api

package
v0.0.0-...-4d083f9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 29, 2017 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

+groupName=oauth.openshift.io Package api is the internal version of the API.

Index

Constants

View Source
const (
	GroupName       = "oauth.openshift.io"
	LegacyGroupName = ""
)

Variables

View Source
var (
	SchemeGroupVersion       = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
	LegacySchemeGroupVersion = schema.GroupVersion{Group: LegacyGroupName, Version: runtime.APIVersionInternal}

	LegacySchemeBuilder    = runtime.NewSchemeBuilder(addLegacyKnownTypes)
	AddToSchemeInCoreGroup = LegacySchemeBuilder.AddToScheme

	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)

SchemeGroupVersion is group version used to register these objects

Functions

func DeepCopy_api_ClusterRoleScopeRestriction

func DeepCopy_api_ClusterRoleScopeRestriction(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthAccessToken

func DeepCopy_api_OAuthAccessToken(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthAccessTokenList

func DeepCopy_api_OAuthAccessTokenList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthAuthorizeToken

func DeepCopy_api_OAuthAuthorizeToken(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthAuthorizeTokenList

func DeepCopy_api_OAuthAuthorizeTokenList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthClient

func DeepCopy_api_OAuthClient(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthClientAuthorization

func DeepCopy_api_OAuthClientAuthorization(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthClientAuthorizationList

func DeepCopy_api_OAuthClientAuthorizationList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthClientList

func DeepCopy_api_OAuthClientList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_OAuthRedirectReference

func DeepCopy_api_OAuthRedirectReference(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_RedirectReference

func DeepCopy_api_RedirectReference(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_api_ScopeRestriction

func DeepCopy_api_ScopeRestriction(in interface{}, out interface{}, c *conversion.Cloner) error

func IsKindOrLegacy

func IsKindOrLegacy(kind string, gk schema.GroupKind) bool

IsKindOrLegacy checks if the provided GroupKind matches with the given kind by looking up the API group and also the legacy API.

func IsResourceOrLegacy

func IsResourceOrLegacy(resource string, gr schema.GroupResource) bool

IsResourceOrLegacy checks if the provided GroupResources matches with the given resource by looking up the API group and also the legacy API.

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func LegacyKind

func LegacyKind(kind string) schema.GroupKind

LegacyKind takes an unqualified kind and returns back a Group qualified GroupKind

func LegacyResource

func LegacyResource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

func OAuthAccessTokenToSelectableFields

func OAuthAccessTokenToSelectableFields(obj *OAuthAccessToken) fields.Set

OAuthAccessTokenToSelectableFields returns a label set that represents the object

func OAuthAuthorizeTokenToSelectableFields

func OAuthAuthorizeTokenToSelectableFields(obj *OAuthAuthorizeToken) fields.Set

OAuthAuthorizeTokenToSelectableFields returns a label set that represents the object

func OAuthClientAuthorizationToSelectableFields

func OAuthClientAuthorizationToSelectableFields(obj *OAuthClientAuthorization) fields.Set

OAuthClientAuthorizationToSelectableFields returns a label set that represents the object

func OAuthClientToSelectableFields

func OAuthClientToSelectableFields(obj *OAuthClient) fields.Set

OAuthClientToSelectableFields returns a label set that represents the object

func RegisterDeepCopies

func RegisterDeepCopies(scheme *runtime.Scheme) error

RegisterDeepCopies adds deep-copy functions to the given scheme. Public to allow building arbitrary schemes.

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

Types

type ClusterRoleScopeRestriction

type ClusterRoleScopeRestriction struct {
	// RoleNames is the list of cluster roles that can referenced.  * means anything
	RoleNames []string
	// Namespaces is the list of namespaces that can be referenced.  * means any of them (including *)
	Namespaces []string
	// AllowEscalation indicates whether you can request roles and their escalating resources
	AllowEscalation bool
}

ClusterRoleScopeRestriction describes restrictions on cluster role scopes

type GrantHandlerType

type GrantHandlerType string
const (
	// GrantHandlerAuto auto-approves client authorization grant requests
	GrantHandlerAuto GrantHandlerType = "auto"
	// GrantHandlerPrompt prompts the user to approve new client authorization grant requests
	GrantHandlerPrompt GrantHandlerType = "prompt"
	// GrantHandlerDeny auto-denies client authorization grant requests
	GrantHandlerDeny GrantHandlerType = "deny"
)

type OAuthAccessToken

type OAuthAccessToken struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// ClientName references the client that created this token.
	ClientName string

	// ExpiresIn is the seconds from CreationTime before this token expires.
	ExpiresIn int64

	// Scopes is an array of the requested scopes.
	Scopes []string

	// RedirectURI is the redirection associated with the token.
	RedirectURI string

	// UserName is the user name associated with this token
	UserName string

	// UserUID is the unique UID associated with this token
	UserUID string

	// AuthorizeToken contains the token that authorized this token
	AuthorizeToken string

	// RefreshToken is the value by which this token can be renewed. Can be blank.
	RefreshToken string
}

type OAuthAccessTokenList

type OAuthAccessTokenList struct {
	metav1.TypeMeta
	metav1.ListMeta
	Items []OAuthAccessToken
}

type OAuthAuthorizeToken

type OAuthAuthorizeToken struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// ClientName references the client that created this token.
	ClientName string

	// ExpiresIn is the seconds from CreationTime before this token expires.
	ExpiresIn int64

	// Scopes is an array of the requested scopes.
	Scopes []string

	// RedirectURI is the redirection associated with the token.
	RedirectURI string

	// State data from request
	State string

	// UserName is the user name associated with this token
	UserName string

	// UserUID is the unique UID associated with this token. UserUID and UserName must both match
	// for this token to be valid.
	UserUID string

	// CodeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636
	CodeChallenge string

	// CodeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636
	CodeChallengeMethod string
}

type OAuthAuthorizeTokenList

type OAuthAuthorizeTokenList struct {
	metav1.TypeMeta
	metav1.ListMeta
	Items []OAuthAuthorizeToken
}

type OAuthClient

type OAuthClient struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Secret is the unique secret associated with a client
	Secret string

	// AdditionalSecrets holds other secrets that may be used to identify the client.  This is useful for rotation
	// and for service account token validation
	AdditionalSecrets []string

	// RespondWithChallenges indicates whether the client wants authentication needed responses made in the form of challenges instead of redirects
	RespondWithChallenges bool

	// RedirectURIs is the valid redirection URIs associated with a client
	RedirectURIs []string

	// GrantMethod determines how to handle grants for this client. If no method is provided, the
	// cluster default grant handling method will be used
	GrantMethod GrantHandlerType

	// ScopeRestrictions describes which scopes this client can request.  Each requested scope
	// is checked against each restriction.  If any restriction matches, then the scope is allowed.
	// If no restriction matches, then the scope is denied.
	ScopeRestrictions []ScopeRestriction
}

type OAuthClientAuthorization

type OAuthClientAuthorization struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// ClientName references the client that created this authorization
	ClientName string

	// UserName is the user name that authorized this client
	UserName string

	// UserUID is the unique UID associated with this authorization. UserUID and UserName
	// must both match for this authorization to be valid.
	UserUID string

	// Scopes is an array of the granted scopes.
	Scopes []string
}

type OAuthClientAuthorizationList

type OAuthClientAuthorizationList struct {
	metav1.TypeMeta
	metav1.ListMeta
	Items []OAuthClientAuthorization
}

type OAuthClientList

type OAuthClientList struct {
	metav1.TypeMeta
	metav1.ListMeta
	Items []OAuthClient
}

type OAuthRedirectReference

type OAuthRedirectReference struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	Reference RedirectReference
}

type RedirectReference

type RedirectReference struct {
	Group string
	Kind  string
	Name  string
}

type ScopeRestriction

type ScopeRestriction struct {
	// ExactValues means the scope has to match a particular set of strings exactly
	ExactValues []string

	// ClusterRole describes a set of restrictions for cluster role scoping.
	ClusterRole *ClusterRoleScopeRestriction
}

ScopeRestriction describe one restriction on scopes. Exactly one option must be non-nil.

Directories

Path Synopsis
+groupName=oauth.openshift.io Package v1 is the v1 version of the API.
+groupName=oauth.openshift.io Package v1 is the v1 version of the API.
Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid.
Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL