diff --git a/apis/management.cattle.io/v3/authn_types.go b/apis/management.cattle.io/v3/authn_types.go index 94fb8351..d305f5ac 100644 --- a/apis/management.cattle.io/v3/authn_types.go +++ b/apis/management.cattle.io/v3/authn_types.go @@ -2,6 +2,7 @@ package v3 import ( "github.com/rancher/norman/condition" + "github.com/rancher/norman/types" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -143,6 +144,15 @@ type AuthConfig struct { AllowedPrincipalIDs []string `json:"allowedPrincipalIds,omitempty" norman:"type=array[reference[principal]]"` } +type SamlToken struct { + types.Namespaced + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Token string `json:"token" norman:"writeOnly,noupdate"` + ExpiresAt string `json:"expiresAt"` +} + type LocalConfig struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/apis/management.cattle.io/v3/schema/schema.go b/apis/management.cattle.io/v3/schema/schema.go index 0958c08c..aaf81b8b 100644 --- a/apis/management.cattle.io/v3/schema/schema.go +++ b/apis/management.cattle.io/v3/schema/schema.go @@ -434,6 +434,7 @@ func authnTypes(schemas *types.Schemas) *types.Schemas { AddMapperForType(&Version, v3.Group{}, m.DisplayName{}). MustImport(&Version, v3.Group{}). MustImport(&Version, v3.GroupMember{}). + MustImport(&Version, v3.SamlToken{}). AddMapperForType(&Version, v3.Principal{}, m.DisplayName{}). MustImportAndCustomize(&Version, v3.Principal{}, func(schema *types.Schema) { schema.CollectionMethods = []string{http.MethodGet} diff --git a/apis/management.cattle.io/v3public/authn_types.go b/apis/management.cattle.io/v3public/authn_types.go index 4a0c44a4..f3b9d055 100644 --- a/apis/management.cattle.io/v3public/authn_types.go +++ b/apis/management.cattle.io/v3public/authn_types.go @@ -11,6 +11,14 @@ type AuthProvider struct { Type string `json:"type"` } +type AuthToken struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Token string `json:"token"` + ExpiresAt string `json:"expiresAt"` +} + type GenericLogin struct { TTLMillis int64 `json:"ttl,omitempty"` Description string `json:"description,omitempty" norman:"type=string,required"` @@ -118,6 +126,9 @@ type OKTAProvider struct { type SamlLoginInput struct { FinalRedirectURL string `json:"finalRedirectUrl"` + RequestID string `json:"requestId"` + PublicKey string `json:"publicKey"` + ResponseType string `json:"responseType"` } type SamlLoginOutput struct { diff --git a/apis/management.cattle.io/v3public/schema/public_schema.go b/apis/management.cattle.io/v3public/schema/public_schema.go index 1f6f7f89..491fdaad 100644 --- a/apis/management.cattle.io/v3public/schema/public_schema.go +++ b/apis/management.cattle.io/v3public/schema/public_schema.go @@ -27,6 +27,10 @@ func authProvidersTypes(schemas *types.Schemas) *types.Schemas { schema.CollectionMethods = []string{} schema.ResourceMethods = []string{} }). + MustImportAndCustomize(&PublicVersion, v3public.AuthToken{}, func(schema *types.Schema) { + schema.CollectionMethods = []string{http.MethodGet, http.MethodDelete} + schema.ResourceMethods = []string{http.MethodGet, http.MethodDelete} + }). MustImportAndCustomize(&PublicVersion, v3public.AuthProvider{}, func(schema *types.Schema) { schema.CollectionMethods = []string{http.MethodGet} }). diff --git a/user/manager.go b/user/manager.go index 25fc1496..72f81742 100644 --- a/user/manager.go +++ b/user/manager.go @@ -16,4 +16,5 @@ type Manager interface { SetPrincipalOnCurrentUserByUserID(userID string, principal v3.Principal) (*v3.User, error) CreateNewUserClusterRoleBinding(userName string, userUID apitypes.UID) error GetUserByPrincipalID(principalName string) (*v3.User, error) + GetKubeconfigToken(clusterName, tokenName, description, kind, userName string) (*v3.Token, error) }