Merge pull request #1173 from kinarashah/saml

[v2.4] add fields for kubeconfig saml tokens

apis/management.cattle.io/v3/authn_types.go

@@ -2,6 +2,7 @@ package v3
 
 import (
 	"github.com/rancher/norman/condition"
+	"github.com/rancher/norman/types"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -143,6 +144,15 @@ type AuthConfig struct {
 	AllowedPrincipalIDs []string `json:"allowedPrincipalIds,omitempty" norman:"type=array[reference[principal]]"`
 }
 
+type SamlToken struct {
+	types.Namespaced
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Token     string `json:"token" norman:"writeOnly,noupdate"`
+	ExpiresAt string `json:"expiresAt"`
+}
+
 type LocalConfig struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`

apis/management.cattle.io/v3/schema/schema.go

@@ -434,6 +434,7 @@ func authnTypes(schemas *types.Schemas) *types.Schemas {
 		AddMapperForType(&Version, v3.Group{}, m.DisplayName{}).
 		MustImport(&Version, v3.Group{}).
 		MustImport(&Version, v3.GroupMember{}).
+		MustImport(&Version, v3.SamlToken{}).
 		AddMapperForType(&Version, v3.Principal{}, m.DisplayName{}).
 		MustImportAndCustomize(&Version, v3.Principal{}, func(schema *types.Schema) {
 			schema.CollectionMethods = []string{http.MethodGet}

apis/management.cattle.io/v3/zz_generated_deepcopy.go

@@ -9177,6 +9177,66 @@ func (in *SamlConfigTestOutput) DeepCopy() *SamlConfigTestOutput {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SamlToken) DeepCopyInto(out *SamlToken) {
+	*out = *in
+	out.Namespaced = in.Namespaced
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SamlToken.
+func (in *SamlToken) DeepCopy() *SamlToken {
+	if in == nil {
+		return nil
+	}
+	out := new(SamlToken)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *SamlToken) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SamlTokenList) DeepCopyInto(out *SamlTokenList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]SamlToken, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SamlTokenList.
+func (in *SamlTokenList) DeepCopy() *SamlTokenList {
+	if in == nil {
+		return nil
+	}
+	out := new(SamlTokenList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *SamlTokenList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SaveAsTemplateInput) DeepCopyInto(out *SaveAsTemplateInput) {
 	*out = *in

apis/management.cattle.io/v3/zz_generated_k8s_client.go

@@ -42,6 +42,7 @@ type Interface interface {
 	TemplateContentsGetter
 	GroupsGetter
 	GroupMembersGetter
+	SamlTokensGetter
 	PrincipalsGetter
 	UsersGetter
 	AuthConfigsGetter
@@ -112,6 +113,7 @@ type Client struct {
 	templateContentControllers                         map[string]TemplateContentController
 	groupControllers                                   map[string]GroupController
 	groupMemberControllers                             map[string]GroupMemberController
+	samlTokenControllers                               map[string]SamlTokenController
 	principalControllers                               map[string]PrincipalController
 	userControllers                                    map[string]UserController
 	authConfigControllers                              map[string]AuthConfigController
@@ -190,6 +192,7 @@ func NewForConfig(config rest.Config) (Interface, error) {
 		templateContentControllers:                         map[string]TemplateContentController{},
 		groupControllers:                                   map[string]GroupController{},
 		groupMemberControllers:                             map[string]GroupMemberController{},
+		samlTokenControllers:                               map[string]SamlTokenController{},
 		principalControllers:                               map[string]PrincipalController{},
 		userControllers:                                    map[string]UserController{},
 		authConfigControllers:                              map[string]AuthConfigController{},
@@ -532,6 +535,19 @@ func (c *Client) GroupMembers(namespace string) GroupMemberInterface {
 	}
 }
 
+type SamlTokensGetter interface {
+	SamlTokens(namespace string) SamlTokenInterface
+}
+
+func (c *Client) SamlTokens(namespace string) SamlTokenInterface {
+	objectClient := objectclient.NewObjectClient(namespace, c.restClient, &SamlTokenResource, SamlTokenGroupVersionKind, samlTokenFactory{})
+	return &samlTokenClient{
+		ns:           namespace,
+		client:       c,
+		objectClient: objectClient,
+	}
+}
+
 type PrincipalsGetter interface {
 	Principals(namespace string) PrincipalInterface
 }

