From 94de7ccc219ca9f23f191d7c1fe568049a4c1bf4 Mon Sep 17 00:00:00 2001 From: stustison Date: Wed, 21 Dec 2022 12:31:23 -0500 Subject: [PATCH] Added WebAuthn fields to the CRD --- ...y.k8s.keycloak.org_keycloakrealms_crd.yaml | 72 +++++++++++++++++ .../keycloak/v1alpha1/keycloakrealm_types.go | 80 +++++++++++++++++++ .../v1alpha1/zz_generated.deepcopy.go | 35 ++++++++ 3 files changed, 187 insertions(+) diff --git a/deploy/crds/legacy.k8s.keycloak.org_keycloakrealms_crd.yaml b/deploy/crds/legacy.k8s.keycloak.org_keycloakrealms_crd.yaml index ce55605d..93eb60c3 100644 --- a/deploy/crds/legacy.k8s.keycloak.org_keycloakrealms_crd.yaml +++ b/deploy/crds/legacy.k8s.keycloak.org_keycloakrealms_crd.yaml @@ -1375,6 +1375,78 @@ spec: description: Wait Increment format: int32 type: integer + webAuthnPolicyAcceptableAaguids: + description: WebAuthn Policy Acceptable Aaguids + items: + type: string + type: array + webAuthnPolicyAttestationConveyancePreference: + description: WebAuthn Policy Attestation Conveyance Preference + type: string + webAuthnPolicyAuthenticatorAttachment: + description: WebAuthn Policy Authenticator Attachment + type: string + webAuthnPolicyAvoidSameAuthenticatorRegister: + description: WebAuthn Policy Avoid Same Authenticator Register + type: boolean + webAuthnPolicyCreateTimeout: + description: WebAuthn Policy Create Timeout + format: int32 + type: integer + webAuthnPolicyPasswordlessAcceptableAaguids: + description: WebAuthn Policy Passwordless Acceptable Aaguids + items: + type: string + type: array + webAuthnPolicyPasswordlessAttestationConveyancePreference: + description: WebAuthn Policy Passwordless Attestation Conveyance + Preference + type: string + webAuthnPolicyPasswordlessAuthenticatorAttachment: + description: WebAuthn Policy Passwordless Authenticator Attachment + type: string + webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister: + description: WebAuthn Policy Passwordless Avoid Same Authenticator + Register + type: boolean + webAuthnPolicyPasswordlessCreateTimeout: + description: WebAuthn Policy Passwordless Create Timeout + format: int32 + type: integer + webAuthnPolicyPasswordlessRequireResidentKey: + description: WebAuthn Policy Passwordless Require Resident Key + type: string + webAuthnPolicyPasswordlessRpEntityName: + description: WebAuthn Policy Passwordless RP Entity Name + type: string + webAuthnPolicyPasswordlessRpId: + description: WebAuthn Policy Passwordless RP ID + type: string + webAuthnPolicyPasswordlessSignatureAlgorithms: + description: WebAuthn Policy Passwordless Signature Algorithms + items: + type: string + type: array + webAuthnPolicyPasswordlessUserVerificationRequirement: + description: WebAuthn Policy Passwordless User Verification Requirement + type: string + webAuthnPolicyRequireResidentKey: + description: WebAuthn Policy Require Resident Key + type: string + webAuthnPolicyRpEntityName: + description: WebAuthn Policy RP Entity Name + type: string + webAuthnPolicyRpId: + description: WebAuthn Policy RP ID + type: string + webAuthnPolicySignatureAlgorithms: + description: WebAuthn Policy Signature Algorithms + items: + type: string + type: array + webAuthnPolicyUserVerificationRequirement: + description: WebAuthn Policy User Verification Requirement + type: string required: - realm type: object diff --git a/pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go b/pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go index d2402917..d0d9d4a1 100644 --- a/pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go +++ b/pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go @@ -231,6 +231,86 @@ type KeycloakAPIRealm struct { // +optional OtpSupportedApplications []string `json:"otpSupportedApplications,omitempty"` + // WebAuthn Policy Acceptable Aaguids + // +optional + WebAuthnPolicyAcceptableAaguids []string `json:"webAuthnPolicyAcceptableAaguids,omitempty"` + + // WebAuthn Policy Attestation Conveyance Preference + // +optional + WebAuthnPolicyAttestationConveyancePreference string `json:"webAuthnPolicyAttestationConveyancePreference,omitempty"` + + // WebAuthn Policy Authenticator Attachment + // +optional + WebAuthnPolicyAuthenticatorAttachment string `json:"webAuthnPolicyAuthenticatorAttachment,omitempty"` + + // WebAuthn Policy Avoid Same Authenticator Register + // +optional + WebAuthnPolicyAvoidSameAuthenticatorRegister *bool `json:"webAuthnPolicyAvoidSameAuthenticatorRegister,omitempty"` + + // WebAuthn Policy Create Timeout + // +optional + WebAuthnPolicyCreateTimeout *int32 `json:"webAuthnPolicyCreateTimeout,omitempty"` + + // WebAuthn Policy Passwordless