []resource.Managed

GetItems of this ClientList.

type ClientObservation

type ClientObservation struct {

	// The amount of time in seconds before an access token expires. This will override the default for the realm.
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// Specifies the type of client, which can be one of the following:
	AccessType *string `json:"accessType,omitempty" tf:"access_type,omitempty"`

	// URL to the admin interface of the client.
	AdminURL *string `json:"adminUrl,omitempty" tf:"admin_url,omitempty"`

	// Override realm authentication flow bindings
	AuthenticationFlowBindingOverrides []AuthenticationFlowBindingOverridesObservation `json:"authenticationFlowBindingOverrides,omitempty" tf:"authentication_flow_binding_overrides,omitempty"`

	// When this block is present, fine-grained authorization will be enabled for this client. The client's access_type must be CONFIDENTIAL, and service_accounts_enabled must be true. This block has the following arguments:
	Authorization []AuthorizationObservation `json:"authorization,omitempty" tf:"authorization,omitempty"`

	// Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.
	BackchannelLogoutRevokeOfflineSessions *bool `json:"backchannelLogoutRevokeOfflineSessions,omitempty" tf:"backchannel_logout_revoke_offline_sessions,omitempty"`

	// When true, a sid (session ID) claim will be included in the logout token when the backchannel logout URL is used. Defaults to true.
	BackchannelLogoutSessionRequired *bool `json:"backchannelLogoutSessionRequired,omitempty" tf:"backchannel_logout_session_required,omitempty"`

	// The URL that will cause the client to log itself out when a logout request is sent to this realm. If omitted, no logout request will be sent to the client is this case.
	BackchannelLogoutURL *string `json:"backchannelLogoutUrl,omitempty" tf:"backchannel_logout_url,omitempty"`

	// Default URL to use when the auth server needs to redirect or link back to the client.
	BaseURL *string `json:"baseUrl,omitempty" tf:"base_url,omitempty"`

	// Defaults to client-secret. The authenticator type for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. A default Keycloak installation will have the following available types:
	ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty" tf:"client_authenticator_type,omitempty"`

	// The Client ID for this client, referenced in the URI during authentication and in issued tokens.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.
	ClientOfflineSessionIdleTimeout *string `json:"clientOfflineSessionIdleTimeout,omitempty" tf:"client_offline_session_idle_timeout,omitempty"`

	// Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.
	ClientOfflineSessionMaxLifespan *string `json:"clientOfflineSessionMaxLifespan,omitempty" tf:"client_offline_session_max_lifespan,omitempty"`

	// Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// When true, users have to consent to client access. Defaults to false.
	ConsentRequired *bool `json:"consentRequired,omitempty" tf:"consent_required,omitempty"`

	// The text to display on the consent screen about permissions specific to this client. This is applicable only when display_on_consent_screen is true.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// When true, the OAuth2 Resource Owner Password Grant will be enabled for this client. Defaults to false.
	DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled,omitempty" tf:"direct_access_grants_enabled,omitempty"`

	// When true, the consent screen will display information about the client itself. Defaults to false. This is applicable only when consent_required is true.
	DisplayOnConsentScreen *bool `json:"displayOnConsentScreen,omitempty" tf:"display_on_consent_screen,omitempty"`

	// When false, this client will not be able to initiate a login or obtain access tokens. Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When true, the parameter session_state will not be included in OpenID Connect Authentication Response.
	ExcludeSessionStateFromAuthResponse *bool `json:"excludeSessionStateFromAuthResponse,omitempty" tf:"exclude_session_state_from_auth_response,omitempty"`

	// A map of key/value pairs to add extra configuration attributes to this client. Use this attribute at your own risk, as it may conflict with top-level configuration attributes in future provider updates. For example, the extra_config map can be used to set Authentication Context Class Reference (ACR) to Level of Authentication (LoA) mapping
	ExtraConfig map[string]*string `json:"extraConfig,omitempty" tf:"extra_config,omitempty"`

	// When true, frontchannel logout will be enabled for this client. Specify the url with frontchannel_logout_url. Defaults to false.
	FrontchannelLogoutEnabled *bool `json:"frontchannelLogoutEnabled,omitempty" tf:"frontchannel_logout_enabled,omitempty"`

	// The frontchannel logout url. This is applicable only when frontchannel_logout_enabled is true.
	FrontchannelLogoutURL *string `json:"frontchannelLogoutUrl,omitempty" tf:"frontchannel_logout_url,omitempty"`