apis/management.cattle.io/v3/zz_generated_saml_token_controller.go

@@ -0,0 +1,331 @@
+package v3
+
+import (
+	"context"
+	"time"
+
+	"github.com/rancher/norman/controller"
+	"github.com/rancher/norman/objectclient"
+	"github.com/rancher/norman/resource"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/watch"
+	"k8s.io/client-go/tools/cache"
+)
+
+var (
+	SamlTokenGroupVersionKind = schema.GroupVersionKind{
+		Version: Version,
+		Group:   GroupName,
+		Kind:    "SamlToken",
+	}
+	SamlTokenResource = metav1.APIResource{
+		Name:         "samltokens",
+		SingularName: "samltoken",
+		Namespaced:   true,
+
+		Kind: SamlTokenGroupVersionKind.Kind,
+	}
+
+	SamlTokenGroupVersionResource = schema.GroupVersionResource{
+		Group:    GroupName,
+		Version:  Version,
+		Resource: "samltokens",
+	}
+)
+
+func init() {
+	resource.Put(SamlTokenGroupVersionResource)
+}
+
+func NewSamlToken(namespace, name string, obj SamlToken) *SamlToken {
+	obj.APIVersion, obj.Kind = SamlTokenGroupVersionKind.ToAPIVersionAndKind()
+	obj.Name = name
+	obj.Namespace = namespace
+	return &obj
+}
+
+type SamlTokenList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []SamlToken `json:"items"`
+}
+
+type SamlTokenHandlerFunc func(key string, obj *SamlToken) (runtime.Object, error)
+
+type SamlTokenChangeHandlerFunc func(obj *SamlToken) (runtime.Object, error)
+
+type SamlTokenLister interface {
+	List(namespace string, selector labels.Selector) (ret []*SamlToken, err error)
+	Get(namespace, name string) (*SamlToken, error)
+}
+
+type SamlTokenController interface {
+	Generic() controller.GenericController
+	Informer() cache.SharedIndexInformer
+	Lister() SamlTokenLister
+	AddHandler(ctx context.Context, name string, handler SamlTokenHandlerFunc)
+	AddFeatureHandler(ctx context.Context, enabled func() bool, name string, sync SamlTokenHandlerFunc)
+	AddClusterScopedHandler(ctx context.Context, name, clusterName string, handler SamlTokenHandlerFunc)
+	AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, clusterName string, handler SamlTokenHandlerFunc)
+	Enqueue(namespace, name string)
+	EnqueueAfter(namespace, name string, after time.Duration)
+	Sync(ctx context.Context) error
+	Start(ctx context.Context, threadiness int) error
+}
+
+type SamlTokenInterface interface {
+	ObjectClient() *objectclient.ObjectClient
+	Create(*SamlToken) (*SamlToken, error)
+	GetNamespaced(namespace, name string, opts metav1.GetOptions) (*SamlToken, error)
+	Get(name string, opts metav1.GetOptions) (*SamlToken, error)
+	Update(*SamlToken) (*SamlToken, error)
+	Delete(name string, options *metav1.DeleteOptions) error
+	DeleteNamespaced(namespace, name string, options *metav1.DeleteOptions) error
+	List(opts metav1.ListOptions) (*SamlTokenList, error)
+	ListNamespaced(namespace string, opts metav1.ListOptions) (*SamlTokenList, error)
+	Watch(opts metav1.ListOptions) (watch.Interface, error)
+	DeleteCollection(deleteOpts *metav1.DeleteOptions, listOpts metav1.ListOptions) error
+	Controller() SamlTokenController
+	AddHandler(ctx context.Context, name string, sync SamlTokenHandlerFunc)
+	AddFeatureHandler(ctx context.Context, enabled func() bool, name string, sync SamlTokenHandlerFunc)
+	AddLifecycle(ctx context.Context, name string, lifecycle SamlTokenLifecycle)
+	AddFeatureLifecycle(ctx context.Context, enabled func() bool, name string, lifecycle SamlTokenLifecycle)
+	AddClusterScopedHandler(ctx context.Context, name, clusterName string, sync SamlTokenHandlerFunc)
+	AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, clusterName string, sync SamlTokenHandlerFunc)
+	AddClusterScopedLifecycle(ctx context.Context, name, clusterName string, lifecycle SamlTokenLifecycle)
+	AddClusterScopedFeatureLifecycle(ctx context.Context, enabled func() bool, name, clusterName string, lifecycle SamlTokenLifecycle)
+}
+
+type samlTokenLister struct {
+	controller *samlTokenController
+}
+
+func (l *samlTokenLister) List(namespace string, selector labels.Selector) (ret []*SamlToken, err error) {
+	err = cache.ListAllByNamespace(l.controller.Informer().GetIndexer(), namespace, selector, func(obj interface{}) {
+		ret = append(ret, obj.(*SamlToken))
+	})
+	return
+}
+
+func (l *samlTokenLister) Get(namespace, name string) (*SamlToken, error) {
+	var key string
+	if namespace != "" {
+		key = namespace + "/" + name
+	} else {
+		key = name
+	}
+	obj, exists, err := l.controller.Informer().GetIndexer().GetByKey(key)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(schema.GroupResource{
+			Group:    SamlTokenGroupVersionKind.Group,
+			Resource: "samlToken",
+		}, key)
+	}
+	return obj.(*SamlToken), nil
+}
+
+type samlTokenController struct {
+	controller.GenericController
+}
+
+func (c *samlTokenController) Generic() controller.GenericController {
+	return c.GenericController
+}
+
+func (c *samlTokenController) Lister() SamlTokenLister {
+	return &samlTokenLister{
+		controller: c,
+	}
+}
+
+func (c *samlTokenController) AddHandler(ctx context.Context, name string, handler SamlTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*SamlToken); ok {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+func (c *samlTokenController) AddFeatureHandler(ctx context.Context, enabled func() bool, name string, handler SamlTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if !enabled() {
+			return nil, nil
+		} else if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*SamlToken); ok {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+func (c *samlTokenController) AddClusterScopedHandler(ctx context.Context, name, cluster string, handler SamlTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*SamlToken); ok && controller.ObjectInCluster(cluster, obj) {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+func (c *samlTokenController) AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, cluster string, handler SamlTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if !enabled() {
+			return nil, nil
+		} else if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*SamlToken); ok && controller.ObjectInCluster(cluster, obj) {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+type samlTokenFactory struct {
+}
+
+func (c samlTokenFactory) Object() runtime.Object {
+	return &SamlToken{}
+}
+
+func (c samlTokenFactory) List() runtime.Object {
+	return &SamlTokenList{}
+}
+
+func (s *samlTokenClient) Controller() SamlTokenController {
+	s.client.Lock()
+	defer s.client.Unlock()
+
+	c, ok := s.client.samlTokenControllers[s.ns]
+	if ok {
+		return c
+	}
+
+	genericController := controller.NewGenericController(SamlTokenGroupVersionKind.Kind+"Controller",
+		s.objectClient)
+
+	c = &samlTokenController{
+		GenericController: genericController,
+	}
+
+	s.client.samlTokenControllers[s.ns] = c
+	s.client.starters = append(s.client.starters, c)
+
+	return c
+}
+
+type samlTokenClient struct {
+	client       *Client
+	ns           string
+	objectClient *objectclient.ObjectClient
+	controller   SamlTokenController
+}
+
+func (s *samlTokenClient) ObjectClient() *objectclient.ObjectClient {
+	return s.objectClient
+}
+
+func (s *samlTokenClient) Create(o *SamlToken) (*SamlToken, error) {
+	obj, err := s.objectClient.Create(o)
+	return obj.(*SamlToken), err
+}
+
+func (s *samlTokenClient) Get(name string, opts metav1.GetOptions) (*SamlToken, error) {
+	obj, err := s.objectClient.Get(name, opts)
+	return obj.(*SamlToken), err
+}
+
+func (s *samlTokenClient) GetNamespaced(namespace, name string, opts metav1.GetOptions) (*SamlToken, error) {
+	obj, err := s.objectClient.GetNamespaced(namespace, name, opts)
+	return obj.(*SamlToken), err
+}
+
+func (s *samlTokenClient) Update(o *SamlToken) (*SamlToken, error) {
+	obj, err := s.objectClient.Update(o.Name, o)
+	return obj.(*SamlToken), err
+}
+
+func (s *samlTokenClient) Delete(name string, options *metav1.DeleteOptions) error {
+	return s.objectClient.Delete(name, options)
+}
+
+func (s *samlTokenClient) DeleteNamespaced(namespace, name string, options *metav1.DeleteOptions) error {
+	return s.objectClient.DeleteNamespaced(namespace, name, options)
+}
+
+func (s *samlTokenClient) List(opts metav1.ListOptions) (*SamlTokenList, error) {
+	obj, err := s.objectClient.List(opts)
+	return obj.(*SamlTokenList), err
+}
+
+func (s *samlTokenClient) ListNamespaced(namespace string, opts metav1.ListOptions) (*SamlTokenList, error) {
+	obj, err := s.objectClient.ListNamespaced(namespace, opts)
+	return obj.(*SamlTokenList), err
+}
+
+func (s *samlTokenClient) Watch(opts metav1.ListOptions) (watch.Interface, error) {
+	return s.objectClient.Watch(opts)
+}
+
+// Patch applies the patch and returns the patched deployment.
+func (s *samlTokenClient) Patch(o *SamlToken, patchType types.PatchType, data []byte, subresources ...string) (*SamlToken, error) {
+	obj, err := s.objectClient.Patch(o.Name, o, patchType, data, subresources...)
+	return obj.(*SamlToken), err
+}
+
+func (s *samlTokenClient) DeleteCollection(deleteOpts *metav1.DeleteOptions, listOpts metav1.ListOptions) error {
+	return s.objectClient.DeleteCollection(deleteOpts, listOpts)
+}
+
+func (s *samlTokenClient) AddHandler(ctx context.Context, name string, sync SamlTokenHandlerFunc) {
+	s.Controller().AddHandler(ctx, name, sync)
+}
+
+func (s *samlTokenClient) AddFeatureHandler(ctx context.Context, enabled func() bool, name string, sync SamlTokenHandlerFunc) {
+	s.Controller().AddFeatureHandler(ctx, enabled, name, sync)
+}
+
+func (s *samlTokenClient) AddLifecycle(ctx context.Context, name string, lifecycle SamlTokenLifecycle) {
+	sync := NewSamlTokenLifecycleAdapter(name, false, s, lifecycle)
+	s.Controller().AddHandler(ctx, name, sync)
+}
+
+func (s *samlTokenClient) AddFeatureLifecycle(ctx context.Context, enabled func() bool, name string, lifecycle SamlTokenLifecycle) {
+	sync := NewSamlTokenLifecycleAdapter(name, false, s, lifecycle)
+	s.Controller().AddFeatureHandler(ctx, enabled, name, sync)
+}
+
+func (s *samlTokenClient) AddClusterScopedHandler(ctx context.Context, name, clusterName string, sync SamlTokenHandlerFunc) {
+	s.Controller().AddClusterScopedHandler(ctx, name, clusterName, sync)
+}
+
+func (s *samlTokenClient) AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, clusterName string, sync SamlTokenHandlerFunc) {
+	s.Controller().AddClusterScopedFeatureHandler(ctx, enabled, name, clusterName, sync)
+}
+
+func (s *samlTokenClient) AddClusterScopedLifecycle(ctx context.Context, name, clusterName string, lifecycle SamlTokenLifecycle) {
+	sync := NewSamlTokenLifecycleAdapter(name+"_"+clusterName, true, s, lifecycle)
+	s.Controller().AddClusterScopedHandler(ctx, name, clusterName, sync)
+}
+
+func (s *samlTokenClient) AddClusterScopedFeatureLifecycle(ctx context.Context, enabled func() bool, name, clusterName string, lifecycle SamlTokenLifecycle) {
+	sync := NewSamlTokenLifecycleAdapter(name+"_"+clusterName, true, s, lifecycle)
+	s.Controller().AddClusterScopedFeatureHandler(ctx, enabled, name, clusterName, sync)
+}

