v1alpha1

package
v0.0.0-...-61945a2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 21, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=openidclient.keycloak.crossplane.io +versionName=v1alpha1

Index

Constants

View Source 
const (
	CRDGroup   = "openidclient.keycloak.crossplane.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source 
var (
	Client_Kind             = "Client"
	Client_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Client_Kind}.String()
	Client_KindAPIVersion   = Client_Kind + "." + CRDGroupVersion.String()
	Client_GroupVersionKind = CRDGroupVersion.WithKind(Client_Kind)
)

Repository type metadata.

View Source 
var (
	ClientDefaultScopes_Kind             = "ClientDefaultScopes"
	ClientDefaultScopes_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ClientDefaultScopes_Kind}.String()
	ClientDefaultScopes_KindAPIVersion   = ClientDefaultScopes_Kind + "." + CRDGroupVersion.String()
	ClientDefaultScopes_GroupVersionKind = CRDGroupVersion.WithKind(ClientDefaultScopes_Kind)
)

Repository type metadata.

View Source 
var (
	ClientScope_Kind             = "ClientScope"
	ClientScope_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ClientScope_Kind}.String()
	ClientScope_KindAPIVersion   = ClientScope_Kind + "." + CRDGroupVersion.String()
	ClientScope_GroupVersionKind = CRDGroupVersion.WithKind(ClientScope_Kind)
)

Repository type metadata.

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AuthenticationFlowBindingOverridesInitParameters 

type AuthenticationFlowBindingOverridesInitParameters struct {

	// Browser flow id, (flow needs to exist)
	BrowserID *string `json:"browserId,omitempty" tf:"browser_id,omitempty"`

	// Direct grant flow id (flow needs to exist)
	DirectGrantID *string `json:"directGrantId,omitempty" tf:"direct_grant_id,omitempty"`
}

func (*AuthenticationFlowBindingOverridesInitParameters) DeepCopy 

func (in *AuthenticationFlowBindingOverridesInitParameters) DeepCopy() *AuthenticationFlowBindingOverridesInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationFlowBindingOverridesInitParameters.

func (*AuthenticationFlowBindingOverridesInitParameters) DeepCopyInto 

func (in *AuthenticationFlowBindingOverridesInitParameters) DeepCopyInto(out *AuthenticationFlowBindingOverridesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationFlowBindingOverridesObservation 

type AuthenticationFlowBindingOverridesObservation struct {

	// Browser flow id, (flow needs to exist)
	BrowserID *string `json:"browserId,omitempty" tf:"browser_id,omitempty"`

	// Direct grant flow id (flow needs to exist)
	DirectGrantID *string `json:"directGrantId,omitempty" tf:"direct_grant_id,omitempty"`
}

func (*AuthenticationFlowBindingOverridesObservation) DeepCopy 

func (in *AuthenticationFlowBindingOverridesObservation) DeepCopy() *AuthenticationFlowBindingOverridesObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationFlowBindingOverridesObservation.

func (*AuthenticationFlowBindingOverridesObservation) DeepCopyInto 

func (in *AuthenticationFlowBindingOverridesObservation) DeepCopyInto(out *AuthenticationFlowBindingOverridesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthenticationFlowBindingOverridesParameters 

type AuthenticationFlowBindingOverridesParameters struct {

	// Browser flow id, (flow needs to exist)
	// +kubebuilder:validation:Optional
	BrowserID *string `json:"browserId,omitempty" tf:"browser_id,omitempty"`

	// Direct grant flow id (flow needs to exist)
	// +kubebuilder:validation:Optional
	DirectGrantID *string `json:"directGrantId,omitempty" tf:"direct_grant_id,omitempty"`
}

func (*AuthenticationFlowBindingOverridesParameters) DeepCopy 

func (in *AuthenticationFlowBindingOverridesParameters) DeepCopy() *AuthenticationFlowBindingOverridesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthenticationFlowBindingOverridesParameters.

func (*AuthenticationFlowBindingOverridesParameters) DeepCopyInto 

func (in *AuthenticationFlowBindingOverridesParameters) DeepCopyInto(out *AuthenticationFlowBindingOverridesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationInitParameters 

type AuthorizationInitParameters struct {

	// When true, resources can be managed remotely by the resource server. Defaults to false.
	AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement,omitempty" tf:"allow_remote_resource_management,omitempty"`

	// Dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. Could be one of AFFIRMATIVE, CONSENSUS, or UNANIMOUS. Applies to permissions.
	DecisionStrategy *string `json:"decisionStrategy,omitempty" tf:"decision_strategy,omitempty"`

	// When true, defaults set by Keycloak will be respected. Defaults to false.
	KeepDefaults *bool `json:"keepDefaults,omitempty" tf:"keep_defaults,omitempty"`

	// Dictates how policies are enforced when evaluating authorization requests. Can be one of ENFORCING, PERMISSIVE, or DISABLED.
	PolicyEnforcementMode *string `json:"policyEnforcementMode,omitempty" tf:"policy_enforcement_mode,omitempty"`
}

func (*AuthorizationInitParameters) DeepCopy 

func (in *AuthorizationInitParameters) DeepCopy() *AuthorizationInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationInitParameters.

func (*AuthorizationInitParameters) DeepCopyInto 

func (in *AuthorizationInitParameters) DeepCopyInto(out *AuthorizationInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationObservation 

type AuthorizationObservation struct {

	// When true, resources can be managed remotely by the resource server. Defaults to false.
	AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement,omitempty" tf:"allow_remote_resource_management,omitempty"`

	// Dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. Could be one of AFFIRMATIVE, CONSENSUS, or UNANIMOUS. Applies to permissions.
	DecisionStrategy *string `json:"decisionStrategy,omitempty" tf:"decision_strategy,omitempty"`

	// When true, defaults set by Keycloak will be respected. Defaults to false.
	KeepDefaults *bool `json:"keepDefaults,omitempty" tf:"keep_defaults,omitempty"`

	// Dictates how policies are enforced when evaluating authorization requests. Can be one of ENFORCING, PERMISSIVE, or DISABLED.
	PolicyEnforcementMode *string `json:"policyEnforcementMode,omitempty" tf:"policy_enforcement_mode,omitempty"`
}

func (*AuthorizationObservation) DeepCopy 

func (in *AuthorizationObservation) DeepCopy() *AuthorizationObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationObservation.

func (*AuthorizationObservation) DeepCopyInto 

func (in *AuthorizationObservation) DeepCopyInto(out *AuthorizationObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthorizationParameters 

type AuthorizationParameters struct {

	// When true, resources can be managed remotely by the resource server. Defaults to false.
	// +kubebuilder:validation:Optional
	AllowRemoteResourceManagement *bool `json:"allowRemoteResourceManagement,omitempty" tf:"allow_remote_resource_management,omitempty"`

	// Dictates how the policies associated with a given permission are evaluated and how a final decision is obtained. Could be one of AFFIRMATIVE, CONSENSUS, or UNANIMOUS. Applies to permissions.
	// +kubebuilder:validation:Optional
	DecisionStrategy *string `json:"decisionStrategy,omitempty" tf:"decision_strategy,omitempty"`