	// Allow to include all roles mappings in the access token.
	FullScopeAllowed *bool `json:"fullScopeAllowed,omitempty" tf:"full_scope_allowed,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// When true, the OAuth2 Implicit Grant will be enabled for this client. Defaults to false.
	ImplicitFlowEnabled *bool `json:"implicitFlowEnabled,omitempty" tf:"implicit_flow_enabled,omitempty"`

	// When true, the client with the specified client_id is assumed to already exist, and it will be imported into state instead of being created. This attribute is useful when dealing with clients that Keycloak creates automatically during realm creation, such as account and admin-cli. Note, that the client will not be removed during destruction if import is true.
	Import *bool `json:"import,omitempty" tf:"import,omitempty"`

	// The client login theme. This will override the default theme for the realm.
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// The display name of this client in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.
	Oauth2DeviceAuthorizationGrantEnabled *bool `json:"oauth2DeviceAuthorizationGrantEnabled,omitempty" tf:"oauth2_device_authorization_grant_enabled,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	Oauth2DevicePollingInterval *string `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The challenge method to use for Proof Key for Code Exchange. Can be either plain or S256 or set to empty value “.
	PkceCodeChallengeMethod *string `json:"pkceCodeChallengeMethod,omitempty" tf:"pkce_code_challenge_method,omitempty"`

	// The realm this client is attached to.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// (Computed) When authorization is enabled for this client, this attribute is the unique ID for the client (the same value as the .id attribute).
	ResourceServerID *string `json:"resourceServerId,omitempty" tf:"resource_server_id,omitempty"`

	// When specified, this URL is prepended to any relative URLs found within valid_redirect_uris, web_origins, and admin_url. NOTE: Due to limitations in the Keycloak API, when the root_url attribute is used, the valid_redirect_uris, web_origins, and admin_url attributes will be required.
	RootURL *string `json:"rootUrl,omitempty" tf:"root_url,omitempty"`

	// (Computed) When service accounts are enabled for this client, this attribute is the unique ID for the Keycloak user that represents this service account.
	ServiceAccountUserID *string `json:"serviceAccountUserId,omitempty" tf:"service_account_user_id,omitempty"`

	// When true, the OAuth2 Client Credentials grant will be enabled for this client. Defaults to false.
	ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled,omitempty" tf:"service_accounts_enabled,omitempty"`

	// When true, the OAuth2 Authorization Code Grant will be enabled for this client. Defaults to false.
	StandardFlowEnabled *bool `json:"standardFlowEnabled,omitempty" tf:"standard_flow_enabled,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response. If this is false then no refresh_token will be generated.  Defaults to true.
	UseRefreshTokens *bool `json:"useRefreshTokens,omitempty" tf:"use_refresh_tokens,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response if the client_credentials grant is used and a user session will be created. If this is false then no refresh_token will be generated and the associated user session will be removed, in accordance with OAuth 2.0 RFC6749 Section 4.4.3. Defaults to false.
	UseRefreshTokensClientCredentials *bool `json:"useRefreshTokensClientCredentials,omitempty" tf:"use_refresh_tokens_client_credentials,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful logout.
	ValidPostLogoutRedirectUris []*string `json:"validPostLogoutRedirectUris,omitempty" tf:"valid_post_logout_redirect_uris,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful login or logout. Simple
	// wildcards in the form of an asterisk can be used here. This attribute must be set if either standard_flow_enabled or implicit_flow_enabled
	// is set to true.
	ValidRedirectUris []*string `json:"validRedirectUris,omitempty" tf:"valid_redirect_uris,omitempty"`

	// A list of allowed CORS origins. To permit all valid redirect URIs, add +. Note that this will not include the * wildcard. To permit all origins, explicitly add *."
	WebOrigins []*string `json:"webOrigins,omitempty" tf:"web_origins,omitempty"`
}

func (*ClientObservation) DeepCopy

func (in *ClientObservation) DeepCopy() *ClientObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientObservation.

func (*ClientObservation) DeepCopyInto

func (in *ClientObservation) DeepCopyInto(out *ClientObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientParameters

type ClientParameters struct {

	// The amount of time in seconds before an access token expires. This will override the default for the realm.
	// +kubebuilder:validation:Optional
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// Specifies the type of client, which can be one of the following:
	// +kubebuilder:validation:Optional
	AccessType *string `json:"accessType,omitempty" tf:"access_type,omitempty"`