apis/management.cattle.io/v3/zz_generated_saml_token_lifecycle_adapter.go

@@ -0,0 +1,66 @@
+package v3
+
+import (
+	"github.com/rancher/norman/lifecycle"
+	"github.com/rancher/norman/resource"
+	"k8s.io/apimachinery/pkg/runtime"
+)
+
+type SamlTokenLifecycle interface {
+	Create(obj *SamlToken) (runtime.Object, error)
+	Remove(obj *SamlToken) (runtime.Object, error)
+	Updated(obj *SamlToken) (runtime.Object, error)
+}
+
+type samlTokenLifecycleAdapter struct {
+	lifecycle SamlTokenLifecycle
+}
+
+func (w *samlTokenLifecycleAdapter) HasCreate() bool {
+	o, ok := w.lifecycle.(lifecycle.ObjectLifecycleCondition)
+	return !ok || o.HasCreate()
+}
+
+func (w *samlTokenLifecycleAdapter) HasFinalize() bool {
+	o, ok := w.lifecycle.(lifecycle.ObjectLifecycleCondition)
+	return !ok || o.HasFinalize()
+}
+
+func (w *samlTokenLifecycleAdapter) Create(obj runtime.Object) (runtime.Object, error) {
+	o, err := w.lifecycle.Create(obj.(*SamlToken))
+	if o == nil {
+		return nil, err
+	}
+	return o, err
+}
+
+func (w *samlTokenLifecycleAdapter) Finalize(obj runtime.Object) (runtime.Object, error) {
+	o, err := w.lifecycle.Remove(obj.(*SamlToken))
+	if o == nil {
+		return nil, err
+	}
+	return o, err
+}
+
+func (w *samlTokenLifecycleAdapter) Updated(obj runtime.Object) (runtime.Object, error) {
+	o, err := w.lifecycle.Updated(obj.(*SamlToken))
+	if o == nil {
+		return nil, err
+	}
+	return o, err
+}
+
+func NewSamlTokenLifecycleAdapter(name string, clusterScoped bool, client SamlTokenInterface, l SamlTokenLifecycle) SamlTokenHandlerFunc {
+	if clusterScoped {
+		resource.PutClusterScoped(SamlTokenGroupVersionResource)
+	}
+	adapter := &samlTokenLifecycleAdapter{lifecycle: l}
+	syncFn := lifecycle.NewObjectLifecycleAdapter(name, clusterScoped, adapter, client.ObjectClient())
+	return func(key string, obj *SamlToken) (runtime.Object, error) {
+		newObj, err := syncFn(key, obj)
+		if o, ok := newObj.(runtime.Object); ok {
+			return o, err
+		}
+		return nil, err
+	}
+}

apis/management.cattle.io/v3/zz_generated_scheme.go

@@ -78,6 +78,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&GroupList{},
 		&GroupMember{},
 		&GroupMemberList{},
+		&SamlToken{},
+		&SamlTokenList{},
 		&Principal{},
 		&PrincipalList{},
 		&User{},

apis/management.cattle.io/v3public/authn_types.go

@@ -11,6 +11,14 @@ type AuthProvider struct {
 	Type string `json:"type"`
 }
 
+type AuthToken struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Token     string `json:"token"`
+	ExpiresAt string `json:"expiresAt"`
+}
+
 type GenericLogin struct {
 	TTLMillis    int64  `json:"ttl,omitempty"`
 	Description  string `json:"description,omitempty" norman:"type=string,required"`
@@ -118,6 +126,9 @@ type OKTAProvider struct {
 