	// When true, defaults set by Keycloak will be respected. Defaults to false.
	// +kubebuilder:validation:Optional
	KeepDefaults *bool `json:"keepDefaults,omitempty" tf:"keep_defaults,omitempty"`

	// Dictates how policies are enforced when evaluating authorization requests. Can be one of ENFORCING, PERMISSIVE, or DISABLED.
	// +kubebuilder:validation:Optional
	PolicyEnforcementMode *string `json:"policyEnforcementMode" tf:"policy_enforcement_mode,omitempty"`
}

func (*AuthorizationParameters) DeepCopy 

func (in *AuthorizationParameters) DeepCopy() *AuthorizationParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorizationParameters.

func (*AuthorizationParameters) DeepCopyInto 

func (in *AuthorizationParameters) DeepCopyInto(out *AuthorizationParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Client 

type Client struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.accessType) || (has(self.initProvider) && has(self.initProvider.accessType))",message="spec.forProvider.accessType is a required parameter"
	Spec   ClientSpec   `json:"spec"`
	Status ClientStatus `json:"status,omitempty"`
}

Client is the Schema for the Clients API. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*Client) DeepCopy 

func (in *Client) DeepCopy() *Client

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Client.

func (*Client) DeepCopyInto 

func (in *Client) DeepCopyInto(out *Client)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Client) DeepCopyObject 

func (in *Client) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Client) GetCondition 

func (mg *Client) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Client.

func (*Client) GetConnectionDetailsMapping 

func (tr *Client) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Client

func (*Client) GetDeletionPolicy 

func (mg *Client) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Client.

func (*Client) GetID 

func (tr *Client) GetID() string

GetID returns ID of underlying Terraform resource of this Client

func (*Client) GetInitParameters 

func (tr *Client) GetInitParameters() (map[string]any, error)

GetInitParameters of this Client

func (*Client) GetManagementPolicies 

func (mg *Client) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Client.

func (*Client) GetMergedParameters 

func (tr *Client) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Client

func (*Client) GetObservation 

func (tr *Client) GetObservation() (map[string]any, error)

GetObservation of this Client

func (*Client) GetParameters 

func (tr *Client) GetParameters() (map[string]any, error)

GetParameters of this Client

func (*Client) GetProviderConfigReference 

func (mg *Client) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Client.

func (*Client) GetPublishConnectionDetailsTo 

func (mg *Client) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Client.

func (*Client) GetTerraformResourceType 

func (mg *Client) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Client

func (*Client) GetTerraformSchemaVersion 

func (tr *Client) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Client) GetWriteConnectionSecretToReference 

func (mg *Client) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Client.

func (*Client) Hub 

func (tr *Client) Hub()

Hub marks this type as a conversion hub.

func (*Client) LateInitialize 

func (tr *Client) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Client using its observed tfState. returns True if there are any spec changes for the resource.

func (*Client) ResolveReferences 

func (mg *Client) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Client.

func (*Client) SetConditions 

func (mg *Client) SetConditions(c ...xpv1.Condition)

SetConditions of this Client.

func (*Client) SetDeletionPolicy 

func (mg *Client) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Client.

func (*Client) SetManagementPolicies 

func (mg *Client) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Client.

func (*Client) SetObservation 

func (tr *Client) SetObservation(obs map[string]any) error

SetObservation for this Client

func (*Client) SetParameters 

func (tr *Client) SetParameters(params map[string]any) error

SetParameters for this Client

func (*Client) SetProviderConfigReference 

func (mg *Client) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Client.

func (*Client) SetPublishConnectionDetailsTo 

func (mg *Client) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Client.

func (*Client) SetWriteConnectionSecretToReference 

func (mg *Client) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Client.

type ClientDefaultScopes 

type ClientDefaultScopes struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.defaultScopes) || (has(self.initProvider) && has(self.initProvider.defaultScopes))",message="spec.forProvider.defaultScopes is a required parameter"
	Spec   ClientDefaultScopesSpec   `json:"spec"`
	Status ClientDefaultScopesStatus `json:"status,omitempty"`
}

ClientDefaultScopes is the Schema for the ClientDefaultScopess API. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*ClientDefaultScopes) DeepCopy 

func (in *ClientDefaultScopes) DeepCopy() *ClientDefaultScopes

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopes.

func (*ClientDefaultScopes) DeepCopyInto 

func (in *ClientDefaultScopes) DeepCopyInto(out *ClientDefaultScopes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientDefaultScopes) DeepCopyObject 

func (in *ClientDefaultScopes) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientDefaultScopes) GetCondition 

func (mg *ClientDefaultScopes) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetConnectionDetailsMapping 

func (tr *ClientDefaultScopes) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ClientDefaultScopes

func (*ClientDefaultScopes) GetDeletionPolicy 

func (mg *ClientDefaultScopes) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetID 

func (tr *ClientDefaultScopes) GetID() string

GetID returns ID of underlying Terraform resource of this ClientDefaultScopes

func (*ClientDefaultScopes) GetInitParameters 

func (tr *ClientDefaultScopes) GetInitParameters() (map[string]any, error)

GetInitParameters of this ClientDefaultScopes

func (*ClientDefaultScopes) GetManagementPolicies 

func (mg *ClientDefaultScopes) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetMergedParameters 

func (tr *ClientDefaultScopes) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ClientDefaultScopes

func (*ClientDefaultScopes) GetObservation 

func (tr *ClientDefaultScopes) GetObservation() (map[string]any, error)

GetObservation of this ClientDefaultScopes

func (*ClientDefaultScopes) GetParameters 

func (tr *ClientDefaultScopes) GetParameters() (map[string]any, error)

GetParameters of this ClientDefaultScopes

func (*ClientDefaultScopes) GetProviderConfigReference 

func (mg *ClientDefaultScopes) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetPublishConnectionDetailsTo 

func (mg *ClientDefaultScopes) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ClientDefaultScopes.

func (*ClientDefaultScopes) GetTerraformResourceType 

func (mg *ClientDefaultScopes) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ClientDefaultScopes

func (*ClientDefaultScopes) GetTerraformSchemaVersion 

func (tr *ClientDefaultScopes) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ClientDefaultScopes) GetWriteConnectionSecretToReference 

func (mg *ClientDefaultScopes) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ClientDefaultScopes.

func (*ClientDefaultScopes) Hub 

func (tr *ClientDefaultScopes) Hub()

Hub marks this type as a conversion hub.

func (*ClientDefaultScopes) LateInitialize 

func (tr *ClientDefaultScopes) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ClientDefaultScopes using its observed tfState. returns True if there are any spec changes for the resource.

func (*ClientDefaultScopes) ResolveReferences 

func (mg *ClientDefaultScopes) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetConditions 

func (mg *ClientDefaultScopes) SetConditions(c ...xpv1.Condition)