	// URL to the admin interface of the client.
	// +kubebuilder:validation:Optional
	AdminURL *string `json:"adminUrl,omitempty" tf:"admin_url,omitempty"`

	// Override realm authentication flow bindings
	// +kubebuilder:validation:Optional
	AuthenticationFlowBindingOverrides []AuthenticationFlowBindingOverridesParameters `json:"authenticationFlowBindingOverrides,omitempty" tf:"authentication_flow_binding_overrides,omitempty"`

	// When this block is present, fine-grained authorization will be enabled for this client. The client's access_type must be CONFIDENTIAL, and service_accounts_enabled must be true. This block has the following arguments:
	// +kubebuilder:validation:Optional
	Authorization []AuthorizationParameters `json:"authorization,omitempty" tf:"authorization,omitempty"`

	// Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.
	// +kubebuilder:validation:Optional
	BackchannelLogoutRevokeOfflineSessions *bool `json:"backchannelLogoutRevokeOfflineSessions,omitempty" tf:"backchannel_logout_revoke_offline_sessions,omitempty"`

	// When true, a sid (session ID) claim will be included in the logout token when the backchannel logout URL is used. Defaults to true.
	// +kubebuilder:validation:Optional
	BackchannelLogoutSessionRequired *bool `json:"backchannelLogoutSessionRequired,omitempty" tf:"backchannel_logout_session_required,omitempty"`

	// The URL that will cause the client to log itself out when a logout request is sent to this realm. If omitted, no logout request will be sent to the client is this case.
	// +kubebuilder:validation:Optional
	BackchannelLogoutURL *string `json:"backchannelLogoutUrl,omitempty" tf:"backchannel_logout_url,omitempty"`

	// Default URL to use when the auth server needs to redirect or link back to the client.
	// +kubebuilder:validation:Optional
	BaseURL *string `json:"baseUrl,omitempty" tf:"base_url,omitempty"`

	// Defaults to client-secret. The authenticator type for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. A default Keycloak installation will have the following available types:
	// +kubebuilder:validation:Optional
	ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty" tf:"client_authenticator_type,omitempty"`

	// The Client ID for this client, referenced in the URI during authentication and in issued tokens.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/openidclient/v1alpha1.Client
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.
	// +kubebuilder:validation:Optional
	ClientOfflineSessionIdleTimeout *string `json:"clientOfflineSessionIdleTimeout,omitempty" tf:"client_offline_session_idle_timeout,omitempty"`

	// Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.
	// +kubebuilder:validation:Optional
	ClientOfflineSessionMaxLifespan *string `json:"clientOfflineSessionMaxLifespan,omitempty" tf:"client_offline_session_max_lifespan,omitempty"`

	// The secret for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. This value is sensitive and should be treated with the same care as a password. If omitted, this will be generated by Keycloak.
	// +kubebuilder:validation:Optional
	ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"`

	// Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.
	// +kubebuilder:validation:Optional
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.
	// +kubebuilder:validation:Optional
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// When true, users have to consent to client access. Defaults to false.
	// +kubebuilder:validation:Optional
	ConsentRequired *bool `json:"consentRequired,omitempty" tf:"consent_required,omitempty"`

	// The text to display on the consent screen about permissions specific to this client. This is applicable only when display_on_consent_screen is true.
	// +kubebuilder:validation:Optional
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client in the GUI.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// When true, the OAuth2 Resource Owner Password Grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled,omitempty" tf:"direct_access_grants_enabled,omitempty"`

	// When true, the consent screen will display information about the client itself. Defaults to false. This is applicable only when consent_required is true.
	// +kubebuilder:validation:Optional
	DisplayOnConsentScreen *bool `json:"displayOnConsentScreen,omitempty" tf:"display_on_consent_screen,omitempty"`

	// When false, this client will not be able to initiate a login or obtain access tokens. Defaults to true.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When true, the parameter session_state will not be included in OpenID Connect Authentication Response.
	// +kubebuilder:validation:Optional
	ExcludeSessionStateFromAuthResponse *bool `json:"excludeSessionStateFromAuthResponse,omitempty" tf:"exclude_session_state_from_auth_response,omitempty"`