 type SamlLoginInput struct {
 	FinalRedirectURL string `json:"finalRedirectUrl"`
+	RequestID        string `json:"requestId"`
+	PublicKey        string `json:"publicKey"`
+	ResponseType     string `json:"responseType"`
 }
 
 type SamlLoginOutput struct {

apis/management.cattle.io/v3public/schema/public_schema.go

@@ -27,6 +27,10 @@ func authProvidersTypes(schemas *types.Schemas) *types.Schemas {
 			schema.CollectionMethods = []string{}
 			schema.ResourceMethods = []string{}
 		}).
+		MustImportAndCustomize(&PublicVersion, v3public.AuthToken{}, func(schema *types.Schema) {
+			schema.CollectionMethods = []string{http.MethodGet, http.MethodDelete}
+			schema.ResourceMethods = []string{http.MethodGet, http.MethodDelete}
+		}).
 		MustImportAndCustomize(&PublicVersion, v3public.AuthProvider{}, func(schema *types.Schema) {
 			schema.CollectionMethods = []string{http.MethodGet}
 		}).

apis/management.cattle.io/v3public/zz_generated_auth_token_controller.go

@@ -0,0 +1,330 @@
+package v3public
+
+import (
+	"context"
+	"time"
+
+	"github.com/rancher/norman/controller"
+	"github.com/rancher/norman/objectclient"
+	"github.com/rancher/norman/resource"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/watch"
+	"k8s.io/client-go/tools/cache"
+)
+
+var (
+	AuthTokenGroupVersionKind = schema.GroupVersionKind{
+		Version: Version,
+		Group:   GroupName,
+		Kind:    "AuthToken",
+	}
+	AuthTokenResource = metav1.APIResource{
+		Name:         "authtokens",
+		SingularName: "authtoken",
+		Namespaced:   false,
+		Kind:         AuthTokenGroupVersionKind.Kind,
+	}
+
+	AuthTokenGroupVersionResource = schema.GroupVersionResource{
+		Group:    GroupName,
+		Version:  Version,
+		Resource: "authtokens",
+	}
+)
+
+func init() {
+	resource.Put(AuthTokenGroupVersionResource)
+}
+
+func NewAuthToken(namespace, name string, obj AuthToken) *AuthToken {
+	obj.APIVersion, obj.Kind = AuthTokenGroupVersionKind.ToAPIVersionAndKind()
+	obj.Name = name
+	obj.Namespace = namespace
+	return &obj
+}
+
+type AuthTokenList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []AuthToken `json:"items"`
+}
+
+type AuthTokenHandlerFunc func(key string, obj *AuthToken) (runtime.Object, error)
+
+type AuthTokenChangeHandlerFunc func(obj *AuthToken) (runtime.Object, error)
+
+type AuthTokenLister interface {
+	List(namespace string, selector labels.Selector) (ret []*AuthToken, err error)
+	Get(namespace, name string) (*AuthToken, error)
+}
+
+type AuthTokenController interface {
+	Generic() controller.GenericController
+	Informer() cache.SharedIndexInformer
+	Lister() AuthTokenLister
+	AddHandler(ctx context.Context, name string, handler AuthTokenHandlerFunc)
+	AddFeatureHandler(ctx context.Context, enabled func() bool, name string, sync AuthTokenHandlerFunc)
+	AddClusterScopedHandler(ctx context.Context, name, clusterName string, handler AuthTokenHandlerFunc)
+	AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, clusterName string, handler AuthTokenHandlerFunc)
+	Enqueue(namespace, name string)
+	EnqueueAfter(namespace, name string, after time.Duration)
+	Sync(ctx context.Context) error
+	Start(ctx context.Context, threadiness int) error
+}
+
+type AuthTokenInterface interface {
+	ObjectClient() *objectclient.ObjectClient
+	Create(*AuthToken) (*AuthToken, error)
+	GetNamespaced(namespace, name string, opts metav1.GetOptions) (*AuthToken, error)
+	Get(name string, opts metav1.GetOptions) (*AuthToken, error)
+	Update(*AuthToken) (*AuthToken, error)
+	Delete(name string, options *metav1.DeleteOptions) error
+	DeleteNamespaced(namespace, name string, options *metav1.DeleteOptions) error
+	List(opts metav1.ListOptions) (*AuthTokenList, error)
+	ListNamespaced(namespace string, opts metav1.ListOptions) (*AuthTokenList, error)
+	Watch(opts metav1.ListOptions) (watch.Interface, error)
+	DeleteCollection(deleteOpts *metav1.DeleteOptions, listOpts metav1.ListOptions) error
+	Controller() AuthTokenController
+	AddHandler(ctx context.Context, name string, sync AuthTokenHandlerFunc)
+	AddFeatureHandler(ctx context.Context, enabled func() bool, name string, sync AuthTokenHandlerFunc)
+	AddLifecycle(ctx context.Context, name string, lifecycle AuthTokenLifecycle)
+	AddFeatureLifecycle(ctx context.Context, enabled func() bool, name string, lifecycle AuthTokenLifecycle)
+	AddClusterScopedHandler(ctx context.Context, name, clusterName string, sync AuthTokenHandlerFunc)
+	AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, clusterName string, sync AuthTokenHandlerFunc)
+	AddClusterScopedLifecycle(ctx context.Context, name, clusterName string, lifecycle AuthTokenLifecycle)
+	AddClusterScopedFeatureLifecycle(ctx context.Context, enabled func() bool, name, clusterName string, lifecycle AuthTokenLifecycle)
+}
+
+type authTokenLister struct {
+	controller *authTokenController
+}
+
+func (l *authTokenLister) List(namespace string, selector labels.Selector) (ret []*AuthToken, err error) {
+	err = cache.ListAllByNamespace(l.controller.Informer().GetIndexer(), namespace, selector, func(obj interface{}) {
+		ret = append(ret, obj.(*AuthToken))
+	})
+	return
+}
+
+func (l *authTokenLister) Get(namespace, name string) (*AuthToken, error) {
+	var key string
+	if namespace != "" {
+		key = namespace + "/" + name
+	} else {
+		key = name
+	}
+	obj, exists, err := l.controller.Informer().GetIndexer().GetByKey(key)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(schema.GroupResource{
+			Group:    AuthTokenGroupVersionKind.Group,
+			Resource: "authToken",
+		}, key)
+	}
+	return obj.(*AuthToken), nil
+}
+
+type authTokenController struct {
+	controller.GenericController
+}
+
+func (c *authTokenController) Generic() controller.GenericController {
+	return c.GenericController
+}
+
+func (c *authTokenController) Lister() AuthTokenLister {
+	return &authTokenLister{
+		controller: c,
+	}
+}
+
