Browse code
Add PKCE support
Jordan Liggitt authored on 2016/09/11 03:41:32Showing 14 changed files
- api/swagger-spec/oapi-v1.json
- pkg/api/serialization_test.go
- pkg/oauth/api/types.go
- pkg/oauth/api/v1/defaults.go
- pkg/oauth/api/v1/generated.pb.go
- pkg/oauth/api/v1/generated.proto
- pkg/oauth/api/v1/register.go
- pkg/oauth/api/v1/swagger_doc.go
- pkg/oauth/api/v1/types.go
- pkg/oauth/api/v1/zz_generated.conversion.go
- pkg/oauth/api/v1/zz_generated.deepcopy.go
- pkg/oauth/api/validation/validation.go
- pkg/oauth/api/zz_generated.deepcopy.go
- pkg/oauth/server/osinserver/registrystorage/storage.go
| ... | ... |
@@ -25842,6 +25842,14 @@ |
| 25842 | 25842 |
"userUID": {
|
| 25843 | 25843 |
"type": "string", |
| 25844 | 25844 |
"description": "UserUID is the unique UID associated with this token. UserUID and UserName must both match for this token to be valid." |
| 25845 |
+ }, |
|
| 25846 |
+ "codeChallenge": {
|
|
| 25847 |
+ "type": "string", |
|
| 25848 |
+ "description": "CodeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636" |
|
| 25849 |
+ }, |
|
| 25850 |
+ "codeChallengeMethod": {
|
|
| 25851 |
+ "type": "string", |
|
| 25852 |
+ "description": "CodeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636" |
|
| 25845 | 25853 |
} |
| 25846 | 25854 |
} |
| 25847 | 25855 |
}, |
| ... | ... |
@@ -418,6 +418,12 @@ func fuzzInternalObject(t *testing.T, forVersion unversioned.GroupVersion, item |
| 418 | 418 |
j.Spec.Template.Spec.InitContainers = nil |
| 419 | 419 |
j.Status.Template.Spec.InitContainers = nil |
| 420 | 420 |
}, |
| 421 |
+ func(j *oauthapi.OAuthAuthorizeToken, c fuzz.Continue) {
|
|
| 422 |
+ c.FuzzNoCustom(j) |
|
| 423 |
+ if len(j.CodeChallenge) > 0 && len(j.CodeChallengeMethod) == 0 {
|
|
| 424 |
+ j.CodeChallengeMethod = "plain" |
|
| 425 |
+ } |
|
| 426 |
+ }, |
|
| 421 | 427 |
func(j *oauthapi.OAuthClientAuthorization, c fuzz.Continue) {
|
| 422 | 428 |
c.FuzzNoCustom(j) |
| 423 | 429 |
if len(j.Scopes) == 0 {
|
| ... | ... |
@@ -59,6 +59,12 @@ type OAuthAuthorizeToken struct {
|
| 59 | 59 |
// UserUID is the unique UID associated with this token. UserUID and UserName must both match |
| 60 | 60 |
// for this token to be valid. |
| 61 | 61 |
UserUID string |
| 62 |
+ |
|
| 63 |
+ // CodeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636 |
|
| 64 |
+ CodeChallenge string |
|
| 65 |
+ |
|
| 66 |
+ // CodeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636 |
|
| 67 |
+ CodeChallengeMethod string |
|
| 62 | 68 |
} |
| 63 | 69 |
|
| 64 | 70 |
// +genclient=true |
| 65 | 71 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,15 @@ |
| 0 |
+package v1 |
|
| 1 |
+ |
|
| 2 |
+import "k8s.io/kubernetes/pkg/runtime" |
|
| 3 |
+ |
|
| 4 |
+func SetDefaults_OAuthAuthorizeToken(obj *OAuthAuthorizeToken) {
|
|
| 5 |
+ if len(obj.CodeChallenge) > 0 && len(obj.CodeChallengeMethod) == 0 {
|
|
| 6 |
+ obj.CodeChallengeMethod = "plain" |
|
| 7 |
+ } |
|
| 8 |
+} |
|
| 9 |
+ |
|
| 10 |
+func addDefaultingFuncs(scheme *runtime.Scheme) error {
|
|
| 11 |
+ return scheme.AddDefaultingFuncs( |
|
| 12 |
+ SetDefaults_OAuthAuthorizeToken, |
|
| 13 |
+ ) |
|
| 14 |
+} |
| ... | ... |
@@ -321,6 +321,14 @@ func (m *OAuthAuthorizeToken) MarshalTo(data []byte) (int, error) {
|
| 321 | 321 |
i++ |
| 322 | 322 |
i = encodeVarintGenerated(data, i, uint64(len(m.UserUID))) |
| 323 | 323 |
i += copy(data[i:], m.UserUID) |
| 324 |
+ data[i] = 0x4a |
|
| 325 |
+ i++ |
|
| 326 |
+ i = encodeVarintGenerated(data, i, uint64(len(m.CodeChallenge))) |
|
| 327 |
+ i += copy(data[i:], m.CodeChallenge) |
|
| 328 |
+ data[i] = 0x52 |
|
| 329 |
+ i++ |
|
| 330 |
+ i = encodeVarintGenerated(data, i, uint64(len(m.CodeChallengeMethod))) |
|
| 331 |
+ i += copy(data[i:], m.CodeChallengeMethod) |
|
| 324 | 332 |
return i, nil |
| 325 | 333 |
} |
| 326 | 334 |
|
| ... | ... |
@@ -727,6 +735,10 @@ func (m *OAuthAuthorizeToken) Size() (n int) {
|
| 727 | 727 |
n += 1 + l + sovGenerated(uint64(l)) |
| 728 | 728 |
l = len(m.UserUID) |
| 729 | 729 |
n += 1 + l + sovGenerated(uint64(l)) |
| 730 |
+ l = len(m.CodeChallenge) |
|
| 731 |
+ n += 1 + l + sovGenerated(uint64(l)) |
|
| 732 |
+ l = len(m.CodeChallengeMethod) |
|
| 733 |
+ n += 1 + l + sovGenerated(uint64(l)) |
|
| 730 | 734 |
return n |
| 731 | 735 |
} |
| 732 | 736 |
|
| ... | ... |
@@ -906,6 +918,8 @@ func (this *OAuthAuthorizeToken) String() string {
|
| 906 | 906 |
`State:` + fmt.Sprintf("%v", this.State) + `,`,
|
| 907 | 907 |
`UserName:` + fmt.Sprintf("%v", this.UserName) + `,`,
|
| 908 | 908 |
`UserUID:` + fmt.Sprintf("%v", this.UserUID) + `,`,
|
| 909 |
+ `CodeChallenge:` + fmt.Sprintf("%v", this.CodeChallenge) + `,`,
|
|
| 910 |
+ `CodeChallengeMethod:` + fmt.Sprintf("%v", this.CodeChallengeMethod) + `,`,
|
|
| 909 | 911 |
`}`, |
| 910 | 912 |