SetConditions of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetDeletionPolicy 

func (mg *ClientDefaultScopes) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetManagementPolicies 

func (mg *ClientDefaultScopes) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetObservation 

func (tr *ClientDefaultScopes) SetObservation(obs map[string]any) error

SetObservation for this ClientDefaultScopes

func (*ClientDefaultScopes) SetParameters 

func (tr *ClientDefaultScopes) SetParameters(params map[string]any) error

SetParameters for this ClientDefaultScopes

func (*ClientDefaultScopes) SetProviderConfigReference 

func (mg *ClientDefaultScopes) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetPublishConnectionDetailsTo 

func (mg *ClientDefaultScopes) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ClientDefaultScopes.

func (*ClientDefaultScopes) SetWriteConnectionSecretToReference 

func (mg *ClientDefaultScopes) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ClientDefaultScopes.

type ClientDefaultScopesInitParameters 

type ClientDefaultScopesInitParameters struct {

	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/openidclient/v1alpha1.Client
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// An array of client scope names to attach to this client.
	// +listType=set
	DefaultScopes []*string `json:"defaultScopes,omitempty" tf:"default_scopes,omitempty"`

	// The realm this client and scopes exists in.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/realm/v1alpha1.Realm
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*ClientDefaultScopesInitParameters) DeepCopy 

func (in *ClientDefaultScopesInitParameters) DeepCopy() *ClientDefaultScopesInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesInitParameters.

func (*ClientDefaultScopesInitParameters) DeepCopyInto 

func (in *ClientDefaultScopesInitParameters) DeepCopyInto(out *ClientDefaultScopesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesList 

type ClientDefaultScopesList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClientDefaultScopes `json:"items"`
}

ClientDefaultScopesList contains a list of ClientDefaultScopess

func (*ClientDefaultScopesList) DeepCopy 

func (in *ClientDefaultScopesList) DeepCopy() *ClientDefaultScopesList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesList.

func (*ClientDefaultScopesList) DeepCopyInto 

func (in *ClientDefaultScopesList) DeepCopyInto(out *ClientDefaultScopesList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientDefaultScopesList) DeepCopyObject 

func (in *ClientDefaultScopesList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientDefaultScopesList) GetItems 

func (l *ClientDefaultScopesList) GetItems() []resource.Managed

GetItems of this ClientDefaultScopesList.

type ClientDefaultScopesObservation 

type ClientDefaultScopesObservation struct {

	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// An array of client scope names to attach to this client.
	// +listType=set
	DefaultScopes []*string `json:"defaultScopes,omitempty" tf:"default_scopes,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The realm this client and scopes exists in.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`
}

func (*ClientDefaultScopesObservation) DeepCopy 

func (in *ClientDefaultScopesObservation) DeepCopy() *ClientDefaultScopesObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesObservation.

func (*ClientDefaultScopesObservation) DeepCopyInto 

func (in *ClientDefaultScopesObservation) DeepCopyInto(out *ClientDefaultScopesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesParameters 

type ClientDefaultScopesParameters struct {

	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/openidclient/v1alpha1.Client
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// An array of client scope names to attach to this client.
	// +kubebuilder:validation:Optional
	// +listType=set
	DefaultScopes []*string `json:"defaultScopes,omitempty" tf:"default_scopes,omitempty"`

	// The realm this client and scopes exists in.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*ClientDefaultScopesParameters) DeepCopy 

func (in *ClientDefaultScopesParameters) DeepCopy() *ClientDefaultScopesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesParameters.

func (*ClientDefaultScopesParameters) DeepCopyInto 

func (in *ClientDefaultScopesParameters) DeepCopyInto(out *ClientDefaultScopesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesSpec 

type ClientDefaultScopesSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ClientDefaultScopesParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ClientDefaultScopesInitParameters `json:"initProvider,omitempty"`
}

ClientDefaultScopesSpec defines the desired state of ClientDefaultScopes

func (*ClientDefaultScopesSpec) DeepCopy 

func (in *ClientDefaultScopesSpec) DeepCopy() *ClientDefaultScopesSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesSpec.

func (*ClientDefaultScopesSpec) DeepCopyInto 

func (in *ClientDefaultScopesSpec) DeepCopyInto(out *ClientDefaultScopesSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientDefaultScopesStatus 

type ClientDefaultScopesStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ClientDefaultScopesObservation `json:"atProvider,omitempty"`
}

ClientDefaultScopesStatus defines the observed state of ClientDefaultScopes.

func (*ClientDefaultScopesStatus) DeepCopy 

func (in *ClientDefaultScopesStatus) DeepCopy() *ClientDefaultScopesStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientDefaultScopesStatus.

func (*ClientDefaultScopesStatus) DeepCopyInto 

func (in *ClientDefaultScopesStatus) DeepCopyInto(out *ClientDefaultScopesStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientInitParameters 

type ClientInitParameters struct {

	// The amount of time in seconds before an access token expires. This will override the default for the realm.
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// Specifies the type of client, which can be one of the following:
	AccessType *string `json:"accessType,omitempty" tf:"access_type,omitempty"`

	// URL to the admin interface of the client.
	AdminURL *string `json:"adminUrl,omitempty" tf:"admin_url,omitempty"`

	// Override realm authentication flow bindings
	AuthenticationFlowBindingOverrides []AuthenticationFlowBindingOverridesInitParameters `json:"authenticationFlowBindingOverrides,omitempty" tf:"authentication_flow_binding_overrides,omitempty"`

	// When this block is present, fine-grained authorization will be enabled for this client. The client's access_type must be CONFIDENTIAL, and service_accounts_enabled must be true. This block has the following arguments:
	Authorization []AuthorizationInitParameters `json:"authorization,omitempty" tf:"authorization,omitempty"`

	// Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.
	BackchannelLogoutRevokeOfflineSessions *bool `json:"backchannelLogoutRevokeOfflineSessions,omitempty" tf:"backchannel_logout_revoke_offline_sessions,omitempty"`

	// When true, a sid (session ID) claim will be included in the logout token when the backchannel logout URL is used. Defaults to true.
	BackchannelLogoutSessionRequired *bool `json:"backchannelLogoutSessionRequired,omitempty" tf:"backchannel_logout_session_required,omitempty"`

	// The URL that will cause the client to log itself out when a logout request is sent to this realm. If omitted, no logout request will be sent to the client is this case.
	BackchannelLogoutURL *string `json:"backchannelLogoutUrl,omitempty" tf:"backchannel_logout_url,omitempty"`

	// Default URL to use when the auth server needs to redirect or link back to the client.
	BaseURL *string `json:"baseUrl,omitempty" tf:"base_url,omitempty"`

	// Defaults to client-secret. The authenticator type for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. A default Keycloak installation will have the following available types:
	ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty" tf:"client_authenticator_type,omitempty"`

	// The Client ID for this client, referenced in the URI during authentication and in issued tokens.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/openidclient/v1alpha1.Client
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.
	ClientOfflineSessionIdleTimeout *string `json:"clientOfflineSessionIdleTimeout,omitempty" tf:"client_offline_session_idle_timeout,omitempty"`

	// Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.
	ClientOfflineSessionMaxLifespan *string `json:"clientOfflineSessionMaxLifespan,omitempty" tf:"client_offline_session_max_lifespan,omitempty"`

	// Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// When true, users have to consent to client access. Defaults to false.
	ConsentRequired *bool `json:"consentRequired,omitempty" tf:"consent_required,omitempty"`

	// The text to display on the consent screen about permissions specific to this client. This is applicable only when display_on_consent_screen is true.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// When true, the OAuth2 Resource Owner Password Grant will be enabled for this client. Defaults to false.
	DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled,omitempty" tf:"direct_access_grants_enabled,omitempty"`

	// When true, the consent screen will display information about the client itself. Defaults to false. This is applicable only when consent_required is true.
	DisplayOnConsentScreen *bool `json:"displayOnConsentScreen,omitempty" tf:"display_on_consent_screen,omitempty"`

	// When false, this client will not be able to initiate a login or obtain access tokens. Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When true, the parameter session_state will not be included in OpenID Connect Authentication Response.
	ExcludeSessionStateFromAuthResponse *bool `json:"excludeSessionStateFromAuthResponse,omitempty" tf:"exclude_session_state_from_auth_response,omitempty"`

	// A map of key/value pairs to add extra configuration attributes to this client. Use this attribute at your own risk, as it may conflict with top-level configuration attributes in future provider updates. For example, the extra_config map can be used to set Authentication Context Class Reference (ACR) to Level of Authentication (LoA) mapping
	// +mapType=granular
	ExtraConfig map[string]*string `json:"extraConfig,omitempty" tf:"extra_config,omitempty"`

	// When true, frontchannel logout will be enabled for this client. Specify the url with frontchannel_logout_url. Defaults to false.
	FrontchannelLogoutEnabled *bool `json:"frontchannelLogoutEnabled,omitempty" tf:"frontchannel_logout_enabled,omitempty"`

	// The frontchannel logout url. This is applicable only when frontchannel_logout_enabled is true.
	FrontchannelLogoutURL *string `json:"frontchannelLogoutUrl,omitempty" tf:"frontchannel_logout_url,omitempty"`

	// Allow to include all roles mappings in the access token.
	FullScopeAllowed *bool `json:"fullScopeAllowed,omitempty" tf:"full_scope_allowed,omitempty"`

	// When true, the OAuth2 Implicit Grant will be enabled for this client. Defaults to false.
	ImplicitFlowEnabled *bool `json:"implicitFlowEnabled,omitempty" tf:"implicit_flow_enabled,omitempty"`

	// When true, the client with the specified client_id is assumed to already exist, and it will be imported into state instead of being created. This attribute is useful when dealing with clients that Keycloak creates automatically during realm creation, such as account and admin-cli. Note, that the client will not be removed during destruction if import is true.
	Import *bool `json:"import,omitempty" tf:"import,omitempty"`

	// The client login theme. This will override the default theme for the realm.
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// The display name of this client in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.
	Oauth2DeviceAuthorizationGrantEnabled *bool `json:"oauth2DeviceAuthorizationGrantEnabled,omitempty" tf:"oauth2_device_authorization_grant_enabled,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	Oauth2DevicePollingInterval *string `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The challenge method to use for Proof Key for Code Exchange. Can be either plain or S256 or set to empty value “.
	PkceCodeChallengeMethod *string `json:"pkceCodeChallengeMethod,omitempty" tf:"pkce_code_challenge_method,omitempty"`

	// The realm this client is attached to.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/realm/v1alpha1.Realm
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`

	// When specified, this URL is prepended to any relative URLs found within valid_redirect_uris, web_origins, and admin_url. NOTE: Due to limitations in the Keycloak API, when the root_url attribute is used, the valid_redirect_uris, web_origins, and admin_url attributes will be required.
	RootURL *string `json:"rootUrl,omitempty" tf:"root_url,omitempty"`

	// When true, the OAuth2 Client Credentials grant will be enabled for this client. Defaults to false.
	ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled,omitempty" tf:"service_accounts_enabled,omitempty"`

	// When true, the OAuth2 Authorization Code Grant will be enabled for this client. Defaults to false.
	StandardFlowEnabled *bool `json:"standardFlowEnabled,omitempty" tf:"standard_flow_enabled,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response. If this is false then no refresh_token will be generated.  Defaults to true.
	UseRefreshTokens *bool `json:"useRefreshTokens,omitempty" tf:"use_refresh_tokens,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response if the client_credentials grant is used and a user session will be created. If this is false then no refresh_token will be generated and the associated user session will be removed, in accordance with OAuth 2.0 RFC6749 Section 4.4.3. Defaults to false.
	UseRefreshTokensClientCredentials *bool `json:"useRefreshTokensClientCredentials,omitempty" tf:"use_refresh_tokens_client_credentials,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful logout.
	// +listType=set
	ValidPostLogoutRedirectUris []*string `json:"validPostLogoutRedirectUris,omitempty" tf:"valid_post_logout_redirect_uris,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful login or logout. Simple
	// wildcards in the form of an asterisk can be used here. This attribute must be set if either standard_flow_enabled or implicit_flow_enabled
	// is set to true.
	// +listType=set
	ValidRedirectUris []*string `json:"validRedirectUris,omitempty" tf:"valid_redirect_uris,omitempty"`

	// A list of allowed CORS origins. To permit all valid redirect URIs, add +. Note that this will not include the * wildcard. To permit all origins, explicitly add *."
	// +listType=set
	WebOrigins []*string `json:"webOrigins,omitempty" tf:"web_origins,omitempty"`
}

func (*ClientInitParameters) DeepCopy 

func (in *ClientInitParameters) DeepCopy() *ClientInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientInitParameters.

func (*ClientInitParameters) DeepCopyInto 

func (in *ClientInitParameters) DeepCopyInto(out *ClientInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientList 

type ClientList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Client `json:"items"`
}

ClientList contains a list of Clients

func (*ClientList) DeepCopy 

func (in *ClientList) DeepCopy() *ClientList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientList.

func (*ClientList) DeepCopyInto 

func (in *ClientList) DeepCopyInto(out *ClientList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientList) DeepCopyObject 

func (in *ClientList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientList) GetItems 

func (l *ClientList) GetItems() []resource.Managed

GetItems of this ClientList.

type ClientObservation 

type ClientObservation struct {

	// The amount of time in seconds before an access token expires. This will override the default for the realm.
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// Specifies the type of client, which can be one of the following:
	AccessType *string `json:"accessType,omitempty" tf:"access_type,omitempty"`

	// URL to the admin interface of the client.
	AdminURL *string `json:"adminUrl,omitempty" tf:"admin_url,omitempty"`

	// Override realm authentication flow bindings
	AuthenticationFlowBindingOverrides []AuthenticationFlowBindingOverridesObservation `json:"authenticationFlowBindingOverrides,omitempty" tf:"authentication_flow_binding_overrides,omitempty"`

	// When this block is present, fine-grained authorization will be enabled for this client. The client's access_type must be CONFIDENTIAL, and service_accounts_enabled must be true. This block has the following arguments:
	Authorization []AuthorizationObservation `json:"authorization,omitempty" tf:"authorization,omitempty"`

	// Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.
	BackchannelLogoutRevokeOfflineSessions *bool `json:"backchannelLogoutRevokeOfflineSessions,omitempty" tf:"backchannel_logout_revoke_offline_sessions,omitempty"`