+func (c *authTokenController) AddHandler(ctx context.Context, name string, handler AuthTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*AuthToken); ok {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+func (c *authTokenController) AddFeatureHandler(ctx context.Context, enabled func() bool, name string, handler AuthTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if !enabled() {
+			return nil, nil
+		} else if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*AuthToken); ok {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+func (c *authTokenController) AddClusterScopedHandler(ctx context.Context, name, cluster string, handler AuthTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*AuthToken); ok && controller.ObjectInCluster(cluster, obj) {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+func (c *authTokenController) AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, cluster string, handler AuthTokenHandlerFunc) {
+	c.GenericController.AddHandler(ctx, name, func(key string, obj interface{}) (interface{}, error) {
+		if !enabled() {
+			return nil, nil
+		} else if obj == nil {
+			return handler(key, nil)
+		} else if v, ok := obj.(*AuthToken); ok && controller.ObjectInCluster(cluster, obj) {
+			return handler(key, v)
+		} else {
+			return nil, nil
+		}
+	})
+}
+
+type authTokenFactory struct {
+}
+
+func (c authTokenFactory) Object() runtime.Object {
+	return &AuthToken{}
+}
+
+func (c authTokenFactory) List() runtime.Object {
+	return &AuthTokenList{}
+}
+
+func (s *authTokenClient) Controller() AuthTokenController {
+	s.client.Lock()
+	defer s.client.Unlock()
+
+	c, ok := s.client.authTokenControllers[s.ns]
+	if ok {
+		return c
+	}
+
+	genericController := controller.NewGenericController(AuthTokenGroupVersionKind.Kind+"Controller",
+		s.objectClient)
+
+	c = &authTokenController{
+		GenericController: genericController,
+	}
+
+	s.client.authTokenControllers[s.ns] = c
+	s.client.starters = append(s.client.starters, c)
+
+	return c
+}
+
+type authTokenClient struct {
+	client       *Client
+	ns           string
+	objectClient *objectclient.ObjectClient
+	controller   AuthTokenController
+}
+
+func (s *authTokenClient) ObjectClient() *objectclient.ObjectClient {
+	return s.objectClient
+}
+
+func (s *authTokenClient) Create(o *AuthToken) (*AuthToken, error) {
+	obj, err := s.objectClient.Create(o)
+	return obj.(*AuthToken), err
+}
+
+func (s *authTokenClient) Get(name string, opts metav1.GetOptions) (*AuthToken, error) {
+	obj, err := s.objectClient.Get(name, opts)
+	return obj.(*AuthToken), err
+}
+
+func (s *authTokenClient) GetNamespaced(namespace, name string, opts metav1.GetOptions) (*AuthToken, error) {
+	obj, err := s.objectClient.GetNamespaced(namespace, name, opts)
+	return obj.(*AuthToken), err
+}
+
+func (s *authTokenClient) Update(o *AuthToken) (*AuthToken, error) {
+	obj, err := s.objectClient.Update(o.Name, o)
+	return obj.(*AuthToken), err
+}
+
+func (s *authTokenClient) Delete(name string, options *metav1.DeleteOptions) error {
+	return s.objectClient.Delete(name, options)
+}
+
+func (s *authTokenClient) DeleteNamespaced(namespace, name string, options *metav1.DeleteOptions) error {
+	return s.objectClient.DeleteNamespaced(namespace, name, options)
+}
+
+func (s *authTokenClient) List(opts metav1.ListOptions) (*AuthTokenList, error) {
+	obj, err := s.objectClient.List(opts)
+	return obj.(*AuthTokenList), err
+}
+
+func (s *authTokenClient) ListNamespaced(namespace string, opts metav1.ListOptions) (*AuthTokenList, error) {
+	obj, err := s.objectClient.ListNamespaced(namespace, opts)
+	return obj.(*AuthTokenList), err
+}
+
+func (s *authTokenClient) Watch(opts metav1.ListOptions) (watch.Interface, error) {
+	return s.objectClient.Watch(opts)
+}
+
+// Patch applies the patch and returns the patched deployment.
+func (s *authTokenClient) Patch(o *AuthToken, patchType types.PatchType, data []byte, subresources ...string) (*AuthToken, error) {
+	obj, err := s.objectClient.Patch(o.Name, o, patchType, data, subresources...)
+	return obj.(*AuthToken), err
+}
+
+func (s *authTokenClient) DeleteCollection(deleteOpts *metav1.DeleteOptions, listOpts metav1.ListOptions) error {
+	return s.objectClient.DeleteCollection(deleteOpts, listOpts)
+}
+
+func (s *authTokenClient) AddHandler(ctx context.Context, name string, sync AuthTokenHandlerFunc) {
+	s.Controller().AddHandler(ctx, name, sync)
+}
+
+func (s *authTokenClient) AddFeatureHandler(ctx context.Context, enabled func() bool, name string, sync AuthTokenHandlerFunc) {
+	s.Controller().AddFeatureHandler(ctx, enabled, name, sync)
+}
+
+func (s *authTokenClient) AddLifecycle(ctx context.Context, name string, lifecycle AuthTokenLifecycle) {
+	sync := NewAuthTokenLifecycleAdapter(name, false, s, lifecycle)
+	s.Controller().AddHandler(ctx, name, sync)
+}
+
+func (s *authTokenClient) AddFeatureLifecycle(ctx context.Context, enabled func() bool, name string, lifecycle AuthTokenLifecycle) {
+	sync := NewAuthTokenLifecycleAdapter(name, false, s, lifecycle)
+	s.Controller().AddFeatureHandler(ctx, enabled, name, sync)
+}
+
+func (s *authTokenClient) AddClusterScopedHandler(ctx context.Context, name, clusterName string, sync AuthTokenHandlerFunc) {
+	s.Controller().AddClusterScopedHandler(ctx, name, clusterName, sync)
+}
+
+func (s *authTokenClient) AddClusterScopedFeatureHandler(ctx context.Context, enabled func() bool, name, clusterName string, sync AuthTokenHandlerFunc) {
+	s.Controller().AddClusterScopedFeatureHandler(ctx, enabled, name, clusterName, sync)
+}
+
+func (s *authTokenClient) AddClusterScopedLifecycle(ctx context.Context, name, clusterName string, lifecycle AuthTokenLifecycle) {
+	sync := NewAuthTokenLifecycleAdapter(name+"_"+clusterName, true, s, lifecycle)
+	s.Controller().AddClusterScopedHandler(ctx, name, clusterName, sync)
+}
+
+func (s *authTokenClient) AddClusterScopedFeatureLifecycle(ctx context.Context, enabled func() bool, name, clusterName string, lifecycle AuthTokenLifecycle) {
+	sync := NewAuthTokenLifecycleAdapter(name+"_"+clusterName, true, s, lifecycle)
+	s.Controller().AddClusterScopedFeatureHandler(ctx, enabled, name, clusterName, sync)
+}