}, "") |
| 911 | 913 |
return s |
| ... | ... |
@@ -1785,6 +1799,64 @@ func (m *OAuthAuthorizeToken) Unmarshal(data []byte) error {
|
| 1785 | 1785 |
} |
| 1786 | 1786 |
m.UserUID = string(data[iNdEx:postIndex]) |
| 1787 | 1787 |
iNdEx = postIndex |
| 1788 |
+ case 9: |
|
| 1789 |
+ if wireType != 2 {
|
|
| 1790 |
+ return fmt.Errorf("proto: wrong wireType = %d for field CodeChallenge", wireType)
|
|
| 1791 |
+ } |
|
| 1792 |
+ var stringLen uint64 |
|
| 1793 |
+ for shift := uint(0); ; shift += 7 {
|
|
| 1794 |
+ if shift >= 64 {
|
|
| 1795 |
+ return ErrIntOverflowGenerated |
|
| 1796 |
+ } |
|
| 1797 |
+ if iNdEx >= l {
|
|
| 1798 |
+ return io.ErrUnexpectedEOF |
|
| 1799 |
+ } |
|
| 1800 |
+ b := data[iNdEx] |
|
| 1801 |
+ iNdEx++ |
|
| 1802 |
+ stringLen |= (uint64(b) & 0x7F) << shift |
|
| 1803 |
+ if b < 0x80 {
|
|
| 1804 |
+ break |
|
| 1805 |
+ } |
|
| 1806 |
+ } |
|
| 1807 |
+ intStringLen := int(stringLen) |
|
| 1808 |
+ if intStringLen < 0 {
|
|
| 1809 |
+ return ErrInvalidLengthGenerated |
|
| 1810 |
+ } |
|
| 1811 |
+ postIndex := iNdEx + intStringLen |
|
| 1812 |
+ if postIndex > l {
|
|
| 1813 |
+ return io.ErrUnexpectedEOF |
|
| 1814 |
+ } |
|
| 1815 |
+ m.CodeChallenge = string(data[iNdEx:postIndex]) |
|
| 1816 |
+ iNdEx = postIndex |
|
| 1817 |
+ case 10: |
|
| 1818 |
+ if wireType != 2 {
|
|
| 1819 |
+ return fmt.Errorf("proto: wrong wireType = %d for field CodeChallengeMethod", wireType)
|
|
| 1820 |
+ } |
|
| 1821 |
+ var stringLen uint64 |
|
| 1822 |
+ for shift := uint(0); ; shift += 7 {
|
|
| 1823 |
+ if shift >= 64 {
|
|
| 1824 |
+ return ErrIntOverflowGenerated |
|
| 1825 |
+ } |
|
| 1826 |
+ if iNdEx >= l {
|
|
| 1827 |
+ return io.ErrUnexpectedEOF |
|
| 1828 |
+ } |
|
| 1829 |
+ b := data[iNdEx] |
|
| 1830 |
+ iNdEx++ |
|
| 1831 |
+ stringLen |= (uint64(b) & 0x7F) << shift |
|
| 1832 |
+ if b < 0x80 {
|
|
| 1833 |
+ break |
|
| 1834 |
+ } |
|
| 1835 |
+ } |
|
| 1836 |
+ intStringLen := int(stringLen) |
|
| 1837 |
+ if intStringLen < 0 {
|
|
| 1838 |
+ return ErrInvalidLengthGenerated |
|
| 1839 |
+ } |
|
| 1840 |
+ postIndex := iNdEx + intStringLen |
|
| 1841 |
+ if postIndex > l {
|
|
| 1842 |
+ return io.ErrUnexpectedEOF |
|
| 1843 |
+ } |
|
| 1844 |
+ m.CodeChallengeMethod = string(data[iNdEx:postIndex]) |
|
| 1845 |
+ iNdEx = postIndex |
|
| 1788 | 1846 |
default: |
| 1789 | 1847 |
iNdEx = preIndex |
| 1790 | 1848 |
