149 lines
4.8 KiB
Go
149 lines
4.8 KiB
Go
/*
|
|
Copyright 2021.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package v1alpha1
|
|
|
|
import (
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
)
|
|
|
|
// KeycloakRealmSpec defines the desired state of KeycloakRealm
|
|
type KeycloakRealmSpec struct {
|
|
// +kubebuilder:validation:Required
|
|
// RealmName is the name and public identifier of the Realm
|
|
RealmName string `json:"realmName"`
|
|
|
|
// If the realm is enabled and active
|
|
Enabled *bool `json:"enabled,omitempty"`
|
|
|
|
SMTP *KeycloakRealmSMTP `json:"smtp,omitempty"`
|
|
|
|
// name shown to the user
|
|
DisplayName *string `json:"displayName,omitempty"`
|
|
// name including HTML tags, or representing a logo image
|
|
DisplayNameHTML *string `json:"displayHTML,omitempty"`
|
|
|
|
// the name of the Theme used for the login pages
|
|
LoginTheme *string `json:"loginTheme,omitempty"`
|
|
|
|
// if the user can use their email address in the login field
|
|
LoginWithEmailAllowed *bool `json:"loginWithEmailAllowed,omitempty"`
|
|
// if a user is allowed to self-register via the registration flow
|
|
RegistrationAllowed *bool `json:"registrationAllowed,omitempty"`
|
|
// if the user should be able to change their username after account creation
|
|
EditUsernameAllowed *bool `json:"editUsernameAllowed,omitempty"`
|
|
// if the email should be used in place of a selectable user identifier
|
|
RegistrationEmailAsUsername *bool `json:"registrationEmailAsUsername,omitempty"`
|
|
// if the user is allowed to use the reset password flow
|
|
ResetPasswordAllowed *bool `json:"resetPasswordAllowed,omitempty"`
|
|
// if emails can be registered multiple times
|
|
DuplicateEmailsAllowed *bool `json:"duplicateEmailsAllowed,omitempty"`
|
|
// if emails should be verified before the user can log into their account
|
|
VerifyEmail *bool `json:"verifyEmail,omitempty"`
|
|
// if long-lived sessions should be offered to the user upon login
|
|
RememberMe *bool `json:"rememberMe,omitempty"`
|
|
}
|
|
|
|
// KeycloakRealmSMTP contains information about the SMTP server used to send
|
|
// transactional mail (for registration and password reset).
|
|
type KeycloakRealmSMTP struct {
|
|
// auth: "true"
|
|
// from: noreply@bitmask.me
|
|
// fromDisplayName: Bitmask Accounts
|
|
// host: email-smtp.eu-west-1.amazonaws.com
|
|
// password: '**********'
|
|
// port: "587"
|
|
// ssl: "false"
|
|
// starttls: "true"
|
|
// user: XXXXXXXXXXXXXXXXXXXX
|
|
|
|
// +kubebuilder:default:=true
|
|
// If authentication should be used
|
|
Auth bool `json:"auth,omitempty"`
|
|
|
|
// From which address the emails will be sent, takes precedence
|
|
// over the attribute defined in the secret.
|
|
From string `json:"from,omitempty"`
|
|
|
|
// From which NAME the email should originate.
|
|
FromDisplayName string `json:"fromDisplayName,omitempty"`
|
|
|
|
Secret *KeycloakRealmSMTPSecret `json:"secret,omitempty"`
|
|
}
|
|
|
|
// KeycloakRealmSMTPSecret contains Credentials for connecting to a SMTP
|
|
// Server.
|
|
type KeycloakRealmSMTPSecret struct {
|
|
|
|
// +kubebuilder:validation:Required
|
|
// Secret containing SMTP configuration
|
|
Name string `json:"name"`
|
|
|
|
// +kubebuilder:default:=host
|
|
// Key of the host attribute
|
|
HostKey string `json:"hostKey,omitempty"`
|
|
|
|
// +kubebuilder:default:=port
|
|
// Key of the port attribute
|
|
PortKey string `json:"portKey,omitempty"`
|
|
|
|
// +kubebuilder:default:=ssl
|
|
// Key of the ssl attribute
|
|
SSLKey string `json:"sslKey,omitempty"`
|
|
|
|
// +kubebuilder:default:=starttls
|
|
// Key of the starttls attribute
|
|
StartTLSKey string `json:"startTLSKey,omitempty"`
|
|
|
|
// +kubebuilder:default:=username
|
|
// Key of the username attribute
|
|
UsernameKey string `json:"usernameKey,omitempty"`
|
|
|
|
// +kubebuilder:default:=from
|
|
// Key of the from attribute, contains the mail address that email will be sent from.
|
|
FromKey string `json:"fromKey,omitempty"`
|
|
}
|
|
|
|
// KeycloakRealmStatus defines the observed state of KeycloakRealm
|
|
type KeycloakRealmStatus struct {
|
|
Available bool `json:"available"`
|
|
}
|
|
|
|
// +kubebuilder:object:root=true
|
|
// +kubebuilder:subresource:status
|
|
|
|
// KeycloakRealm is the Schema for the keycloakrealms API
|
|
type KeycloakRealm struct {
|
|
metav1.TypeMeta `json:",inline"`
|
|
metav1.ObjectMeta `json:"metadata,omitempty"`
|
|
|
|
Spec KeycloakRealmSpec `json:"spec,omitempty"`
|
|
Status KeycloakRealmStatus `json:"status,omitempty"`
|
|
}
|
|
|
|
// +kubebuilder:object:root=true
|
|
|
|
// KeycloakRealmList contains a list of KeycloakRealm
|
|
type KeycloakRealmList struct {
|
|
metav1.TypeMeta `json:",inline"`
|
|
metav1.ListMeta `json:"metadata,omitempty"`
|
|
Items []KeycloakRealm `json:"items"`
|
|
}
|
|
|
|
func init() {
|
|
SchemeBuilder.Register(&KeycloakRealm{}, &KeycloakRealmList{})
|
|
}
|