Added WebAuthn fields to the CRD

deploy/crds/legacy.k8s.keycloak.org_keycloakrealms_crd.yaml

@@ -1375,6 +1375,78 @@ spec:
                     description: Wait Increment
                     format: int32
                     type: integer
+                  webAuthnPolicyAcceptableAaguids:
+                    description: WebAuthn Policy Acceptable Aaguids
+                    items:
+                      type: string
+                    type: array
+                  webAuthnPolicyAttestationConveyancePreference:
+                    description: WebAuthn Policy Attestation Conveyance Preference
+                    type: string
+                  webAuthnPolicyAuthenticatorAttachment:
+                    description: WebAuthn Policy Authenticator Attachment
+                    type: string
+                  webAuthnPolicyAvoidSameAuthenticatorRegister:
+                    description: WebAuthn Policy Avoid Same Authenticator Register
+                    type: boolean
+                  webAuthnPolicyCreateTimeout:
+                    description: WebAuthn Policy Create Timeout
+                    format: int32
+                    type: integer
+                  webAuthnPolicyPasswordlessAcceptableAaguids:
+                    description: WebAuthn Policy Passwordless Acceptable Aaguids
+                    items:
+                      type: string
+                    type: array
+                  webAuthnPolicyPasswordlessAttestationConveyancePreference:
+                    description: WebAuthn Policy Passwordless Attestation Conveyance
+                      Preference
+                    type: string
+                  webAuthnPolicyPasswordlessAuthenticatorAttachment:
+                    description: WebAuthn Policy Passwordless Authenticator Attachment
+                    type: string
+                  webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister:
+                    description: WebAuthn Policy Passwordless Avoid Same Authenticator
+                      Register
+                    type: boolean
+                  webAuthnPolicyPasswordlessCreateTimeout:
+                    description: WebAuthn Policy Passwordless Create Timeout
+                    format: int32
+                    type: integer
+                  webAuthnPolicyPasswordlessRequireResidentKey:
+                    description: WebAuthn Policy Passwordless Require Resident Key
+                    type: string
+                  webAuthnPolicyPasswordlessRpEntityName:
+                    description: WebAuthn Policy Passwordless RP Entity Name
+                    type: string
+                  webAuthnPolicyPasswordlessRpId:
+                    description: WebAuthn Policy Passwordless RP ID
+                    type: string
+                  webAuthnPolicyPasswordlessSignatureAlgorithms:
+                    description: WebAuthn Policy Passwordless Signature Algorithms
+                    items:
+                      type: string
+                    type: array
+                  webAuthnPolicyPasswordlessUserVerificationRequirement:
+                    description: WebAuthn Policy Passwordless User Verification Requirement
+                    type: string
+                  webAuthnPolicyRequireResidentKey:
+                    description: WebAuthn Policy Require Resident Key
+                    type: string
+                  webAuthnPolicyRpEntityName:
+                    description: WebAuthn Policy RP Entity Name
+                    type: string
+                  webAuthnPolicyRpId:
+                    description: WebAuthn Policy RP ID
+                    type: string
+                  webAuthnPolicySignatureAlgorithms:
+                    description: WebAuthn Policy Signature Algorithms
+                    items:
+                      type: string
+                    type: array
+                  webAuthnPolicyUserVerificationRequirement:
+                    description: WebAuthn Policy User Verification Requirement
+                    type: string
                 required:
                 - realm
                 type: object

pkg/apis/keycloak/v1alpha1/keycloakrealm_types.go

@@ -231,6 +231,86 @@ type KeycloakAPIRealm struct {
 	// +optional
 	OtpSupportedApplications []string `json:"otpSupportedApplications,omitempty"`
 
+	// WebAuthn Policy Acceptable Aaguids
+	// +optional
+	WebAuthnPolicyAcceptableAaguids []string `json:"webAuthnPolicyAcceptableAaguids,omitempty"`
+
+	// WebAuthn Policy Attestation Conveyance Preference
+	// +optional
+	WebAuthnPolicyAttestationConveyancePreference string `json:"webAuthnPolicyAttestationConveyancePreference,omitempty"`
+
+	// WebAuthn Policy Authenticator Attachment
+	// +optional
+	WebAuthnPolicyAuthenticatorAttachment string `json:"webAuthnPolicyAuthenticatorAttachment,omitempty"`
+
+	// WebAuthn Policy Avoid Same Authenticator Register
+	// +optional
+	WebAuthnPolicyAvoidSameAuthenticatorRegister *bool `json:"webAuthnPolicyAvoidSameAuthenticatorRegister,omitempty"`
+
+	// WebAuthn Policy Create Timeout
+	// +optional
+	WebAuthnPolicyCreateTimeout *int32 `json:"webAuthnPolicyCreateTimeout,omitempty"`
+
+	// WebAuthn Policy Passwordless Acceptable Aaguids
+	// +optional
+	WebAuthnPolicyPasswordlessAcceptableAaguids []string `json:"webAuthnPolicyPasswordlessAcceptableAaguids,omitempty"`
+
+	// WebAuthn Policy Passwordless Attestation Conveyance Preference
+	// +optional
+	WebAuthnPolicyPasswordlessAttestationConveyancePreference string `json:"webAuthnPolicyPasswordlessAttestationConveyancePreference,omitempty"`
+
+	// WebAuthn Policy Passwordless Authenticator Attachment
+	// +optional
+	WebAuthnPolicyPasswordlessAuthenticatorAttachment string `json:"webAuthnPolicyPasswordlessAuthenticatorAttachment,omitempty"`
+
+	// WebAuthn Policy Passwordless Avoid Same Authenticator Register
+	// +optional
+	WebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister *bool `json:"webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister,omitempty"`
+
+	// WebAuthn Policy Passwordless Create Timeout
+	// +optional
+	WebAuthnPolicyPasswordlessCreateTimeout *int32 `json:"webAuthnPolicyPasswordlessCreateTimeout,omitempty"`
+
+	// WebAuthn Policy Passwordless Require Resident Key
+	// +optional
+	WebAuthnPolicyPasswordlessRequireResidentKey string `json:"webAuthnPolicyPasswordlessRequireResidentKey,omitempty"`
+
+	// WebAuthn Policy Passwordless RP Entity Name
+	// +optional
+	WebAuthnPolicyPasswordlessRpEntityName string `json:"webAuthnPolicyPasswordlessRpEntityName,omitempty"`
+
+	// WebAuthn Policy Passwordless RP ID
+	// +optional
+	WebAuthnPolicyPasswordlessRpID string `json:"webAuthnPolicyPasswordlessRpId,omitempty"`
+
+	// WebAuthn Policy Passwordless Signature Algorithms
+	// +optional
+	WebAuthnPolicyPasswordlessSignatureAlgorithms []string `json:"webAuthnPolicyPasswordlessSignatureAlgorithms,omitempty"`
+
+	// WebAuthn Policy Passwordless User Verification Requirement
+	// +optional
+	WebAuthnPolicyPasswordlessUserVerificationRequirement string `json:"webAuthnPolicyPasswordlessUserVerificationRequirement,omitempty"`
+
+	// WebAuthn Policy Require Resident Key
+	// +optional
+	WebAuthnPolicyRequireResidentKey string `json:"webAuthnPolicyRequireResidentKey,omitempty"`
+
+	// WebAuthn Policy RP Entity Name
+	// +optional
+	WebAuthnPolicyRpEntityName string `json:"webAuthnPolicyRpEntityName,omitempty"`
+
+	// WebAuthn Policy RP ID
+	// +optional
+	WebAuthnPolicyRpID string `json:"webAuthnPolicyRpId,omitempty"`
+
+	// WebAuthn Policy Signature Algorithms
+	// +optional
+	WebAuthnPolicySignatureAlgorithms []string `json:"webAuthnPolicySignatureAlgorithms,omitempty"`
+
+	// WebAuthn Policy User Verification Requirement
+	// +optional
+	WebAuthnPolicyUserVerificationRequirement string `json:"webAuthnPolicyUserVerificationRequirement,omitempty"`
+
 	// Browser authentication flow
 	// +optional
 	BrowserFlow string `json:"browserFlow,omitempty"`