skippy, err := skipGenerated(data[iNdEx:]) |
| ... | ... |
@@ -2800,69 +2872,72 @@ var ( |
| 2800 | 2800 |
) |
| 2801 | 2801 |
|
| 2802 | 2802 |
var fileDescriptorGenerated = []byte{
|
| 2803 |
- // 1024 bytes of a gzipped FileDescriptorProto |
|
| 2804 |
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xec, 0x56, 0xcf, 0x6f, 0x1b, 0x45, |
|
| 2805 |
- 0x14, 0xee, 0xc6, 0x71, 0x62, 0x3f, 0xb7, 0xb1, 0x3d, 0x6d, 0xa8, 0x09, 0x90, 0x54, 0x06, 0x41, |
|
| 2806 |
- 0x10, 0xe9, 0xae, 0x12, 0x51, 0xa9, 0x48, 0xa8, 0x92, 0x1d, 0x02, 0x58, 0x82, 0x56, 0x9a, 0x34, |
|
| 2807 |
- 0x80, 0x90, 0x40, 0x9a, 0xec, 0x4e, 0xec, 0xc5, 0xeb, 0x5d, 0x6b, 0x67, 0x36, 0x14, 0xc4, 0x81, |
|
| 2808 |
- 0x1b, 0x57, 0xfe, 0x09, 0x8e, 0xdc, 0xb8, 0x72, 0xcf, 0x31, 0x47, 0xc4, 0x21, 0x2a, 0xe5, 0xc6, |
|
| 2809 |
- 0x9f, 0xc0, 0x05, 0xde, 0xce, 0xae, 0xf7, 0x97, 0xed, 0xa0, 0x44, 0x22, 0xe2, 0xc0, 0x61, 0xa4, |
|
| 2810 |
- 0xdd, 0xf7, 0xbe, 0x6f, 0xe6, 0xbd, 0x37, 0xdf, 0xbc, 0x19, 0x78, 0xbb, 0x6f, 0xcb, 0x41, 0x70, |
|
| 2811 |
- 0xa8, 0x9b, 0xde, 0xc8, 0xf0, 0xc6, 0xdc, 0x15, 0x03, 0xfb, 0x48, 0x1a, 0x9e, 0x6f, 0xf7, 0x6d, |
|
| 2812 |
- 0xd7, 0x18, 0x0f, 0xfb, 0x86, 0xc7, 0x02, 0x39, 0x30, 0xd8, 0xd8, 0x36, 0x8e, 0xb7, 0x8d, 0x3e, |
|
| 2813 |
- 0x77, 0xb9, 0xcf, 0x24, 0xb7, 0xf4, 0xb1, 0xef, 0x49, 0x8f, 0x6c, 0xa5, 0x6c, 0x3d, 0x61, 0xeb, |
|
| 2814 |
- 0x11, 0x5b, 0x47, 0xb6, 0xae, 0xd8, 0x3a, 0xb2, 0xf5, 0xe3, 0xed, 0xb5, 0xbb, 0x99, 0xb5, 0xfa, |
|
| 2815 |
- 0x5e, 0xdf, 0x33, 0xd4, 0x24, 0x87, 0xc1, 0x91, 0xfa, 0x53, 0x3f, 0xea, 0x2b, 0x9a, 0x7c, 0xed, |
|
| 2816 |
- 0xde, 0xf0, 0xbe, 0xd0, 0x6d, 0xcf, 0x18, 0x06, 0x87, 0xdc, 0x77, 0xb9, 0xe4, 0x42, 0x05, 0x14, |
|
| 2817 |
- 0x86, 0x12, 0xb8, 0xc7, 0xdc, 0x17, 0xb6, 0xe7, 0x72, 0xab, 0x18, 0xd3, 0xda, 0xd6, 0x7c, 0xda, |
|
| 2818 |
- 0x74, 0x06, 0x6b, 0x77, 0x67, 0xa3, 0xfd, 0xc0, 0x95, 0xf6, 0x88, 0x4f, 0xc1, 0xb7, 0x67, 0xc3, |
|
| 2819 |
- 0x03, 0x69, 0x3b, 0x86, 0xed, 0x4a, 0x21, 0xfd, 0x22, 0xa5, 0xfd, 0xb3, 0x06, 0x2f, 0xec, 0x3a, |
|
| 2820 |
- 0x81, 0x90, 0xdc, 0xa7, 0x9e, 0xc3, 0xf7, 0x4d, 0x2c, 0x14, 0xe5, 0x88, 0xb4, 0x4d, 0x89, 0x19, |
|
| 2821 |
- 0x90, 0x37, 0xa0, 0xea, 0xa3, 0xfd, 0x21, 0x1b, 0x71, 0xd1, 0xd2, 0xee, 0x94, 0x36, 0xab, 0xdd, |
|
| 2822 |
- 0x1b, 0xcf, 0xce, 0x36, 0xaa, 0x74, 0x62, 0xa4, 0xa9, 0x9f, 0xe8, 0x00, 0x6e, 0xf8, 0x31, 0x66, |
|
| 2823 |