	// A map of key/value pairs to add extra configuration attributes to this client. Use this attribute at your own risk, as it may conflict with top-level configuration attributes in future provider updates. For example, the extra_config map can be used to set Authentication Context Class Reference (ACR) to Level of Authentication (LoA) mapping
	// +kubebuilder:validation:Optional
	ExtraConfig map[string]*string `json:"extraConfig,omitempty" tf:"extra_config,omitempty"`

	// When true, frontchannel logout will be enabled for this client. Specify the url with frontchannel_logout_url. Defaults to false.
	// +kubebuilder:validation:Optional
	FrontchannelLogoutEnabled *bool `json:"frontchannelLogoutEnabled,omitempty" tf:"frontchannel_logout_enabled,omitempty"`

	// The frontchannel logout url. This is applicable only when frontchannel_logout_enabled is true.
	// +kubebuilder:validation:Optional
	FrontchannelLogoutURL *string `json:"frontchannelLogoutUrl,omitempty" tf:"frontchannel_logout_url,omitempty"`

	// Allow to include all roles mappings in the access token.
	// +kubebuilder:validation:Optional
	FullScopeAllowed *bool `json:"fullScopeAllowed,omitempty" tf:"full_scope_allowed,omitempty"`

	// When true, the OAuth2 Implicit Grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	ImplicitFlowEnabled *bool `json:"implicitFlowEnabled,omitempty" tf:"implicit_flow_enabled,omitempty"`

	// When true, the client with the specified client_id is assumed to already exist, and it will be imported into state instead of being created. This attribute is useful when dealing with clients that Keycloak creates automatically during realm creation, such as account and admin-cli. Note, that the client will not be removed during destruction if import is true.
	// +kubebuilder:validation:Optional
	Import *bool `json:"import,omitempty" tf:"import,omitempty"`

	// The client login theme. This will override the default theme for the realm.
	// +kubebuilder:validation:Optional
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// The display name of this client in the GUI.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.
	// +kubebuilder:validation:Optional
	Oauth2DeviceAuthorizationGrantEnabled *bool `json:"oauth2DeviceAuthorizationGrantEnabled,omitempty" tf:"oauth2_device_authorization_grant_enabled,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	// +kubebuilder:validation:Optional
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	// +kubebuilder:validation:Optional
	Oauth2DevicePollingInterval *string `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The challenge method to use for Proof Key for Code Exchange. Can be either plain or S256 or set to empty value “.
	// +kubebuilder:validation:Optional
	PkceCodeChallengeMethod *string `json:"pkceCodeChallengeMethod,omitempty" tf:"pkce_code_challenge_method,omitempty"`

	// The realm this client is attached to.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`

	// When specified, this URL is prepended to any relative URLs found within valid_redirect_uris, web_origins, and admin_url. NOTE: Due to limitations in the Keycloak API, when the root_url attribute is used, the valid_redirect_uris, web_origins, and admin_url attributes will be required.
	// +kubebuilder:validation:Optional
	RootURL *string `json:"rootUrl,omitempty" tf:"root_url,omitempty"`

	// When true, the OAuth2 Client Credentials grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled,omitempty" tf:"service_accounts_enabled,omitempty"`

	// When true, the OAuth2 Authorization Code Grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	StandardFlowEnabled *bool `json:"standardFlowEnabled,omitempty" tf:"standard_flow_enabled,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response. If this is false then no refresh_token will be generated.  Defaults to true.
	// +kubebuilder:validation:Optional
	UseRefreshTokens *bool `json:"useRefreshTokens,omitempty" tf:"use_refresh_tokens,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response if the client_credentials grant is used and a user session will be created. If this is false then no refresh_token will be generated and the associated user session will be removed, in accordance with OAuth 2.0 RFC6749 Section 4.4.3. Defaults to false.
	// +kubebuilder:validation:Optional
	UseRefreshTokensClientCredentials *bool `json:"useRefreshTokensClientCredentials,omitempty" tf:"use_refresh_tokens_client_credentials,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful logout.
	// +kubebuilder:validation:Optional
	ValidPostLogoutRedirectUris []*string `json:"validPostLogoutRedirectUris,omitempty" tf:"valid_post_logout_redirect_uris,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful login or logout. Simple
	// wildcards in the form of an asterisk can be used here. This attribute must be set if either standard_flow_enabled or implicit_flow_enabled
	// is set to true.
	// +kubebuilder:validation:Optional
	ValidRedirectUris []*string `json:"validRedirectUris,omitempty" tf:"valid_redirect_uris,omitempty"`