Acceptable Aaguids + // +optional + WebAuthnPolicyPasswordlessAcceptableAaguids []string `json:"webAuthnPolicyPasswordlessAcceptableAaguids,omitempty"` + + // WebAuthn Policy Passwordless Attestation Conveyance Preference + // +optional + WebAuthnPolicyPasswordlessAttestationConveyancePreference string `json:"webAuthnPolicyPasswordlessAttestationConveyancePreference,omitempty"` + + // WebAuthn Policy Passwordless Authenticator Attachment + // +optional + WebAuthnPolicyPasswordlessAuthenticatorAttachment string `json:"webAuthnPolicyPasswordlessAuthenticatorAttachment,omitempty"` + + // WebAuthn Policy Passwordless Avoid Same Authenticator Register + // +optional + WebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister *bool `json:"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister,omitempty"` + + // WebAuthn Policy Passwordless Create Timeout + // +optional + WebAuthnPolicyPasswordlessCreateTimeout *int32 `json:"webAuthnPolicyPasswordlessCreateTimeout,omitempty"` + + // WebAuthn Policy Passwordless Require Resident Key + // +optional + WebAuthnPolicyPasswordlessRequireResidentKey string `json:"webAuthnPolicyPasswordlessRequireResidentKey,omitempty"` + + // WebAuthn Policy Passwordless RP Entity Name + // +optional + WebAuthnPolicyPasswordlessRpEntityName string `json:"webAuthnPolicyPasswordlessRpEntityName,omitempty"` + + // WebAuthn Policy Passwordless RP ID + // +optional + WebAuthnPolicyPasswordlessRpID string `json:"webAuthnPolicyPasswordlessRpId,omitempty"` + + // WebAuthn Policy Passwordless Signature Algorithms + // +optional + WebAuthnPolicyPasswordlessSignatureAlgorithms []string `json:"webAuthnPolicyPasswordlessSignatureAlgorithms,omitempty"` + + // WebAuthn Policy Passwordless User Verification Requirement + // +optional + WebAuthnPolicyPasswordlessUserVerificationRequirement string `json:"webAuthnPolicyPasswordlessUserVerificationRequirement,omitempty"` + + // WebAuthn Policy Require Resident Key + // +optional + WebAuthnPolicyRequireResidentKey string `json:"webAuthnPolicyRequireResidentKey,omitempty"` + + // WebAuthn Policy RP Entity Name + // +optional + WebAuthnPolicyRpEntityName string `json:"webAuthnPolicyRpEntityName,omitempty"` + + // WebAuthn Policy RP ID + // +optional + WebAuthnPolicyRpID string `json:"webAuthnPolicyRpId,omitempty"` + + // WebAuthn Policy Signature Algorithms + // +optional + WebAuthnPolicySignatureAlgorithms []string `json:"webAuthnPolicySignatureAlgorithms,omitempty"` + + // WebAuthn Policy User Verification Requirement + // +optional + WebAuthnPolicyUserVerificationRequirement string `json:"webAuthnPolicyUserVerificationRequirement,omitempty"` + // Browser authentication flow // +optional BrowserFlow string `json:"browserFlow,omitempty"` diff --git a/pkg/apis/keycloak/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/keycloak/v1alpha1/zz_generated.deepcopy.go index dd2502e1..0cf2a01f 100644 --- a/pkg/apis/keycloak/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/keycloak/v1alpha1/zz_generated.deepcopy.go @@ -592,6 +592,41 @@ func (in *KeycloakAPIRealm) DeepCopyInto(out *KeycloakAPIRealm) { *out = make([]string, len(*in)) copy(*out, *in) } + if in.WebAuthnPolicyAcceptableAaguids != nil { + in, out := &in.WebAuthnPolicyAcceptableAaguids, &out.WebAuthnPolicyAcceptableAaguids + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.WebAuthnPolicyCreateTimeout != nil { + in, out := &in.WebAuthnPolicyCreateTimeout, &out.WebAuthnPolicyCreateTimeout + *out = new(int32) + **out = **in + } + if in.WebAuthnPolicyPasswordlessAcceptableAaguids != nil { + in, out := &in.WebAuthnPolicyPasswordlessAcceptableAaguids, &out.WebAuthnPolicyPasswordlessAcceptableAaguids + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.WebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister != nil { + in, out := &in.WebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister, &out.WebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister + *out = new(bool) + **out = **in + } + if in.WebAuthnPolicyPasswordlessCreateTimeout != nil { + in, out := &in.WebAuthnPolicyPasswordlessCreateTimeout, &out.WebAuthnPolicyPasswordlessCreateTimeout + *out = new(int32) + **out = **in + } + if in.WebAuthnPolicyPasswordlessSignatureAlgorithms != nil { + in, out := &in.WebAuthnPolicyPasswordlessSignatureAlgorithms, &out.WebAuthnPolicyPasswordlessSignatureAlgorithms + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.WebAuthnPolicySignatureAlgorithms != nil { + in, out := &in.WebAuthnPolicySignatureAlgorithms, &out.WebAuthnPolicySignatureAlgorithms + *out = make([]string, len(*in)) + copy(*out, *in) + } return }