- 0x26, 0xa2, 0x17, 0x14, 0x7a, 0x05, 0xd1, 0xf0, 0x30, 0xb1, 0xd2, 0x0c, 0x82, 0x74, 0xa0, 0xce, |
|
| 2824 |
- 0x1c, 0xc7, 0xfb, 0x72, 0x4f, 0x98, 0xcc, 0x61, 0xe1, 0x7a, 0xad, 0xd2, 0x1d, 0x6d, 0xb3, 0xd2, |
|
| 2825 |
- 0xbd, 0x7d, 0x72, 0xb6, 0x71, 0x0d, 0x89, 0xf5, 0x4e, 0xde, 0x4d, 0x8b, 0xf8, 0xf6, 0x5f, 0x25, |
|
| 2826 |
- 0x68, 0x3c, 0xea, 0xe0, 0x36, 0x76, 0x4c, 0x9c, 0x51, 0x3c, 0xf6, 0x86, 0xdc, 0x25, 0x9f, 0x40, |
|
| 2827 |
- 0x65, 0xc4, 0x25, 0xb3, 0x98, 0x64, 0x18, 0xb3, 0xb6, 0x59, 0xdb, 0xd9, 0xd4, 0xa3, 0xd2, 0xe8, |
|
| 2828 |
- 0x69, 0x69, 0x94, 0x02, 0xa2, 0xbd, 0xd7, 0x1f, 0x1d, 0x7e, 0xc1, 0x4d, 0xf9, 0x21, 0x72, 0xba, |
|
| 2829 |
- 0x24, 0x5e, 0x1a, 0x52, 0x1b, 0x4d, 0x66, 0x23, 0x3b, 0x00, 0xa6, 0x63, 0x73, 0x57, 0x86, 0x19, |
|
| 2830 |
- 0x61, 0x86, 0x1a, 0x66, 0x98, 0x30, 0x76, 0x13, 0x0f, 0xcd, 0xa0, 0x88, 0x01, 0x55, 0xfe, 0x64, |
|
| 2831 |
- 0x6c, 0xfb, 0x5c, 0xf4, 0xa2, 0xfc, 0x4a, 0xdd, 0x66, 0x4c, 0xa9, 0xee, 0x4d, 0x1c, 0x34, 0xc5, |
|
| 2832 |
- 0x90, 0x36, 0x2c, 0x89, 0x70, 0x1f, 0x44, 0x6b, 0x51, 0x95, 0x10, 0x10, 0xb9, 0xa4, 0x76, 0x46, |
|
| 2833 |
- 0xd0, 0xd8, 0x43, 0xee, 0x41, 0xcd, 0xe7, 0x16, 0x12, 0x4c, 0x79, 0x40, 0x7b, 0xad, 0xb2, 0x8a, |
|
| 2834 |
- 0xe4, 0x66, 0x3c, 0x6d, 0x8d, 0xa6, 0x2e, 0x9a, 0xc5, 0x91, 0x2d, 0xa8, 0x04, 0x82, 0xfb, 0x2a, |
|
| 2835 |
- 0xfa, 0x25, 0xc5, 0x69, 0xc4, 0x9c, 0xca, 0x41, 0x6c, 0xa7, 0x09, 0x82, 0xbc, 0x0e, 0xcb, 0xe1, |
|
| 2836 |
- 0xf7, 0x41, 0xef, 0x9d, 0xd6, 0xb2, 0x02, 0xd7, 0x63, 0xf0, 0xf2, 0x41, 0x64, 0xa6, 0x13, 0x3f, |
|
| 2837 |
- 0x79, 0x00, 0x2b, 0xe1, 0x61, 0xc2, 0xc3, 0xf5, 0x35, 0x57, 0x9b, 0xd0, 0xaa, 0x28, 0xc6, 0x73, |
|
| 2838 |
- 0x31, 0x63, 0xa5, 0x93, 0xf3, 0xd2, 0x02, 0x9a, 0xdc, 0x87, 0xeb, 0x3e, 0x3f, 0xc2, 0xfc, 0x07, |
|
| 2839 |
- 0x11, 0xbb, 0xaa, 0xd8, 0xb7, 0x62, 0xf6, 0x75, 0x9a, 0xf1, 0xd1, 0x1c, 0xb2, 0xfd, 0xab, 0x06, |
|
| 2840 |
- 0xb7, 0x8a, 0x0a, 0xf8, 0xc0, 0x16, 0x92, 0x7c, 0x36, 0xa5, 0x02, 0xe3, 0x1c, 0x15, 0x64, 0x0e, |
|
| 2841 |
- 0xad, 0x1e, 0xd2, 0x95, 0x18, 0x92, 0xe2, 0x4c, 0x2c, 0x19, 0x29, 0x98, 0x50, 0xb6, 0x25, 0x1f, |
|
| 2842 |
- 0x45, 0x3a, 0xaf, 0xed, 0x3c, 0xd0, 0x2f, 0xd2, 0x6d, 0xf4, 0x62, 0xc4, 0xdd, 0x1b, 0xf1, 0x52, |
|
| 2843 |
- 0xe5, 0x5e, 0x38, 0x29, 0x8d, 0xe6, 0x6e, 0xff, 0x58, 0x82, 0x9b, 0x11, 0x34, 0x5f, 0xae, 0xff, |
|
| 2844 |
- 0x15, 0x3e, 0x4f, 0xe1, 0x2f, 0x43, 0x59, 0x48, 0x6c, 0x70, 0xb1, 0xbc, 0x93, 0xb2, 0xee, 0x87, |
|
| 2845 |