	// When true, a sid (session ID) claim will be included in the logout token when the backchannel logout URL is used. Defaults to true.
	BackchannelLogoutSessionRequired *bool `json:"backchannelLogoutSessionRequired,omitempty" tf:"backchannel_logout_session_required,omitempty"`

	// The URL that will cause the client to log itself out when a logout request is sent to this realm. If omitted, no logout request will be sent to the client is this case.
	BackchannelLogoutURL *string `json:"backchannelLogoutUrl,omitempty" tf:"backchannel_logout_url,omitempty"`

	// Default URL to use when the auth server needs to redirect or link back to the client.
	BaseURL *string `json:"baseUrl,omitempty" tf:"base_url,omitempty"`

	// Defaults to client-secret. The authenticator type for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. A default Keycloak installation will have the following available types:
	ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty" tf:"client_authenticator_type,omitempty"`

	// The Client ID for this client, referenced in the URI during authentication and in issued tokens.
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.
	ClientOfflineSessionIdleTimeout *string `json:"clientOfflineSessionIdleTimeout,omitempty" tf:"client_offline_session_idle_timeout,omitempty"`

	// Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.
	ClientOfflineSessionMaxLifespan *string `json:"clientOfflineSessionMaxLifespan,omitempty" tf:"client_offline_session_max_lifespan,omitempty"`

	// Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// When true, users have to consent to client access. Defaults to false.
	ConsentRequired *bool `json:"consentRequired,omitempty" tf:"consent_required,omitempty"`

	// The text to display on the consent screen about permissions specific to this client. This is applicable only when display_on_consent_screen is true.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// When true, the OAuth2 Resource Owner Password Grant will be enabled for this client. Defaults to false.
	DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled,omitempty" tf:"direct_access_grants_enabled,omitempty"`

	// When true, the consent screen will display information about the client itself. Defaults to false. This is applicable only when consent_required is true.
	DisplayOnConsentScreen *bool `json:"displayOnConsentScreen,omitempty" tf:"display_on_consent_screen,omitempty"`

	// When false, this client will not be able to initiate a login or obtain access tokens. Defaults to true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When true, the parameter session_state will not be included in OpenID Connect Authentication Response.
	ExcludeSessionStateFromAuthResponse *bool `json:"excludeSessionStateFromAuthResponse,omitempty" tf:"exclude_session_state_from_auth_response,omitempty"`

	// A map of key/value pairs to add extra configuration attributes to this client. Use this attribute at your own risk, as it may conflict with top-level configuration attributes in future provider updates. For example, the extra_config map can be used to set Authentication Context Class Reference (ACR) to Level of Authentication (LoA) mapping
	// +mapType=granular
	ExtraConfig map[string]*string `json:"extraConfig,omitempty" tf:"extra_config,omitempty"`

	// When true, frontchannel logout will be enabled for this client. Specify the url with frontchannel_logout_url. Defaults to false.
	FrontchannelLogoutEnabled *bool `json:"frontchannelLogoutEnabled,omitempty" tf:"frontchannel_logout_enabled,omitempty"`

	// The frontchannel logout url. This is applicable only when frontchannel_logout_enabled is true.
	FrontchannelLogoutURL *string `json:"frontchannelLogoutUrl,omitempty" tf:"frontchannel_logout_url,omitempty"`

	// Allow to include all roles mappings in the access token.
	FullScopeAllowed *bool `json:"fullScopeAllowed,omitempty" tf:"full_scope_allowed,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// When true, the OAuth2 Implicit Grant will be enabled for this client. Defaults to false.
	ImplicitFlowEnabled *bool `json:"implicitFlowEnabled,omitempty" tf:"implicit_flow_enabled,omitempty"`

	// When true, the client with the specified client_id is assumed to already exist, and it will be imported into state instead of being created. This attribute is useful when dealing with clients that Keycloak creates automatically during realm creation, such as account and admin-cli. Note, that the client will not be removed during destruction if import is true.
	Import *bool `json:"import,omitempty" tf:"import,omitempty"`

	// The client login theme. This will override the default theme for the realm.
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// The display name of this client in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.
	Oauth2DeviceAuthorizationGrantEnabled *bool `json:"oauth2DeviceAuthorizationGrantEnabled,omitempty" tf:"oauth2_device_authorization_grant_enabled,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	Oauth2DevicePollingInterval *string `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The challenge method to use for Proof Key for Code Exchange. Can be either plain or S256 or set to empty value “.
	PkceCodeChallengeMethod *string `json:"pkceCodeChallengeMethod,omitempty" tf:"pkce_code_challenge_method,omitempty"`

	// The realm this client is attached to.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// (Computed) When authorization is enabled for this client, this attribute is the unique ID for the client (the same value as the .id attribute).
	ResourceServerID *string `json:"resourceServerId,omitempty" tf:"resource_server_id,omitempty"`

	// When specified, this URL is prepended to any relative URLs found within valid_redirect_uris, web_origins, and admin_url. NOTE: Due to limitations in the Keycloak API, when the root_url attribute is used, the valid_redirect_uris, web_origins, and admin_url attributes will be required.
	RootURL *string `json:"rootUrl,omitempty" tf:"root_url,omitempty"`

	// (Computed) When service accounts are enabled for this client, this attribute is the unique ID for the Keycloak user that represents this service account.
	ServiceAccountUserID *string `json:"serviceAccountUserId,omitempty" tf:"service_account_user_id,omitempty"`

	// When true, the OAuth2 Client Credentials grant will be enabled for this client. Defaults to false.
	ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled,omitempty" tf:"service_accounts_enabled,omitempty"`

	// When true, the OAuth2 Authorization Code Grant will be enabled for this client. Defaults to false.
	StandardFlowEnabled *bool `json:"standardFlowEnabled,omitempty" tf:"standard_flow_enabled,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response. If this is false then no refresh_token will be generated.  Defaults to true.
	UseRefreshTokens *bool `json:"useRefreshTokens,omitempty" tf:"use_refresh_tokens,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response if the client_credentials grant is used and a user session will be created. If this is false then no refresh_token will be generated and the associated user session will be removed, in accordance with OAuth 2.0 RFC6749 Section 4.4.3. Defaults to false.
	UseRefreshTokensClientCredentials *bool `json:"useRefreshTokensClientCredentials,omitempty" tf:"use_refresh_tokens_client_credentials,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful logout.
	// +listType=set
	ValidPostLogoutRedirectUris []*string `json:"validPostLogoutRedirectUris,omitempty" tf:"valid_post_logout_redirect_uris,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful login or logout. Simple
	// wildcards in the form of an asterisk can be used here. This attribute must be set if either standard_flow_enabled or implicit_flow_enabled
	// is set to true.
	// +listType=set
	ValidRedirectUris []*string `json:"validRedirectUris,omitempty" tf:"valid_redirect_uris,omitempty"`

	// A list of allowed CORS origins. To permit all valid redirect URIs, add +. Note that this will not include the * wildcard. To permit all origins, explicitly add *."
	// +listType=set
	WebOrigins []*string `json:"webOrigins,omitempty" tf:"web_origins,omitempty"`
}

func (*ClientObservation) DeepCopy 

func (in *ClientObservation) DeepCopy() *ClientObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientObservation.

func (*ClientObservation) DeepCopyInto 

func (in *ClientObservation) DeepCopyInto(out *ClientObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientParameters 

type ClientParameters struct {

	// The amount of time in seconds before an access token expires. This will override the default for the realm.
	// +kubebuilder:validation:Optional
	AccessTokenLifespan *string `json:"accessTokenLifespan,omitempty" tf:"access_token_lifespan,omitempty"`

	// Specifies the type of client, which can be one of the following:
	// +kubebuilder:validation:Optional
	AccessType *string `json:"accessType,omitempty" tf:"access_type,omitempty"`

	// URL to the admin interface of the client.
	// +kubebuilder:validation:Optional
	AdminURL *string `json:"adminUrl,omitempty" tf:"admin_url,omitempty"`

	// Override realm authentication flow bindings
	// +kubebuilder:validation:Optional
	AuthenticationFlowBindingOverrides []AuthenticationFlowBindingOverridesParameters `json:"authenticationFlowBindingOverrides,omitempty" tf:"authentication_flow_binding_overrides,omitempty"`

	// When this block is present, fine-grained authorization will be enabled for this client. The client's access_type must be CONFIDENTIAL, and service_accounts_enabled must be true. This block has the following arguments:
	// +kubebuilder:validation:Optional
	Authorization []AuthorizationParameters `json:"authorization,omitempty" tf:"authorization,omitempty"`

	// Specifying whether a "revoke_offline_access" event is included in the Logout Token when the Backchannel Logout URL is used. Keycloak will revoke offline sessions when receiving a Logout Token with this event.
	// +kubebuilder:validation:Optional
	BackchannelLogoutRevokeOfflineSessions *bool `json:"backchannelLogoutRevokeOfflineSessions,omitempty" tf:"backchannel_logout_revoke_offline_sessions,omitempty"`

	// When true, a sid (session ID) claim will be included in the logout token when the backchannel logout URL is used. Defaults to true.
	// +kubebuilder:validation:Optional
	BackchannelLogoutSessionRequired *bool `json:"backchannelLogoutSessionRequired,omitempty" tf:"backchannel_logout_session_required,omitempty"`

	// The URL that will cause the client to log itself out when a logout request is sent to this realm. If omitted, no logout request will be sent to the client is this case.
	// +kubebuilder:validation:Optional
	BackchannelLogoutURL *string `json:"backchannelLogoutUrl,omitempty" tf:"backchannel_logout_url,omitempty"`

	// Default URL to use when the auth server needs to redirect or link back to the client.
	// +kubebuilder:validation:Optional
	BaseURL *string `json:"baseUrl,omitempty" tf:"base_url,omitempty"`

	// Defaults to client-secret. The authenticator type for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. A default Keycloak installation will have the following available types:
	// +kubebuilder:validation:Optional
	ClientAuthenticatorType *string `json:"clientAuthenticatorType,omitempty" tf:"client_authenticator_type,omitempty"`

	// The Client ID for this client, referenced in the URI during authentication and in issued tokens.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/openidclient/v1alpha1.Client
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// Reference to a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDRef *v1.Reference `json:"clientIdRef,omitempty" tf:"-"`

	// Selector for a Client in openidclient to populate clientId.
	// +kubebuilder:validation:Optional
	ClientIDSelector *v1.Selector `json:"clientIdSelector,omitempty" tf:"-"`

	// Time a client session is allowed to be idle before it expires. Tokens are invalidated when a client session is expired. If not set it uses the standard SSO Session Idle value.
	// +kubebuilder:validation:Optional
	ClientOfflineSessionIdleTimeout *string `json:"clientOfflineSessionIdleTimeout,omitempty" tf:"client_offline_session_idle_timeout,omitempty"`

	// Max time before a client session is expired. Tokens are invalidated when a client session is expired. If not set, it uses the standard SSO Session Max value.
	// +kubebuilder:validation:Optional
	ClientOfflineSessionMaxLifespan *string `json:"clientOfflineSessionMaxLifespan,omitempty" tf:"client_offline_session_max_lifespan,omitempty"`

	// The secret for clients with an access_type of CONFIDENTIAL or BEARER-ONLY. This value is sensitive and should be treated with the same care as a password. If omitted, this will be generated by Keycloak.
	// +kubebuilder:validation:Optional
	ClientSecretSecretRef *v1.SecretKeySelector `json:"clientSecretSecretRef,omitempty" tf:"-"`

	// Time a client offline session is allowed to be idle before it expires. Offline tokens are invalidated when a client offline session is expired. If not set it uses the Offline Session Idle value.
	// +kubebuilder:validation:Optional
	ClientSessionIdleTimeout *string `json:"clientSessionIdleTimeout,omitempty" tf:"client_session_idle_timeout,omitempty"`

	// Max time before a client offline session is expired. Offline tokens are invalidated when a client offline session is expired. If not set, it uses the Offline Session Max value.
	// +kubebuilder:validation:Optional
	ClientSessionMaxLifespan *string `json:"clientSessionMaxLifespan,omitempty" tf:"client_session_max_lifespan,omitempty"`

	// When true, users have to consent to client access. Defaults to false.
	// +kubebuilder:validation:Optional
	ConsentRequired *bool `json:"consentRequired,omitempty" tf:"consent_required,omitempty"`

	// The text to display on the consent screen about permissions specific to this client. This is applicable only when display_on_consent_screen is true.
	// +kubebuilder:validation:Optional
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client in the GUI.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// When true, the OAuth2 Resource Owner Password Grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	DirectAccessGrantsEnabled *bool `json:"directAccessGrantsEnabled,omitempty" tf:"direct_access_grants_enabled,omitempty"`

	// When true, the consent screen will display information about the client itself. Defaults to false. This is applicable only when consent_required is true.
	// +kubebuilder:validation:Optional
	DisplayOnConsentScreen *bool `json:"displayOnConsentScreen,omitempty" tf:"display_on_consent_screen,omitempty"`

	// When false, this client will not be able to initiate a login or obtain access tokens. Defaults to true.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// When true, the parameter session_state will not be included in OpenID Connect Authentication Response.
	// +kubebuilder:validation:Optional
	ExcludeSessionStateFromAuthResponse *bool `json:"excludeSessionStateFromAuthResponse,omitempty" tf:"exclude_session_state_from_auth_response,omitempty"`

	// A map of key/value pairs to add extra configuration attributes to this client. Use this attribute at your own risk, as it may conflict with top-level configuration attributes in future provider updates. For example, the extra_config map can be used to set Authentication Context Class Reference (ACR) to Level of Authentication (LoA) mapping
	// +kubebuilder:validation:Optional
	// +mapType=granular
	ExtraConfig map[string]*string `json:"extraConfig,omitempty" tf:"extra_config,omitempty"`