apis/management.cattle.io/v3public/zz_generated_auth_token_lifecycle_adapter.go

@@ -0,0 +1,66 @@
+package v3public
+
+import (
+	"github.com/rancher/norman/lifecycle"
+	"github.com/rancher/norman/resource"
+	"k8s.io/apimachinery/pkg/runtime"
+)
+
+type AuthTokenLifecycle interface {
+	Create(obj *AuthToken) (runtime.Object, error)
+	Remove(obj *AuthToken) (runtime.Object, error)
+	Updated(obj *AuthToken) (runtime.Object, error)
+}
+
+type authTokenLifecycleAdapter struct {
+	lifecycle AuthTokenLifecycle
+}
+
+func (w *authTokenLifecycleAdapter) HasCreate() bool {
+	o, ok := w.lifecycle.(lifecycle.ObjectLifecycleCondition)
+	return !ok || o.HasCreate()
+}
+
+func (w *authTokenLifecycleAdapter) HasFinalize() bool {
+	o, ok := w.lifecycle.(lifecycle.ObjectLifecycleCondition)
+	return !ok || o.HasFinalize()
+}
+
+func (w *authTokenLifecycleAdapter) Create(obj runtime.Object) (runtime.Object, error) {
+	o, err := w.lifecycle.Create(obj.(*AuthToken))
+	if o == nil {
+		return nil, err
+	}
+	return o, err
+}
+
+func (w *authTokenLifecycleAdapter) Finalize(obj runtime.Object) (runtime.Object, error) {
+	o, err := w.lifecycle.Remove(obj.(*AuthToken))
+	if o == nil {
+		return nil, err
+	}
+	return o, err
+}
+
+func (w *authTokenLifecycleAdapter) Updated(obj runtime.Object) (runtime.Object, error) {
+	o, err := w.lifecycle.Updated(obj.(*AuthToken))
+	if o == nil {
+		return nil, err
+	}
+	return o, err
+}
+
+func NewAuthTokenLifecycleAdapter(name string, clusterScoped bool, client AuthTokenInterface, l AuthTokenLifecycle) AuthTokenHandlerFunc {
+	if clusterScoped {
+		resource.PutClusterScoped(AuthTokenGroupVersionResource)
+	}
+	adapter := &authTokenLifecycleAdapter{lifecycle: l}
+	syncFn := lifecycle.NewObjectLifecycleAdapter(name, clusterScoped, adapter, client.ObjectClient())
+	return func(key string, obj *AuthToken) (runtime.Object, error) {
+		newObj, err := syncFn(key, obj)
+		if o, ok := newObj.(runtime.Object); ok {
+			return o, err
+		}
+		return nil, err
+	}
+}

apis/management.cattle.io/v3public/zz_generated_deepcopy.go

@@ -115,6 +115,65 @@ func (in *AuthProviderList) DeepCopyObject() runtime.Object {
 	return nil
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AuthToken) DeepCopyInto(out *AuthToken) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthToken.
+func (in *AuthToken) DeepCopy() *AuthToken {
+	if in == nil {
+		return nil
+	}
+	out := new(AuthToken)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *AuthToken) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AuthTokenList) DeepCopyInto(out *AuthTokenList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]AuthToken, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthTokenList.
+func (in *AuthTokenList) DeepCopy() *AuthTokenList {
+	if in == nil {
+		return nil
+	}
+	out := new(AuthTokenList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *AuthTokenList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *AzureADLogin) DeepCopyInto(out *AzureADLogin) {
 	*out = *in

apis/management.cattle.io/v3public/zz_generated_k8s_client.go

@@ -20,6 +20,7 @@ type Interface interface {
 	RESTClient() rest.Interface
 	controller.Starter
 
+	AuthTokensGetter
 	AuthProvidersGetter
 }
 
@@ -28,6 +29,7 @@ type Client struct {
 	restClient rest.Interface
 	starters   []controller.Starter
 
+	authTokenControllers    map[string]AuthTokenController
 	authProviderControllers map[string]AuthProviderController
 }
 
@@ -44,6 +46,7 @@ func NewForConfig(config rest.Config) (Interface, error) {
 	return &Client{
 		restClient: restClient,
 
+		authTokenControllers:    map[string]AuthTokenController{},
 		authProviderControllers: map[string]AuthProviderController{},
 	}, nil
 }
@@ -60,6 +63,19 @@ func (c *Client) Start(ctx context.Context, threadiness int) error {
 	return controller.Start(ctx, threadiness, c.starters...)
 }
 
+type AuthTokensGetter interface {
+	AuthTokens(namespace string) AuthTokenInterface
+}
+
+func (c *Client) AuthTokens(namespace string) AuthTokenInterface {
+	objectClient := objectclient.NewObjectClient(namespace, c.restClient, &AuthTokenResource, AuthTokenGroupVersionKind, authTokenFactory{})
+	return &authTokenClient{
+		ns:           namespace,
+		client:       c,
+		objectClient: objectClient,
+	}
+}
+
 type AuthProvidersGetter interface {
 	AuthProviders(namespace string) AuthProviderInterface
 }

apis/management.cattle.io/v3public/zz_generated_scheme.go

@@ -34,6 +34,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 	// TODO this gets cleaned up when the types are fixed
 	scheme.AddKnownTypes(SchemeGroupVersion,
 