- 0x46, 0x1a, 0xf9, 0x72, 0xc7, 0x60, 0xf9, 0x22, 0xc7, 0xa0, 0x72, 0xfe, 0x31, 0x68, 0x3f, 0xd5, |
|
| 2846 |
- 0xe0, 0xf6, 0x8c, 0xfd, 0xba, 0x0a, 0x3d, 0x1e, 0xe5, 0xf5, 0xd8, 0xb9, 0x8c, 0x1e, 0x73, 0x41, |
|
| 2847 |
- 0xcf, 0x91, 0xe4, 0x4f, 0x8b, 0x50, 0x53, 0xe8, 0x48, 0x0c, 0xff, 0xa2, 0x14, 0x5f, 0x45, 0x95, |
|
| 2848 |
- 0x70, 0xd3, 0xe7, 0x32, 0x96, 0xe1, 0x4a, 0x8c, 0x5e, 0xda, 0x57, 0x56, 0x1a, 0x7b, 0xc9, 0x2e, |
|
| 2849 |
- 0x34, 0x99, 0x65, 0xd9, 0xe1, 0x7d, 0xc0, 0x9c, 0xc8, 0x27, 0x50, 0x86, 0xa1, 0xb0, 0x56, 0x11, |
|
| 2850 |
- 0xde, 0xec, 0x14, 0x9d, 0x74, 0x1a, 0x4f, 0xf6, 0x61, 0x15, 0xb5, 0x39, 0xf6, 0x5c, 0xeb, 0x63, |
|
| 2851 |
- 0xac, 0xdb, 0xee, 0x00, 0x2f, 0x1a, 0xee, 0xf6, 0x95, 0x42, 0xc3, 0x1b, 0xe9, 0xa5, 0x78, 0xed, |
|
| 2852 |
- 0x55, 0x3a, 0x0b, 0x44, 0x67, 0x73, 0xc9, 0x9b, 0x61, 0x57, 0x4b, 0xb4, 0x29, 0x50, 0xc4, 0x61, |
|
| 2853 |
- 0x50, 0x8d, 0xa8, 0xa3, 0xa5, 0x76, 0x9a, 0x43, 0x91, 0x1e, 0xd4, 0xfa, 0x3e, 0x73, 0xc3, 0x72, |
|
| 2854 |
- 0x0c, 0x3c, 0x2b, 0x16, 0xf2, 0x6b, 0x13, 0xe5, 0xbf, 0x97, 0xba, 0xfe, 0x3c, 0xdb, 0x68, 0xa8, |
|
| 2855 |
- 0xdf, 0xf7, 0x99, 0x6b, 0x39, 0xdc, 0x7f, 0xfc, 0x15, 0x5e, 0xde, 0x59, 0x2e, 0xf9, 0x4e, 0x83, |
|
| 2856 |
- 0xa6, 0x28, 0xdc, 0xe9, 0x02, 0x25, 0x7f, 0x89, 0x8e, 0x55, 0x7c, 0x1a, 0x74, 0x9f, 0x8f, 0x23, |
|
| 2857 |
- 0x6a, 0x16, 0x3d, 0x58, 0xdf, 0xa9, 0x35, 0xdb, 0x3f, 0x2c, 0x40, 0x2b, 0x23, 0x9b, 0x89, 0xd4, |
|
| 2858 |
- 0xd4, 0x2d, 0xfe, 0x1f, 0x6b, 0x67, 0xd9, 0xee, 0x50, 0xba, 0x48, 0x77, 0x58, 0xfc, 0x87, 0x4b, |
|
| 2859 |
- 0x32, 0x6d, 0x7b, 0xe5, 0x79, 0x6d, 0xaf, 0xfd, 0x87, 0x06, 0x2f, 0xce, 0xab, 0xd3, 0x55, 0xb4, |
|
| 2860 |
- 0x91, 0x61, 0xbe, 0x8d, 0xbc, 0x7b, 0x89, 0x36, 0x32, 0x23, 0xf2, 0x39, 0xbd, 0xe4, 0x54, 0x83, |
|
| 2861 |
- 0x7a, 0x86, 0x72, 0x15, 0xf9, 0x7d, 0x9e, 0xcf, 0xef, 0xad, 0x4b, 0xe7, 0x37, 0x27, 0x25, 0x7c, |
|
| 2862 |
- 0x50, 0x37, 0x66, 0xbc, 0xa2, 0x2b, 0x0e, 0xba, 0x7d, 0xe6, 0x4c, 0x1e, 0xd1, 0xf5, 0xf0, 0x28, |
|
| 2863 |
- 0xef, 0x3d, 0x61, 0xa6, 0xfc, 0x88, 0x39, 0x01, 0xee, 0x7f, 0x02, 0x20, 0xdf, 0x40, 0xcd, 0x4c, |
|
| 2864 |
- 0x5f, 0xe4, 0x4a, 0xb3, 0xb5, 0x9d, 0xde, 0xc5, 0xe2, 0x3c, 0xe7, 0x49, 0x1f, 0x2d, 0x9d, 0x01, |
|
| 2865 |
- 0xd0, 0xec, 0x72, 0xdd, 0x57, 0x4e, 0x7e, 0x5b, 0xbf, 0x76, 0x8a, 0xe3, 0x17, 0x1c, 0xdf, 0x3e, |
|
| 2866 |
- 0x5b, 0xd7, 0x4e, 0x70, 0x9c, 0xe2, 0x78, 0x8a, 0xe3, 0xfb, 0xdf, 0xd7, 0xaf, 0x7d, 0xba, 0x70, |