	// When true, frontchannel logout will be enabled for this client. Specify the url with frontchannel_logout_url. Defaults to false.
	// +kubebuilder:validation:Optional
	FrontchannelLogoutEnabled *bool `json:"frontchannelLogoutEnabled,omitempty" tf:"frontchannel_logout_enabled,omitempty"`

	// The frontchannel logout url. This is applicable only when frontchannel_logout_enabled is true.
	// +kubebuilder:validation:Optional
	FrontchannelLogoutURL *string `json:"frontchannelLogoutUrl,omitempty" tf:"frontchannel_logout_url,omitempty"`

	// Allow to include all roles mappings in the access token.
	// +kubebuilder:validation:Optional
	FullScopeAllowed *bool `json:"fullScopeAllowed,omitempty" tf:"full_scope_allowed,omitempty"`

	// When true, the OAuth2 Implicit Grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	ImplicitFlowEnabled *bool `json:"implicitFlowEnabled,omitempty" tf:"implicit_flow_enabled,omitempty"`

	// When true, the client with the specified client_id is assumed to already exist, and it will be imported into state instead of being created. This attribute is useful when dealing with clients that Keycloak creates automatically during realm creation, such as account and admin-cli. Note, that the client will not be removed during destruction if import is true.
	// +kubebuilder:validation:Optional
	Import *bool `json:"import,omitempty" tf:"import,omitempty"`

	// The client login theme. This will override the default theme for the realm.
	// +kubebuilder:validation:Optional
	LoginTheme *string `json:"loginTheme,omitempty" tf:"login_theme,omitempty"`

	// The display name of this client in the GUI.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// Enables support for OAuth 2.0 Device Authorization Grant, which means that client is an application on device that has limited input capabilities or lack a suitable browser.
	// +kubebuilder:validation:Optional
	Oauth2DeviceAuthorizationGrantEnabled *bool `json:"oauth2DeviceAuthorizationGrantEnabled,omitempty" tf:"oauth2_device_authorization_grant_enabled,omitempty"`

	// The maximum amount of time a client has to finish the device code flow before it expires.
	// +kubebuilder:validation:Optional
	Oauth2DeviceCodeLifespan *string `json:"oauth2DeviceCodeLifespan,omitempty" tf:"oauth2_device_code_lifespan,omitempty"`

	// The minimum amount of time in seconds that the client should wait between polling requests to the token endpoint.
	// +kubebuilder:validation:Optional
	Oauth2DevicePollingInterval *string `json:"oauth2DevicePollingInterval,omitempty" tf:"oauth2_device_polling_interval,omitempty"`

	// The challenge method to use for Proof Key for Code Exchange. Can be either plain or S256 or set to empty value “.
	// +kubebuilder:validation:Optional
	PkceCodeChallengeMethod *string `json:"pkceCodeChallengeMethod,omitempty" tf:"pkce_code_challenge_method,omitempty"`

	// The realm this client is attached to.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`

	// When specified, this URL is prepended to any relative URLs found within valid_redirect_uris, web_origins, and admin_url. NOTE: Due to limitations in the Keycloak API, when the root_url attribute is used, the valid_redirect_uris, web_origins, and admin_url attributes will be required.
	// +kubebuilder:validation:Optional
	RootURL *string `json:"rootUrl,omitempty" tf:"root_url,omitempty"`

	// When true, the OAuth2 Client Credentials grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	ServiceAccountsEnabled *bool `json:"serviceAccountsEnabled,omitempty" tf:"service_accounts_enabled,omitempty"`

	// When true, the OAuth2 Authorization Code Grant will be enabled for this client. Defaults to false.
	// +kubebuilder:validation:Optional
	StandardFlowEnabled *bool `json:"standardFlowEnabled,omitempty" tf:"standard_flow_enabled,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response. If this is false then no refresh_token will be generated.  Defaults to true.
	// +kubebuilder:validation:Optional
	UseRefreshTokens *bool `json:"useRefreshTokens,omitempty" tf:"use_refresh_tokens,omitempty"`

	// If this is true, a refresh_token will be created and added to the token response if the client_credentials grant is used and a user session will be created. If this is false then no refresh_token will be generated and the associated user session will be removed, in accordance with OAuth 2.0 RFC6749 Section 4.4.3. Defaults to false.
	// +kubebuilder:validation:Optional
	UseRefreshTokensClientCredentials *bool `json:"useRefreshTokensClientCredentials,omitempty" tf:"use_refresh_tokens_client_credentials,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful logout.
	// +kubebuilder:validation:Optional
	// +listType=set
	ValidPostLogoutRedirectUris []*string `json:"validPostLogoutRedirectUris,omitempty" tf:"valid_post_logout_redirect_uris,omitempty"`

	// A list of valid URIs a browser is permitted to redirect to after a successful login or logout. Simple
	// wildcards in the form of an asterisk can be used here. This attribute must be set if either standard_flow_enabled or implicit_flow_enabled
	// is set to true.
	// +kubebuilder:validation:Optional
	// +listType=set
	ValidRedirectUris []*string `json:"validRedirectUris,omitempty" tf:"valid_redirect_uris,omitempty"`

	// A list of allowed CORS origins. To permit all valid redirect URIs, add +. Note that this will not include the * wildcard. To permit all origins, explicitly add *."
	// +kubebuilder:validation:Optional
	// +listType=set
	WebOrigins []*string `json:"webOrigins,omitempty" tf:"web_origins,omitempty"`
}

func (*ClientParameters) DeepCopy 

func (in *ClientParameters) DeepCopy() *ClientParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientParameters.

func (*ClientParameters) DeepCopyInto 

func (in *ClientParameters) DeepCopyInto(out *ClientParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScope 

type ClientScope struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter"
	Spec   ClientScopeSpec   `json:"spec"`
	Status ClientScopeStatus `json:"status,omitempty"`
}

ClientScope is the Schema for the ClientScopes API. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,keycloak}

func (*ClientScope) DeepCopy 

func (in *ClientScope) DeepCopy() *ClientScope

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScope.

func (*ClientScope) DeepCopyInto 

func (in *ClientScope) DeepCopyInto(out *ClientScope)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientScope) DeepCopyObject 

func (in *ClientScope) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientScope) GetCondition 

func (mg *ClientScope) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ClientScope.

func (*ClientScope) GetConnectionDetailsMapping 

func (tr *ClientScope) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ClientScope

func (*ClientScope) GetDeletionPolicy 

func (mg *ClientScope) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ClientScope.

func (*ClientScope) GetID 

func (tr *ClientScope) GetID() string

GetID returns ID of underlying Terraform resource of this ClientScope

func (*ClientScope) GetInitParameters 

func (tr *ClientScope) GetInitParameters() (map[string]any, error)

GetInitParameters of this ClientScope

func (*ClientScope) GetManagementPolicies 

func (mg *ClientScope) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ClientScope.

func (*ClientScope) GetMergedParameters 

func (tr *ClientScope) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ClientScope

func (*ClientScope) GetObservation 

func (tr *ClientScope) GetObservation() (map[string]any, error)

GetObservation of this ClientScope

func (*ClientScope) GetParameters 

func (tr *ClientScope) GetParameters() (map[string]any, error)

GetParameters of this ClientScope

func (*ClientScope) GetProviderConfigReference 

func (mg *ClientScope) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ClientScope.

func (*ClientScope) GetPublishConnectionDetailsTo 

func (mg *ClientScope) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ClientScope.

func (*ClientScope) GetTerraformResourceType 

func (mg *ClientScope) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ClientScope

func (*ClientScope) GetTerraformSchemaVersion 

func (tr *ClientScope) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ClientScope) GetWriteConnectionSecretToReference 

func (mg *ClientScope) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ClientScope.

func (*ClientScope) Hub 

func (tr *ClientScope) Hub()

Hub marks this type as a conversion hub.

func (*ClientScope) LateInitialize 

func (tr *ClientScope) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ClientScope using its observed tfState. returns True if there are any spec changes for the resource.

func (*ClientScope) ResolveReferences 

func (mg *ClientScope) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this ClientScope.

func (*ClientScope) SetConditions 

func (mg *ClientScope) SetConditions(c ...xpv1.Condition)

SetConditions of this ClientScope.

func (*ClientScope) SetDeletionPolicy 

func (mg *ClientScope) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ClientScope.

func (*ClientScope) SetManagementPolicies 

func (mg *ClientScope) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ClientScope.

func (*ClientScope) SetObservation 

func (tr *ClientScope) SetObservation(obs map[string]any) error

SetObservation for this ClientScope

func (*ClientScope) SetParameters 

func (tr *ClientScope) SetParameters(params map[string]any) error

SetParameters for this ClientScope

func (*ClientScope) SetProviderConfigReference 

func (mg *ClientScope) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ClientScope.

func (*ClientScope) SetPublishConnectionDetailsTo 

func (mg *ClientScope) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ClientScope.

func (*ClientScope) SetWriteConnectionSecretToReference 

func (mg *ClientScope) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ClientScope.

type ClientScopeInitParameters 

type ClientScopeInitParameters struct {

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client scope in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder *float64 `json:"guiOrder,omitempty" tf:"gui_order,omitempty"`

	// When true, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
	IncludeInTokenScope *bool `json:"includeInTokenScope,omitempty" tf:"include_in_token_scope,omitempty"`

	// The display name of this client scope in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The realm this client scope belongs to.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/realm/v1alpha1.Realm
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*ClientScopeInitParameters) DeepCopy 

func (in *ClientScopeInitParameters) DeepCopy() *ClientScopeInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeInitParameters.

func (*ClientScopeInitParameters) DeepCopyInto 

func (in *ClientScopeInitParameters) DeepCopyInto(out *ClientScopeInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeList 

type ClientScopeList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClientScope `json:"items"`
}

ClientScopeList contains a list of ClientScopes

func (*ClientScopeList) DeepCopy 

func (in *ClientScopeList) DeepCopy() *ClientScopeList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeList.

func (*ClientScopeList) DeepCopyInto 

func (in *ClientScopeList) DeepCopyInto(out *ClientScopeList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientScopeList) DeepCopyObject 

func (in *ClientScopeList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClientScopeList) GetItems 

func (l *ClientScopeList) GetItems() []resource.Managed

GetItems of this ClientScopeList.

type ClientScopeObservation 

type ClientScopeObservation struct {

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client scope in the GUI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder *float64 `json:"guiOrder,omitempty" tf:"gui_order,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// When true, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
	IncludeInTokenScope *bool `json:"includeInTokenScope,omitempty" tf:"include_in_token_scope,omitempty"`

	// The display name of this client scope in the GUI.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The realm this client scope belongs to.
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`
}

func (*ClientScopeObservation) DeepCopy 

func (in *ClientScopeObservation) DeepCopy() *ClientScopeObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeObservation.

func (*ClientScopeObservation) DeepCopyInto 

func (in *ClientScopeObservation) DeepCopyInto(out *ClientScopeObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeParameters 

type ClientScopeParameters struct {

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	// +kubebuilder:validation:Optional
	ConsentScreenText *string `json:"consentScreenText,omitempty" tf:"consent_screen_text,omitempty"`

	// The description of this client scope in the GUI.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	// +kubebuilder:validation:Optional
	GuiOrder *float64 `json:"guiOrder,omitempty" tf:"gui_order,omitempty"`

	// When true, the name of this client scope will be added to the access token property 'scope' as well as to the Token Introspection Endpoint response.
	// +kubebuilder:validation:Optional
	IncludeInTokenScope *bool `json:"includeInTokenScope,omitempty" tf:"include_in_token_scope,omitempty"`

	// The display name of this client scope in the GUI.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The realm this client scope belongs to.
	// +crossplane:generate:reference:type=github.com/stakater/provider-keycloak/apis/realm/v1alpha1.Realm
	// +kubebuilder:validation:Optional
	RealmID *string `json:"realmId,omitempty" tf:"realm_id,omitempty"`

	// Reference to a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDRef *v1.Reference `json:"realmIdRef,omitempty" tf:"-"`

	// Selector for a Realm in realm to populate realmId.
	// +kubebuilder:validation:Optional
	RealmIDSelector *v1.Selector `json:"realmIdSelector,omitempty" tf:"-"`
}

func (*ClientScopeParameters) DeepCopy 

func (in *ClientScopeParameters) DeepCopy() *ClientScopeParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeParameters.

func (*ClientScopeParameters) DeepCopyInto 

func (in *ClientScopeParameters) DeepCopyInto(out *ClientScopeParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeSpec 

type ClientScopeSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ClientScopeParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ClientScopeInitParameters `json:"initProvider,omitempty"`
}

ClientScopeSpec defines the desired state of ClientScope

func (*ClientScopeSpec) DeepCopy 

func (in *ClientScopeSpec) DeepCopy() *ClientScopeSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeSpec.

func (*ClientScopeSpec) DeepCopyInto 

func (in *ClientScopeSpec) DeepCopyInto(out *ClientScopeSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientScopeStatus 

type ClientScopeStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ClientScopeObservation `json:"atProvider,omitempty"`
}

ClientScopeStatus defines the observed state of ClientScope.

func (*ClientScopeStatus) DeepCopy 

func (in *ClientScopeStatus) DeepCopy() *ClientScopeStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientScopeStatus.

func (*ClientScopeStatus) DeepCopyInto 

func (in *ClientScopeStatus) DeepCopyInto(out *ClientScopeStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientSpec 

type ClientSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ClientParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ClientInitParameters `json:"initProvider,omitempty"`
}

ClientSpec defines the desired state of Client

func (*ClientSpec) DeepCopy 

func (in *ClientSpec) DeepCopy() *ClientSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSpec.

func (*ClientSpec) DeepCopyInto 

func (in *ClientSpec) DeepCopyInto(out *ClientSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientStatus 

type ClientStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ClientObservation `json:"atProvider,omitempty"`
}

ClientStatus defines the observed state of Client.

func (*ClientStatus) DeepCopy 

func (in *ClientStatus) DeepCopy() *ClientStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientStatus.

func (*ClientStatus) DeepCopyInto 

func (in *ClientStatus) DeepCopyInto(out *ClientStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.