+		&AuthToken{},
+		&AuthTokenList{},
 		&AuthProvider{},
 		&AuthProviderList{},
 	)

client/management/v3/zz_generated_client.go

@@ -29,6 +29,7 @@ type Client struct {
 	TemplateContent                         TemplateContentOperations
 	Group                                   GroupOperations
 	GroupMember                             GroupMemberOperations
+	SamlToken                               SamlTokenOperations
 	Principal                               PrincipalOperations
 	User                                    UserOperations
 	AuthConfig                              AuthConfigOperations
@@ -104,6 +105,7 @@ func NewClient(opts *clientbase.ClientOpts) (*Client, error) {
 	client.TemplateContent = newTemplateContentClient(client)
 	client.Group = newGroupClient(client)
 	client.GroupMember = newGroupMemberClient(client)
+	client.SamlToken = newSamlTokenClient(client)
 	client.Principal = newPrincipalClient(client)
 	client.User = newUserClient(client)
 	client.AuthConfig = newAuthConfigClient(client)

client/management/v3/zz_generated_saml_token.go

@@ -0,0 +1,124 @@
+package client
+
+import (
+	"github.com/rancher/norman/types"
+)
+
+const (
+	SamlTokenType                 = "samlToken"
+	SamlTokenFieldAnnotations     = "annotations"
+	SamlTokenFieldCreated         = "created"
+	SamlTokenFieldCreatorID       = "creatorId"
+	SamlTokenFieldExpiresAt       = "expiresAt"
+	SamlTokenFieldLabels          = "labels"
+	SamlTokenFieldName            = "name"
+	SamlTokenFieldNamespaceId     = "namespaceId"
+	SamlTokenFieldOwnerReferences = "ownerReferences"
+	SamlTokenFieldRemoved         = "removed"
+	SamlTokenFieldToken           = "token"
+	SamlTokenFieldUUID            = "uuid"
+)
+
+type SamlToken struct {
+	types.Resource
+	Annotations     map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
+	Created         string            `json:"created,omitempty" yaml:"created,omitempty"`
+	CreatorID       string            `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
+	ExpiresAt       string            `json:"expiresAt,omitempty" yaml:"expiresAt,omitempty"`
+	Labels          map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
+	Name            string            `json:"name,omitempty" yaml:"name,omitempty"`
+	NamespaceId     string            `json:"namespaceId,omitempty" yaml:"namespaceId,omitempty"`
+	OwnerReferences []OwnerReference  `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
+	Removed         string            `json:"removed,omitempty" yaml:"removed,omitempty"`
+	Token           string            `json:"token,omitempty" yaml:"token,omitempty"`
+	UUID            string            `json:"uuid,omitempty" yaml:"uuid,omitempty"`
+}
+
+type SamlTokenCollection struct {
+	types.Collection
+	Data   []SamlToken `json:"data,omitempty"`
+	client *SamlTokenClient
+}
+
+type SamlTokenClient struct {
+	apiClient *Client
+}
+
+type SamlTokenOperations interface {
+	List(opts *types.ListOpts) (*SamlTokenCollection, error)
+	ListAll(opts *types.ListOpts) (*SamlTokenCollection, error)
+	Create(opts *SamlToken) (*SamlToken, error)
+	Update(existing *SamlToken, updates interface{}) (*SamlToken, error)
+	Replace(existing *SamlToken) (*SamlToken, error)
+	ByID(id string) (*SamlToken, error)
+	Delete(container *SamlToken) error
+}
+
+func newSamlTokenClient(apiClient *Client) *SamlTokenClient {
+	return &SamlTokenClient{
+		apiClient: apiClient,
+	}
+}
+
+func (c *SamlTokenClient) Create(container *SamlToken) (*SamlToken, error) {
+	resp := &SamlToken{}
+	err := c.apiClient.Ops.DoCreate(SamlTokenType, container, resp)
+	return resp, err
+}
+
+func (c *SamlTokenClient) Update(existing *SamlToken, updates interface{}) (*SamlToken, error) {
+	resp := &SamlToken{}
+	err := c.apiClient.Ops.DoUpdate(SamlTokenType, &existing.Resource, updates, resp)
+	return resp, err
+}
+
+func (c *SamlTokenClient) Replace(obj *SamlToken) (*SamlToken, error) {
+	resp := &SamlToken{}
+	err := c.apiClient.Ops.DoReplace(SamlTokenType, &obj.Resource, obj, resp)
+	return resp, err
+}
+
+func (c *SamlTokenClient) List(opts *types.ListOpts) (*SamlTokenCollection, error) {
+	resp := &SamlTokenCollection{}
+	err := c.apiClient.Ops.DoList(SamlTokenType, opts, resp)
+	resp.client = c
+	return resp, err
+}
+
+func (c *SamlTokenClient) ListAll(opts *types.ListOpts) (*SamlTokenCollection, error) {
+	resp := &SamlTokenCollection{}
+	resp, err := c.List(opts)
+	if err != nil {
+		return resp, err
+	}
+	data := resp.Data
+	for next, err := resp.Next(); next != nil && err == nil; next, err = next.Next() {
+		data = append(data, next.Data...)
+		resp = next
+		resp.Data = data
+	}
+	if err != nil {
+		return resp, err
+	}
+	return resp, err
+}
+
+func (cc *SamlTokenCollection) Next() (*SamlTokenCollection, error) {
+	if cc != nil && cc.Pagination != nil && cc.Pagination.Next != "" {
+		resp := &SamlTokenCollection{}
+		err := cc.client.apiClient.Ops.DoNext(cc.Pagination.Next, resp)
+		resp.client = cc.client
+		return resp, err
+	}
+	return nil, nil
+}
+
+func (c *SamlTokenClient) ByID(id string) (*SamlToken, error) {
+	resp := &SamlToken{}
+	err := c.apiClient.Ops.DoByID(SamlTokenType, id, resp)
+	return resp, err
+}
+
+func (c *SamlTokenClient) Delete(container *SamlToken) error {
+	return c.apiClient.Ops.DoResourceDelete(SamlTokenType, &container.Resource)
+}