|
| 2867 |
- 0xbc, 0xfd, 0x77, 0x00, 0x00, 0x00, 0xff, 0xff, 0x64, 0xe6, 0x4d, 0xde, 0x99, 0x0d, 0x00, 0x00, |
|
| 2803 |
+ // 1067 bytes of a gzipped FileDescriptorProto |
|
| 2804 |
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xec, 0x57, 0x4f, 0x6f, 0x1b, 0x45, |
|
| 2805 |
+ 0x14, 0xcf, 0xe6, 0xaf, 0xfd, 0xdc, 0x24, 0xf6, 0xa4, 0xa1, 0x26, 0x85, 0xa4, 0x32, 0x08, 0x82, |
|
| 2806 |
+ 0x48, 0x77, 0x95, 0x88, 0x4a, 0x45, 0xa0, 0x4a, 0xb6, 0x09, 0x60, 0x89, 0xb6, 0xd2, 0xa4, 0x01, |
|
| 2807 |
+ 0x84, 0x04, 0xd2, 0x66, 0x77, 0x62, 0x2f, 0x5e, 0xef, 0x5a, 0x3b, 0xb3, 0xa1, 0x20, 0x0e, 0xdc, |
|
| 2808 |
+ 0xb8, 0xf2, 0x25, 0xf8, 0x06, 0x5c, 0x38, 0x70, 0xcf, 0x31, 0x47, 0xc4, 0x21, 0x2a, 0xe5, 0xc6, |
|
| 2809 |
+ 0x47, 0xe0, 0x02, 0x6f, 0x67, 0xc7, 0xfb, 0xcf, 0x76, 0xab, 0x44, 0x22, 0xe2, 0xc0, 0x61, 0xa5, |
|
| 2810 |
+ 0xdd, 0xf7, 0x7e, 0xbf, 0x99, 0xf7, 0xde, 0xbc, 0xdf, 0xf3, 0x18, 0xde, 0xed, 0x3a, 0xa2, 0x17, |
|
| 2811 |
+ 0x1e, 0xe9, 0x96, 0x3f, 0x30, 0xfc, 0x21, 0xf3, 0x78, 0xcf, 0x39, 0x16, 0x86, 0x1f, 0x38, 0x5d, |
|
| 2812 |
+ 0xc7, 0x33, 0x86, 0xfd, 0xae, 0xe1, 0x9b, 0xa1, 0xe8, 0x19, 0xe6, 0xd0, 0x31, 0x4e, 0x76, 0x8d, |
|
| 2813 |
+ 0x2e, 0xf3, 0x58, 0x60, 0x0a, 0x66, 0xeb, 0xc3, 0xc0, 0x17, 0x3e, 0xd9, 0x49, 0xd9, 0x7a, 0xc2, |
|
| 2814 |
+ 0xd6, 0x63, 0xb6, 0x8e, 0x6c, 0x5d, 0xb2, 0x75, 0x64, 0xeb, 0x27, 0xbb, 0x1b, 0xb7, 0x33, 0x7b, |
|
| 2815 |
+ 0x75, 0xfd, 0xae, 0x6f, 0xc8, 0x45, 0x8e, 0xc2, 0x63, 0xf9, 0x25, 0x3f, 0xe4, 0x5b, 0xbc, 0xf8, |
|
| 2816 |
+ 0xc6, 0x9d, 0xfe, 0x5d, 0xae, 0x3b, 0xbe, 0xd1, 0x0f, 0x8f, 0x58, 0xe0, 0x31, 0xc1, 0xb8, 0x0c, |
|
| 2817 |
+ 0x28, 0x0a, 0x25, 0xf4, 0x4e, 0x58, 0xc0, 0x1d, 0xdf, 0x63, 0x76, 0x31, 0xa6, 0x8d, 0x9d, 0xe9, |
|
| 2818 |
+ 0xb4, 0xf1, 0x0c, 0x36, 0x6e, 0x4f, 0x46, 0x07, 0xa1, 0x27, 0x9c, 0x01, 0x1b, 0x83, 0xef, 0x4e, |
|
| 2819 |
+ 0x86, 0x87, 0xc2, 0x71, 0x0d, 0xc7, 0x13, 0x5c, 0x04, 0x45, 0x4a, 0xe3, 0x17, 0x0d, 0x6e, 0xb6, |
|
| 2820 |
+ 0xdd, 0x90, 0x0b, 0x16, 0x50, 0xdf, 0x65, 0x07, 0x16, 0x16, 0x8a, 0x32, 0x44, 0x3a, 0x96, 0xc0, |
|
| 2821 |
+ 0x0c, 0xc8, 0x9b, 0x50, 0x0e, 0xd0, 0xfe, 0xc0, 0x1c, 0x30, 0x5e, 0xd7, 0x6e, 0xcd, 0x6d, 0x97, |
|
| 2822 |
+ 0x5b, 0xcb, 0x4f, 0xcf, 0xb7, 0xca, 0x74, 0x64, 0xa4, 0xa9, 0x9f, 0xe8, 0x00, 0x5e, 0xf4, 0x32, |
|
| 2823 |
+ 0x34, 0x2d, 0x44, 0xcf, 0x4a, 0xf4, 0x0a, 0xa2, 0xe1, 0x41, 0x62, 0xa5, 0x19, 0x04, 0x69, 0xc2, |