	// A list of allowed CORS origins. To permit all valid redirect URIs, add +. Note that this will not include the * wildcard. To permit all origins, explicitly add *."
	// +kubebuilder:validation:Optional
	WebOrigins []*string `json:"webOrigins,omitempty" tf:"web_origins,omitempty"`
}

func (*ClientParameters) DeepCopy

func (in *ClientParameters) DeepCopy() *ClientParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientParameters.

func (*ClientParameters) DeepCopyInto

func (in *ClientParameters) DeepCopyInto(out *ClientParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScope added in v0.2.0

type ClientScope struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter"
	Spec   ClientScopeSpec   `json:"spec"`
	Status ClientScopeStatus `json:"status,omitempty"`
}

ClientScope is the Schema for the ClientScopes API. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*ClientScope) DeepCopy added in v0.2.0

func (in *ClientScope) DeepCopy() *ClientScope

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScope.

func (*ClientScope) DeepCopyInto added in v0.2.0

func (in *ClientScope) DeepCopyInto(out *ClientScope)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientScope) DeepCopyObject added in v0.2.0

func (in *ClientScope) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientScope) GetCondition added in v0.2.0

func (mg *ClientScope) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ClientScope.

func (*ClientScope) GetConnectionDetailsMapping added in v0.2.0

func (tr *ClientScope) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ClientScope

func (*ClientScope) GetDeletionPolicy added in v0.2.0

func (mg *ClientScope) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ClientScope.

func (*ClientScope) GetID added in v0.2.0

func (tr *ClientScope) GetID() string

GetID returns ID of underlying Terraform resource of this ClientScope

func (*ClientScope) GetInitParameters added in v0.5.0

func (tr *ClientScope) GetInitParameters() (map[string]any, error)

GetInitParameters of this ClientScope

func (*ClientScope) GetManagementPolicies added in v0.2.0

func (mg *ClientScope) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ClientScope.

func (*ClientScope) GetMergedParameters added in v0.6.0

func (tr *ClientScope) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ClientScope

func (*ClientScope) GetObservation added in v0.2.0

func (tr *ClientScope) GetObservation() (map[string]any, error)

GetObservation of this ClientScope

func (*ClientScope) GetParameters added in v0.2.0

func (tr *ClientScope) GetParameters() (map[string]any, error)

GetParameters of this ClientScope

func (*ClientScope) GetProviderConfigReference added in v0.2.0

func (mg *ClientScope) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ClientScope.

func (*ClientScope) GetPublishConnectionDetailsTo added in v0.2.0

func (mg *ClientScope) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ClientScope.

func (*ClientScope) GetTerraformResourceType added in v0.2.0

func (mg *ClientScope) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ClientScope

func (*ClientScope) GetTerraformSchemaVersion added in v0.2.0

func (tr *ClientScope) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ClientScope) GetWriteConnectionSecretToReference added in v0.2.0

func (mg *ClientScope) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ClientScope.

func (*ClientScope) LateInitialize added in v0.2.0

func (tr *ClientScope) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ClientScope using its observed tfState. returns True if there are any spec changes for the resource.

func (*ClientScope) ResolveReferences added in v0.2.0

func (mg *ClientScope) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this ClientScope.

func (*ClientScope) SetConditions added in v0.2.0

func (mg *ClientScope) SetConditions(c ...xpv1.Condition)

SetConditions of this ClientScope.

func (*ClientScope) SetDeletionPolicy added in v0.2.0

func (mg *ClientScope) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ClientScope.

func (*ClientScope) SetManagementPolicies added in v0.2.0

func (mg *ClientScope) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ClientScope.

func (*ClientScope) SetObservation added in v0.2.0

func (tr *ClientScope) SetObservation(obs map[string]any) error

SetObservation for this ClientScope

func (*ClientScope) SetParameters added in v0.2.0

func (tr *ClientScope) SetParameters(params map[string]any) error

SetParameters for this ClientScope

func (*ClientScope) SetProviderConfigReference added in v0.2.0

func (mg *ClientScope) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ClientScope.

func (*ClientScope) SetPublishConnectionDetailsTo added in v0.2.0

func (mg *ClientScope) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ClientScope.

func (*ClientScope) SetWriteConnectionSecretToReference added in v0.2.0

func (mg *ClientScope) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ClientScope.

type ClientScopeInitParameters added in v0.5.0

type ClientScopeInitParameters struct {

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client scope in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder *float64 `json:"guiOrder,omitempty" tf:"gui_order,omitempty"`