client/management/v3public/zz_generated_auth_token.go

@@ -0,0 +1,122 @@
+package client
+
+import (
+	"github.com/rancher/norman/types"
+)
+
+const (
+	AuthTokenType                 = "authToken"
+	AuthTokenFieldAnnotations     = "annotations"
+	AuthTokenFieldCreated         = "created"
+	AuthTokenFieldCreatorID       = "creatorId"
+	AuthTokenFieldExpiresAt       = "expiresAt"
+	AuthTokenFieldLabels          = "labels"
+	AuthTokenFieldName            = "name"
+	AuthTokenFieldOwnerReferences = "ownerReferences"
+	AuthTokenFieldRemoved         = "removed"
+	AuthTokenFieldToken           = "token"
+	AuthTokenFieldUUID            = "uuid"
+)
+
+type AuthToken struct {
+	types.Resource
+	Annotations     map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
+	Created         string            `json:"created,omitempty" yaml:"created,omitempty"`
+	CreatorID       string            `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
+	ExpiresAt       string            `json:"expiresAt,omitempty" yaml:"expiresAt,omitempty"`
+	Labels          map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
+	Name            string            `json:"name,omitempty" yaml:"name,omitempty"`
+	OwnerReferences []OwnerReference  `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
+	Removed         string            `json:"removed,omitempty" yaml:"removed,omitempty"`
+	Token           string            `json:"token,omitempty" yaml:"token,omitempty"`
+	UUID            string            `json:"uuid,omitempty" yaml:"uuid,omitempty"`
+}
+
+type AuthTokenCollection struct {
+	types.Collection
+	Data   []AuthToken `json:"data,omitempty"`
+	client *AuthTokenClient
+}
+
+type AuthTokenClient struct {
+	apiClient *Client
+}
+
+type AuthTokenOperations interface {
+	List(opts *types.ListOpts) (*AuthTokenCollection, error)
+	ListAll(opts *types.ListOpts) (*AuthTokenCollection, error)
+	Create(opts *AuthToken) (*AuthToken, error)
+	Update(existing *AuthToken, updates interface{}) (*AuthToken, error)
+	Replace(existing *AuthToken) (*AuthToken, error)
+	ByID(id string) (*AuthToken, error)
+	Delete(container *AuthToken) error
+}
+
+func newAuthTokenClient(apiClient *Client) *AuthTokenClient {
+	return &AuthTokenClient{
+		apiClient: apiClient,
+	}
+}
+
+func (c *AuthTokenClient) Create(container *AuthToken) (*AuthToken, error) {
+	resp := &AuthToken{}
+	err := c.apiClient.Ops.DoCreate(AuthTokenType, container, resp)
+	return resp, err
+}
+
+func (c *AuthTokenClient) Update(existing *AuthToken, updates interface{}) (*AuthToken, error) {
+	resp := &AuthToken{}
+	err := c.apiClient.Ops.DoUpdate(AuthTokenType, &existing.Resource, updates, resp)
+	return resp, err
+}
+
+func (c *AuthTokenClient) Replace(obj *AuthToken) (*AuthToken, error) {
+	resp := &AuthToken{}
+	err := c.apiClient.Ops.DoReplace(AuthTokenType, &obj.Resource, obj, resp)
+	return resp, err
+}
+
+func (c *AuthTokenClient) List(opts *types.ListOpts) (*AuthTokenCollection, error) {
+	resp := &AuthTokenCollection{}
+	err := c.apiClient.Ops.DoList(AuthTokenType, opts, resp)
+	resp.client = c
+	return resp, err
+}
+
+func (c *AuthTokenClient) ListAll(opts *types.ListOpts) (*AuthTokenCollection, error) {
+	resp := &AuthTokenCollection{}
+	resp, err := c.List(opts)
+	if err != nil {
+		return resp, err
+	}
+	data := resp.Data
+	for next, err := resp.Next(); next != nil && err == nil; next, err = next.Next() {
+		data = append(data, next.Data...)
+		resp = next
+		resp.Data = data
+	}
+	if err != nil {
+		return resp, err
+	}
+	return resp, err
+}
+
+func (cc *AuthTokenCollection) Next() (*AuthTokenCollection, error) {
+	if cc != nil && cc.Pagination != nil && cc.Pagination.Next != "" {
+		resp := &AuthTokenCollection{}
+		err := cc.client.apiClient.Ops.DoNext(cc.Pagination.Next, resp)
+		resp.client = cc.client
+		return resp, err
+	}
+	return nil, nil
+}
+
+func (c *AuthTokenClient) ByID(id string) (*AuthToken, error) {
+	resp := &AuthToken{}
+	err := c.apiClient.Ops.DoByID(AuthTokenType, id, resp)
+	return resp, err
+}
+
+func (c *AuthTokenClient) Delete(container *AuthToken) error {
+	return c.apiClient.Ops.DoResourceDelete(AuthTokenType, &container.Resource)
+}

client/management/v3public/zz_generated_client.go

@@ -7,6 +7,7 @@ import (
 type Client struct {
 	clientbase.APIBaseClient
 
+	AuthToken    AuthTokenOperations
 	AuthProvider AuthProviderOperations
 }
 
@@ -20,6 +21,7 @@ func NewClient(opts *clientbase.ClientOpts) (*Client, error) {
 		APIBaseClient: baseClient,
 	}
 
+	client.AuthToken = newAuthTokenClient(client)
 	client.AuthProvider = newAuthProviderClient(client)
 
 	return client, nil

client/management/v3public/zz_generated_saml_login_input.go

@@ -3,8 +3,14 @@ package client
 const (
 	SamlLoginInputType                  = "samlLoginInput"
 	SamlLoginInputFieldFinalRedirectURL = "finalRedirectUrl"
+	SamlLoginInputFieldPublicKey        = "publicKey"
+	SamlLoginInputFieldRequestID        = "requestId"
+	SamlLoginInputFieldResponseType     = "responseType"
 )
 
 type SamlLoginInput struct {
 	FinalRedirectURL string `json:"finalRedirectUrl,omitempty" yaml:"finalRedirectUrl,omitempty"`
+	PublicKey        string `json:"publicKey,omitempty" yaml:"publicKey,omitempty"`
+	RequestID        string `json:"requestId,omitempty" yaml:"requestId,omitempty"`
+	ResponseType     string `json:"responseType,omitempty" yaml:"responseType,omitempty"`
 }

compose/zz_generated_compose.go

@@ -32,6 +32,7 @@ type Config struct {
 	TemplateContents                         map[string]managementClient.TemplateContent                         `json:"templateContents,omitempty" yaml:"templateContents,omitempty"`
 	Groups                                   map[string]managementClient.Group                                   `json:"groups,omitempty" yaml:"groups,omitempty"`
 	GroupMembers                             map[string]managementClient.GroupMember                             `json:"groupMembers,omitempty" yaml:"groupMembers,omitempty"`
+	SamlTokens                               map[string]managementClient.SamlToken                               `json:"samlTokens,omitempty" yaml:"samlTokens,omitempty"`
 	Users                                    map[string]managementClient.User                                    `json:"users,omitempty" yaml:"users,omitempty"`
 	LdapConfigs                              map[string]managementClient.LdapConfig                              `json:"ldapConfigs,omitempty" yaml:"ldapConfigs,omitempty"`
 	Tokens                                   map[string]managementClient.Token                                   `json:"tokens,omitempty" yaml:"tokens,omitempty"`

user/manager.go

@@ -16,4 +16,5 @@ type Manager interface {
 	SetPrincipalOnCurrentUserByUserID(userID string, principal v3.Principal) (*v3.User, error)
 	CreateNewUserClusterRoleBinding(userName string, userUID apitypes.UID) error
 	GetUserByPrincipalID(principalName string) (*v3.User, error)
+	GetKubeconfigToken(clusterName, tokenName, description, kind, userName string) (*v3.Token, error)
 }