From 0d9ef5ea037d29a892e84c548e5fbdcde8150146 Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Wed, 16 Aug 2023 09:08:34 +1000 Subject: [PATCH 01/10] added given name, family name and company --- api/v1alpha1/usersignup_types.go | 25 ++++++++++ api/v1alpha1/zz_generated.deepcopy.go | 16 +++++++ api/v1alpha1/zz_generated.openapi.go | 69 ++++++++++++++++++++++++++- 3 files changed, 108 insertions(+), 2 deletions(-) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index 120445d7..05c407e5 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -195,6 +195,31 @@ type UserSignupSpec struct { // a new IdP provider client, and contains the user's "original-sub" claim // +optional OriginalSub string `json:"originalSub,omitempty"` + + // IdentityClaims contains as-is claim values extracted from the user's access token + IdentityClaims IdentityClaimsEmbedded `json:"identitytokenClaims,omitempty"` +} + +// IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing +// +k8s:openapi-gen=true +type IdentityClaimsEmbedded struct { + // Sub contains the value of the 'sub' claim + Sub string `json:"sub,omitempty"` + + // UserID contains the value of the 'user_id' claim + UserID string `json:"userID,omitempty"` + + // AccountID contains the value of the 'account_id' claim + AccountID string `json:"accountID,omitempty"` + + // GivenName contains the value of the 'given_name' claim + GivenName string `json:"givenName,omitempty"` + + // FamilyName contains the value of the 'family_name' claim + FamilyName string `json:"familyName,omitempty"` + + // Company contains the value of the 'company' claim + Company string `json:"company,omitempty"` } // UserSignupStatus defines the observed state of UserSignup diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 4d081831..b4d3e75e 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -551,6 +551,21 @@ func (in *HostStatus) DeepCopy() *HostStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdentityClaimsEmbedded) DeepCopyInto(out *IdentityClaimsEmbedded) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityClaimsEmbedded. +func (in *IdentityClaimsEmbedded) DeepCopy() *IdentityClaimsEmbedded { + if in == nil { + return nil + } + out := new(IdentityClaimsEmbedded) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Idler) DeepCopyInto(out *Idler) { *out = *in @@ -3448,6 +3463,7 @@ func (in *UserSignupSpec) DeepCopyInto(out *UserSignupSpec) { *out = make([]UserSignupState, len(*in)) copy(*out, *in) } + out.IdentityClaims = in.IdentityClaims } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSignupSpec. diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index ec8be80f..685918e6 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -45,6 +45,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/codeready-toolchain/api/api/v1alpha1.HostOperatorStatus": schema_codeready_toolchain_api_api_v1alpha1_HostOperatorStatus(ref), "github.com/codeready-toolchain/api/api/v1alpha1.HostRegistrationServiceStatus": schema_codeready_toolchain_api_api_v1alpha1_HostRegistrationServiceStatus(ref), "github.com/codeready-toolchain/api/api/v1alpha1.HostRoutes": schema_codeready_toolchain_api_api_v1alpha1_HostRoutes(ref), + "github.com/codeready-toolchain/api/api/v1alpha1.IdentityClaimsEmbedded": schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref), "github.com/codeready-toolchain/api/api/v1alpha1.Idler": schema_codeready_toolchain_api_api_v1alpha1_Idler(ref), "github.com/codeready-toolchain/api/api/v1alpha1.IdlerSpec": schema_codeready_toolchain_api_api_v1alpha1_IdlerSpec(ref), "github.com/codeready-toolchain/api/api/v1alpha1.IdlerStatus": schema_codeready_toolchain_api_api_v1alpha1_IdlerStatus(ref), @@ -843,6 +844,61 @@ func schema_codeready_toolchain_api_api_v1alpha1_HostRoutes(ref common.Reference } } +func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "sub": { + SchemaProps: spec.SchemaProps{ + Description: "Sub contains the value of the 'sub' claim", + Type: []string{"string"}, + Format: "", + }, + }, + "userID": { + SchemaProps: spec.SchemaProps{ + Description: "UserID contains the value of the 'user_id' claim", + Type: []string{"string"}, + Format: "", + }, + }, + "accountID": { + SchemaProps: spec.SchemaProps{ + Description: "AccountID contains