	// When true, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
	IncludeInTokenScope *bool `json:"includeInTokenScope,omitempty" tf:"include_in_token_scope,omitempty"`

	// The display name of this client scope in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`
}

func (*ClientScopeInitParameters) DeepCopy added in v0.5.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeInitParameters.

func (*ClientScopeInitParameters) DeepCopyInto added in v0.5.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeList added in v0.2.0

type ClientScopeList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClientScope `json:"items"`
}

ClientScopeList contains a list of ClientScopes

func (*ClientScopeList) DeepCopy added in v0.2.0

func (in *ClientScopeList) DeepCopy() *ClientScopeList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeList.

func (*ClientScopeList) DeepCopyInto added in v0.2.0

func (in *ClientScopeList) DeepCopyInto(out *ClientScopeList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientScopeList) DeepCopyObject added in v0.2.0

func (in *ClientScopeList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientScopeList) GetItems added in v0.2.0

func (l *ClientScopeList) GetItems() []resource.Managed

GetItems of this ClientScopeList.

type ClientScopeObservation added in v0.2.0

type ClientScopeObservation struct {

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client scope in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder *float64 `json:"guiOrder,omitempty" tf:"gui_order,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// When true, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
	IncludeInTokenScope *bool `json:"includeInTokenScope,omitempty" tf:"include_in_token_scope,omitempty"`

	// The display name of this client scope in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The realm this client scope belongs to.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`
}

func (*ClientScopeObservation) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeObservation.

func (*ClientScopeObservation) DeepCopyInto added in v0.2.0

func (in *ClientScopeObservation) DeepCopyInto(out *ClientScopeObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeParameters added in v0.2.0

type ClientScopeParameters struct {

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	// +kubebuilder:validation:Optional
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client scope in the GUI.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	// +kubebuilder:validation:Optional
	GuiOrder *float64 `json:"guiOrder,omitempty" tf:"gui_order,omitempty"`

	// When true, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
	// +kubebuilder:validation:Optional
	IncludeInTokenScope *bool `json:"includeInTokenScope,omitempty" tf:"include_in_token_scope,omitempty"`

	// The display name of this client scope in the GUI.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The realm this client scope belongs to.
	// +crossplane:generate:reference:type=github.com/crossplane-contrib/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*ClientScopeParameters) DeepCopy added in v0.2.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeParameters.

func (*ClientScopeParameters) DeepCopyInto added in v0.2.0

func (in *ClientScopeParameters) DeepCopyInto(out *ClientScopeParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeSpec added in v0.2.0

type ClientScopeSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ClientScopeParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ClientScopeInitParameters `json:"initProvider,omitempty"`
}

ClientScopeSpec defines the desired state of ClientScope

func (*ClientScopeSpec) DeepCopy added in v0.2.0

func (in *ClientScopeSpec) DeepCopy() *ClientScopeSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeSpec.

func (*ClientScopeSpec) DeepCopyInto added in v0.2.0

func (in *ClientScopeSpec) DeepCopyInto(out *ClientScopeSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeStatus added in v0.2.0

type ClientScopeStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ClientScopeObservation `json:"atProvider,omitempty"`
}

ClientScopeStatus defines the observed state of ClientScope.

func (*ClientScopeStatus) DeepCopy added in v0.2.0

func (in *ClientScopeStatus) DeepCopy() *ClientScopeStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeStatus.

func (*ClientScopeStatus) DeepCopyInto added in v0.2.0

func (in *ClientScopeStatus) DeepCopyInto(out *ClientScopeStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientSpec

type ClientSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ClientParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ClientInitParameters `json:"initProvider,omitempty"`
}

ClientSpec defines the desired state of Client

func (*ClientSpec) DeepCopy

func (in *ClientSpec) DeepCopy() *ClientSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSpec.

func (*ClientSpec) DeepCopyInto

func (in *ClientSpec) DeepCopyInto(out *ClientSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientStatus

type ClientStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ClientObservation `json:"atProvider,omitempty"`
}

ClientStatus defines the observed state of Client.

func (*ClientStatus) DeepCopy

func (in *ClientStatus) DeepCopy() *ClientStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientStatus.

func (*ClientStatus) DeepCopyInto

func (in *ClientStatus) DeepCopyInto(out *ClientStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL