mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-03 11:45:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add UsernameClaim and GroupsClaim to JWTAuthenticator CRD spec

Browse Source 
Signed-off-by: Margo Crawford <margaretc@vmware.com>
This commit is contained in:
Ryan Richard
2020-12-15 10:36:19 -08:00
committed by Margo Crawford
parent 43bb7117b7
commit 0e60c93cef
11 changed files with 86 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apis/concierge/authentication/v1alpha1/types_jwt.go.tmpl
View File

@@ -27,6 +27,16 @@ type JWTAuthenticatorSpec struct {
// +kubebuilder:validation:MinLength=1
Audience string `json:"audience"`
// UsernameClaim is the name of the claim which should be read to extract the
// username from the JWT token. When not specified, it will default to "username".
// +optional
UsernameClaim string `json:"username_claim"`
// GroupsClaim is the name of the claim which should be read to extract the user's
// group membership from the JWT token. When not specified, it will default to "groups".
// +optional
GroupsClaim string `json:"groups_claim"`
// TLS configuration for communicating with the OIDC provider.
// +optional
TLS *TLSSpec `json:"tls,omitempty"`