the value of the 'account_id' claim", + Type: []string{"string"}, + Format: "", + }, + }, + "givenName": { + SchemaProps: spec.SchemaProps{ + Description: "GivenName contains the value of the 'given_name' claim", + Type: []string{"string"}, + Format: "", + }, + }, + "familyName": { + SchemaProps: spec.SchemaProps{ + Description: "FamilyName contains the value of the 'family_name' claim", + Type: []string{"string"}, + Format: "", + }, + }, + "company": { + SchemaProps: spec.SchemaProps{ + Description: "Company contains the value of the 'company' claim", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + func schema_codeready_toolchain_api_api_v1alpha1_Idler(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -3438,14 +3494,14 @@ func schema_codeready_toolchain_api_api_v1alpha1_SpaceConfig(ref common.Referenc Properties: map[string]spec.Schema{ "spaceRequestEnabled": { SchemaProps: spec.SchemaProps{ - Description: "SpaceRequestEnabled specifies whether the SpaceRequest controller should start or not. This is specifically useful in order to enable/disable this functionality from configuration (e.g. disabled by default in Sandbox and enabled only for StoneSoup stage/prod ...).", + Description: "SpaceRequestEnabled specifies whether the SpaceRequest controller should start or not. This is specifically useful in order to enable/disable this functionality from configuration (e.g. disabled by default in Sandbox and enabled only for AppStudio stage/prod ...).", Type: []string{"boolean"}, Format: "", }, }, "spaceBindingRequestEnabled": { SchemaProps: spec.SchemaProps{ - Description: "SpaceBindingRequestEnabled specifies whether the SpaceBindingRequest controller should start or not. This is specifically useful in order to enable/disable this functionality from configuration (e.g. disabled by default in Sandbox and enabled only for StoneSoup stage/prod ...).", + Description: "SpaceBindingRequestEnabled specifies whether the SpaceBindingRequest controller should start or not. This is specifically useful in order to enable/disable this functionality from configuration (e.g. disabled by default in Sandbox and enabled only for AppStudio stage/prod ...).", Type: []string{"boolean"}, Format: "", }, @@ -4599,10 +4655,19 @@ func schema_codeready_toolchain_api_api_v1alpha1_UserSignupSpec(ref common.Refer Format: "", }, }, + "identitytokenClaims": { + SchemaProps: spec.SchemaProps{ + Description: "IdentityClaims contains as-is claim values extracted from the user's access token", + Default: map[string]interface{}{}, + Ref: ref("github.com/codeready-toolchain/api/api/v1alpha1.IdentityClaimsEmbedded"), + }, + }, }, Required: []string{"userid", "username"}, }, }, + Dependencies: []string{ + "github.com/codeready-toolchain/api/api/v1alpha1.IdentityClaimsEmbedded"}, } } From e89c2c1bbac164bb0dfbdf741d21d59d7c3958ba Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Tue, 22 Aug 2023 08:57:37 +1000 Subject: [PATCH 02/10] regenerated --- api/v1alpha1/usersignup_types.go | 8 ++++++++ api/v1alpha1/zz_generated.openapi.go | 7 +++++++ 2 files changed, 15 insertions(+) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index 05c407e5..afaa5a90 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -213,13 +213,21 @@ type IdentityClaimsEmbedded struct { AccountID string `json:"accountID,omitempty"` // GivenName contains the value of the 'given_name' claim + // +optional GivenName string `json:"givenName,omitempty"` // FamilyName contains the value of the 'family_name' claim + // +optional FamilyName string `json:"familyName,omitempty"` // Company contains the value of the 'company' claim + // +optional Company string `json:"company,omitempty"` + + // OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to + // a new IdP provider client, and contains the user's "original-sub" claim + // +optional + OriginalSub string `json:"originalSub,omitempty"` } // UserSignupStatus defines the observed state of UserSignup diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index 25d5daf6..41ce813c 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -894,6 +894,13 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm Format: "", }, }, + "originalSub": { + SchemaProps: spec.SchemaProps{ + Description: "OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to a new IdP provider client, and contains the user's \"original-sub\" claim", + Type: []string{"string"}, + Format: "", + }, + }, }, }, }, From ed29c3b5c70c181ce7ed09293eedc69e5ee3540f Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Thu, 7 Sep 2023 10:08:09 +1000 Subject: [PATCH 03/10] updated --- api/v1alpha1/masteruserrecord_types.go | 4 ++ api/v1alpha1/useraccount_types.go | 4 ++ api/v1alpha1/usersignup_types.go | 21 +++++++--- api/v1alpha1/zz_generated.deepcopy.go | 18 +++++++++ api/v1alpha1/zz_generated.openapi.go | 53 ++++++++++++++++++-------- 5 files changed, 79 insertions(+), 21 deletions(-) diff --git a/api/v1alpha1/masteruserrecord_types.go b/api/v1alpha1/masteruserrecord_types.go index bdf24e1b..62c2d122 100644 --- a/api/v1alpha1/masteruserrecord_types.go +++ b/api/v1alpha1/masteruserrecord_types.go @@ -80,6 +80,10 @@ type MasterUserRecordSpec struct { // temporarily marked as optional until the migration took place (CRT-1321) // +optional TierName string `json:"tierName,omitempty"` + + // PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to + // be "propagated" down the resource dependency chain + PropagatedClaims PropagatedClaims `json:"propagatedClaims,omitempty"` } type UserAccountEmbedded struct { diff --git a/api/v1alpha1/useraccount_types.go b/api/v1alpha1/useraccount_types.go index 23ee9971..3b0e7d1c 100644 --- a/api/v1alpha1/useraccount_types.go +++ b/api/v1alpha1/useraccount_types.go @@ -44,6 +44,10 @@ type UserAccountSpec struct { // a new IdP provider client, and contains the user's "original-sub" claim // +optional OriginalSub string `json:"originalSub,omitempty"` + + // PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to + // be "propagated" down the resource dependency chain + PropagatedClaims PropagatedClaims `json:"propagatedClaims,omitempty"` } // UserAccountStatus defines the observed state of UserAccount diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index afaa5a90..6ea19791 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -197,20 +197,21 @@ type UserSignupSpec struct { OriginalSub string `json:"originalSub,omitempty"` // IdentityClaims contains as-is claim values extracted from the user's access token - IdentityClaims IdentityClaimsEmbedded `json:"identitytokenClaims,omitempty"` + IdentityClaims IdentityClaimsEmbedded `json:"identityClaims,omitempty"` } // IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing // +k8s:openapi-gen=true type IdentityClaimsEmbedded struct { + + // PropagatedClaims + PropagatedClaims PropagatedClaims `json:",inline"` + // Sub contains the value of the 'sub' claim Sub string `json:"sub,omitempty"` - // UserID contains the value of the 'user_id' claim - UserID string `json:"userID,omitempty"` - - // AccountID contains the value of the 'account_id' claim - AccountID string `json:"accountID,omitempty"` + // Email contains the user's email address + Email string `json:"email,omitempty"` // GivenName contains the value of the 'given_name' claim // +optional @@ -223,6 +224,14 @@ type IdentityClaimsEmbedded struct { // Company contains the value of the 'company' claim // +optional Company string `json:"company,omitempty"` +} + +type PropagatedClaims struct { + // UserID contains the value of the 'user_id' claim + UserID string `json:"userID,omitempty"` + + // AccountID contains the value of the 'account_id' claim + AccountID string `json:"accountID,omitempty"` // OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to // a new IdP provider client, and contains the user's "original-sub" claim diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 30aaecd6..d5de621d 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -554,6 +554,7 @@ func (in *HostStatus) DeepCopy() *HostStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IdentityClaimsEmbedded) DeepCopyInto(out *IdentityClaimsEmbedded) { *out = *in + out.PropagatedClaims = in.PropagatedClaims } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityClaimsEmbedded. @@ -751,6 +752,7 @@ func (in *MasterUserRecordSpec) DeepCopyInto(out *MasterUserRecordSpec) { *out = make([]UserAccountEmbedded, len(*in)) copy(*out, *in) } + out.PropagatedClaims = in.PropagatedClaims } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MasterUserRecordSpec. @@ -1728,6 +1730,21 @@ func (in *Pod) DeepCopy() *Pod { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PropagatedClaims) DeepCopyInto(out *PropagatedClaims) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PropagatedClaims. +func (in *PropagatedClaims) DeepCopy() *PropagatedClaims { + if in == nil { + return nil + } + out := new(PropagatedClaims) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProxyPlugin) DeepCopyInto(out *ProxyPlugin) { *out = *in @@ -3372,6 +3389,7 @@ func (in *UserAccountList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserAccountSpec) DeepCopyInto(out *UserAccountSpec) { *out = *in + out.PropagatedClaims = in.PropagatedClaims } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserAccountSpec. diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index 41ce813c..021bec53 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -852,23 +852,37 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm Description: "IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "sub": { + "userID": { SchemaProps: spec.SchemaProps{ - Description: "Sub contains the value of the 'sub' claim", + Description: "UserID contains the value of the 'user_id' claim", Type: []string{"string"}, Format: "", }, }, - "userID": { + "accountID": { SchemaProps: spec.SchemaProps{ - Description: "UserID contains the value of the 'user_id' claim", + Description: "AccountID contains the value of the 'account_id' claim", Type: []string{"string"}, Format: "", }, }, - "accountID": { + "originalSub": { SchemaProps: spec.SchemaProps{ - Description: "AccountID contains the value of the 'account_id' claim", + Description: "OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to a new IdP provider client, and contains the user's \"original-sub\" claim", + Type: []string{"string"}, + Format: "", + }, + }, + "sub": { + SchemaProps: spec.SchemaProps{ + Description: "Sub contains the value of the 'sub' claim", + Type: []string{"string"}, + Format: "", + }, + }, + "email": { + SchemaProps: spec.SchemaProps{ + Description: "Email contains the user's email address", Type: []string{"string"}, Format: "", }, @@ -894,13 +908,6 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm Format: "", }, }, - "originalSub": { - SchemaProps: spec.SchemaProps{ - Description: "OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to a new IdP provider client, and contains the user's \"original-sub\" claim", - Type: []string{"string"}, - Format: "", - }, - }, }, }, }, @@ -1166,12 +1173,19 @@ func schema_codeready_toolchain_api_api_v1alpha1_MasterUserRecordSpec(ref common Format: "", }, }, + "propagatedClaims": { + SchemaProps: spec.SchemaProps{ + Description: "PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to be \"propagated\" down the resource dependency chain", + Default: map[string]interface{}{}, + Ref: ref("github.com/codeready-toolchain/api/api/v1alpha1.PropagatedClaims"), + }, + }, }, Required: []string{"userID"}, }, }, Dependencies: []string{ - "github.com/codeready-toolchain/api/api/v1alpha1.UserAccountEmbedded"}, + "github.com/codeready-toolchain/api/api/v1alpha1.PropagatedClaims", "github.com/codeready-toolchain/api/api/v1alpha1.UserAccountEmbedded"}, } } @@ -4553,10 +4567,19 @@ func schema_codeready_toolchain_api_api_v1alpha1_UserAccountSpec(ref common.Refe Format: "", }, }, + "propagatedClaims": { + SchemaProps: spec.SchemaProps{ + Description: "PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to be \"propagated\" down the resource dependency chain", + Default: map[string]interface{}{}, + Ref: ref("github.com/codeready-toolchain/api/api/v1alpha1.PropagatedClaims"), + }, + }, }, Required: []string{"userID"}, }, }, + Dependencies: []string{ + "github.com/codeready-toolchain/api/api/v1alpha1.PropagatedClaims"}, } } @@ -4724,7 +4747,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_UserSignupSpec(ref common.Refer Format: "", }, }, - "identitytokenClaims": { + "identityClaims": { SchemaProps: spec.SchemaProps{ Description: "IdentityClaims contains as-is claim values extracted from the user's access token", Default: map[string]interface{}{}, From eb15fc08b37581373f497ff5563fb92a1cc7f847 Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Thu, 7 Sep 2023 10:12:58 +1000 Subject: [PATCH 04/10] added optional flag --- api/v1alpha1/masteruserrecord_types.go | 1 + api/v1alpha1/useraccount_types.go | 1 + 2 files changed, 2 insertions(+) diff --git a/api/v1alpha1/masteruserrecord_types.go b/api/v1alpha1/masteruserrecord_types.go index 62c2d122..7d303dbb 100644 --- a/api/v1alpha1/masteruserrecord_types.go +++ b/api/v1alpha1/masteruserrecord_types.go @@ -83,6 +83,7 @@ type MasterUserRecordSpec struct { // PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to // be "propagated" down the resource dependency chain + // +optional PropagatedClaims PropagatedClaims `json:"propagatedClaims,omitempty"` } diff --git a/api/v1alpha1/useraccount_types.go b/api/v1alpha1/useraccount_types.go index 3b0e7d1c..d20e766c 100644 --- a/api/v1alpha1/useraccount_types.go +++ b/api/v1alpha1/useraccount_types.go @@ -47,6 +47,7 @@ type UserAccountSpec struct { // PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to // be "propagated" down the resource dependency chain + // +optional PropagatedClaims PropagatedClaims `json:"propagatedClaims,omitempty"` } From 1bf05e3996c295ae6af1342eaf4a2374408717e2 Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Thu, 7 Sep 2023 10:19:45 +1000 Subject: [PATCH 05/10] added optional flags --- api/v1alpha1/usersignup_types.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index 1cf47924..f5512288 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -198,6 +198,7 @@ type UserSignupSpec struct { OriginalSub string `json:"originalSub,omitempty"` // IdentityClaims contains as-is claim values extracted from the user's access token + // +optional IdentityClaims IdentityClaimsEmbedded `json:"identityClaims,omitempty"` } @@ -229,9 +230,11 @@ type IdentityClaimsEmbedded struct { type PropagatedClaims struct { // UserID contains the value of the 'user_id' claim + // +optional UserID string `json:"userID,omitempty"` // AccountID contains the value of the 'account_id' claim + // +optional AccountID string `json:"accountID,omitempty"` // OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to From 31eab042687fa108b43669e6f3c1f0b16afafdf1 Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Thu, 7 Sep 2023 19:08:38 +1000 Subject: [PATCH 06/10] improvement --- api/v1alpha1/usersignup_types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index f5512288..8d5afac0 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -207,7 +207,7 @@ type UserSignupSpec struct { type IdentityClaimsEmbedded struct { // PropagatedClaims - PropagatedClaims PropagatedClaims `json:",inline"` + PropagatedClaims `json:",inline"` // Sub contains the value of the 'sub' claim Sub string `json:"sub,omitempty"` From 682336d51deaa9754e7f15d5bdaf200288237adb Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Thu, 7 Sep 2023 19:26:26 +1000 Subject: [PATCH 07/10] make email required --- api/v1alpha1/usersignup_types.go | 2 +- api/v1alpha1/zz_generated.openapi.go | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index 8d5afac0..e72eb43e 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -213,7 +213,7 @@ type IdentityClaimsEmbedded struct { Sub string `json:"sub,omitempty"` // Email contains the user's email address - Email string `json:"email,omitempty"` + Email string `json:"email"` // GivenName contains the value of the 'given_name' claim // +optional diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index 021bec53..17e94cef 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -883,6 +883,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm "email": { SchemaProps: spec.SchemaProps{ Description: "Email contains the user's email address", + Default: "", Type: []string{"string"}, Format: "", }, @@ -909,6 +910,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm }, }, }, + Required: []string{"email"}, }, }, } From 58105119d29c05682588a02defeb36b647172e3b Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Thu, 7 Sep 2023 21:10:50 +1000 Subject: [PATCH 08/10] added username --- api/v1alpha1/usersignup_types.go | 3 +++ api/v1alpha1/zz_generated.openapi.go | 7 +++++++ 2 files changed, 10 insertions(+) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index e72eb43e..2aca30f9 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -212,6 +212,9 @@ type IdentityClaimsEmbedded struct { // Sub contains the value of the 'sub' claim Sub string `json:"sub,omitempty"` + // PreferredUsername contains the user's username + PreferredUsername string `json:"preferredUsername,omitempty"` + // Email contains the user's email address Email string `json:"email"` diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index 17e94cef..695ac579 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -880,6 +880,13 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm Format: "", }, }, + "preferredUsername": { + SchemaProps: spec.SchemaProps{ + Description: "PreferredUsername contains the user's username", + Type: []string{"string"}, + Format: "", + }, + }, "email": { SchemaProps: spec.SchemaProps{ Description: "Email contains the user's email address", From 46f951caf1dc8528f259dba33256d761f57932ce Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Fri, 8 Sep 2023 05:19:01 +1000 Subject: [PATCH 09/10] make usernames required --- api/v1alpha1/usersignup_types.go | 2 +- api/v1alpha1/zz_generated.openapi.go | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index 2aca30f9..238192c0 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -213,7 +213,7 @@ type IdentityClaimsEmbedded struct { Sub string `json:"sub,omitempty"` // PreferredUsername contains the user's username - PreferredUsername string `json:"preferredUsername,omitempty"` + PreferredUsername string `json:"preferredUsername"` // Email contains the user's email address Email string `json:"email"` diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index 695ac579..c24e7cb9 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -883,6 +883,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm "preferredUsername": { SchemaProps: spec.SchemaProps{ Description: "PreferredUsername contains the user's username", + Default: "", Type: []string{"string"}, Format: "", }, @@ -917,7 +918,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm }, }, }, - Required: []string{"email"}, + Required: []string{"preferredUsername", "email"}, }, }, } From f7d8a3c8fd7a4552cc00bd95a5c780c80c716639 Mon Sep 17 00:00:00 2001 From: Shane Bryzak Date: Fri, 8 Sep 2023 15:09:01 +1000 Subject: [PATCH 10/10] moved sub to propagated claims --- api/v1alpha1/usersignup_types.go | 6 +++--- api/v1alpha1/zz_generated.openapi.go | 17 +++++++++-------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go index 238192c0..0de4b925 100644 --- a/api/v1alpha1/usersignup_types.go +++ b/api/v1alpha1/usersignup_types.go @@ -209,9 +209,6 @@ type IdentityClaimsEmbedded struct { // PropagatedClaims PropagatedClaims `json:",inline"` - // Sub contains the value of the 'sub' claim - Sub string `json:"sub,omitempty"` - // PreferredUsername contains the user's username PreferredUsername string `json:"preferredUsername"` @@ -232,6 +229,9 @@ type IdentityClaimsEmbedded struct { } type PropagatedClaims struct { + // Sub contains the value of the 'sub' claim + Sub string `json:"sub"` + // UserID contains the value of the 'user_id' claim // +optional UserID string `json:"userID,omitempty"` diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go index c24e7cb9..cca27c40 100644 --- a/api/v1alpha1/zz_generated.openapi.go +++ b/api/v1alpha1/zz_generated.openapi.go @@ -852,6 +852,14 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm Description: "IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "sub": { + SchemaProps: spec.SchemaProps{ + Description: "Sub contains the value of the 'sub' claim", + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, "userID": { SchemaProps: spec.SchemaProps{ Description: "UserID contains the value of the 'user_id' claim", @@ -873,13 +881,6 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm Format: "", }, }, - "sub": { - SchemaProps: spec.SchemaProps{ - Description: "Sub contains the value of the 'sub' claim", - Type: []string{"string"}, - Format: "", - }, - }, "preferredUsername": { SchemaProps: spec.SchemaProps{ Description: "PreferredUsername contains the user's username", @@ -918,7 +919,7 @@ func schema_codeready_toolchain_api_api_v1alpha1_IdentityClaimsEmbedded(ref comm }, }, }, - Required: []string{"preferredUsername", "email"}, + Required: []string{"sub", "preferredUsername", "email"}, }, }, }