|
| 2824 |
+ 0xaa, 0xe9, 0xba, 0xfe, 0x57, 0xfb, 0xdc, 0x32, 0x5d, 0x33, 0xda, 0xaf, 0x3e, 0x77, 0x4b, 0xdb, |
|
| 2825 |
+ 0x2e, 0xb5, 0x6e, 0x9c, 0x9e, 0x6f, 0xcd, 0x20, 0x71, 0xb5, 0x99, 0x77, 0xd3, 0x22, 0xbe, 0xf1, |
|
| 2826 |
+ 0xf7, 0x1c, 0x54, 0x1f, 0x36, 0xf1, 0x18, 0x9b, 0x16, 0xae, 0xc8, 0x1f, 0xf9, 0x7d, 0xe6, 0x91, |
|
| 2827 |
+ 0x4f, 0xa1, 0x34, 0x60, 0xc2, 0xb4, 0x4d, 0x61, 0x62, 0xcc, 0xda, 0x76, 0x65, 0x6f, 0x5b, 0x8f, |
|
| 2828 |
+ 0x4b, 0xa3, 0xa7, 0xa5, 0x91, 0x1d, 0x10, 0x9f, 0xbd, 0xfe, 0xf0, 0xe8, 0x4b, 0x66, 0x89, 0xfb, |
|
| 2829 |
+ 0xc8, 0x69, 0x11, 0xb5, 0x35, 0xa4, 0x36, 0x9a, 0xac, 0x46, 0xf6, 0x00, 0x2c, 0xd7, 0x61, 0x9e, |
|
| 2830 |
+ 0x88, 0x32, 0xc2, 0x0c, 0x35, 0xcc, 0x30, 0x61, 0xb4, 0x13, 0x0f, 0xcd, 0xa0, 0x88, 0x01, 0x65, |
|
| 2831 |
+ 0xf6, 0x78, 0xe8, 0x04, 0x8c, 0x77, 0xe2, 0xfc, 0xe6, 0x5a, 0x35, 0x45, 0x29, 0xef, 0x8f, 0x1c, |
|
| 2832 |
+ 0x34, 0xc5, 0x90, 0x06, 0x2c, 0xf2, 0xe8, 0x1c, 0x78, 0x7d, 0x5e, 0x96, 0x10, 0x10, 0xb9, 0x28, |
|
| 2833 |
+ 0x4f, 0x86, 0x53, 0xe5, 0x21, 0x77, 0xa0, 0x12, 0x30, 0x1b, 0x09, 0x96, 0x38, 0xa4, 0x9d, 0xfa, |
|
| 2834 |
+ 0x82, 0x8c, 0x64, 0x4d, 0x2d, 0x5b, 0xa1, 0xa9, 0x8b, 0x66, 0x71, 0x64, 0x07, 0x4a, 0x21, 0x67, |
|
| 2835 |
+ 0x81, 0x8c, 0x7e, 0x51, 0x72, 0xaa, 0x8a, 0x53, 0x3a, 0x54, 0x76, 0x9a, 0x20, 0xc8, 0x1b, 0xb0, |
|
| 2836 |
+ 0x14, 0xbd, 0x1f, 0x76, 0xde, 0xab, 0x2f, 0x49, 0xf0, 0xaa, 0x02, 0x2f, 0x1d, 0xc6, 0x66, 0x3a, |
|
| 2837 |
+ 0xf2, 0x93, 0x7b, 0xb0, 0x12, 0x89, 0x09, 0xc5, 0xf5, 0x0d, 0x93, 0x87, 0x50, 0x2f, 0x49, 0xc6, |
|
| 2838 |
+ 0x0b, 0x8a, 0xb1, 0xd2, 0xcc, 0x79, 0x69, 0x01, 0x4d, 0xee, 0xc2, 0xb5, 0x80, 0x1d, 0x63, 0xfe, |
|
| 2839 |
+ 0xbd, 0x98, 0x5d, 0x96, 0xec, 0xeb, 0x8a, 0x7d, 0x8d, 0x66, 0x7c, 0x34, 0x87, 0x6c, 0xfc, 0xa6, |
|
| 2840 |
+ 0xc1, 0xf5, 0x62, 0x07, 0x7c, 0xe4, 0x70, 0x41, 0x3e, 0x1f, 0xeb, 0x02, 0xe3, 0x19, 0x5d, 0x90, |
|
| 2841 |
+ 0x11, 0xad, 0x1e, 0xd1, 0x65, 0x33, 0x24, 0xc5, 0x19, 0x59, 0x32, 0xad, 0x60, 0xc1, 0x82, 0x23, |
|
| 2842 |
+ 0xd8, 0x20, 0xee, 0xf3, 0xca, 0xde, 0x3d, 0xfd, 0x22, 0xd3, 0x46, 0x2f, 0x46, 0xdc, 0x5a, 0x56, |
|
| 2843 |
+ 0x5b, 0x2d, 0x74, 0xa2, 0x45, 0x69, 0xbc, 0x76, 0xe3, 0xe7, 0x79, 0x58, 0x8b, 0xa1, 0xf9, 0x72, |
|
| 2844 |
+ 0xfd, 0xdf, 0xe1, 0xd3, 0x3a, 0xfc, 0x15, 0x58, 0xe0, 0x02, 0x07, 0x9c, 0x6a, 0xef, 0xa4, 0xac, |
|
| 2845 |
+ 0x07, 0x91, 0x91, 0xc6, 0xbe, 0x9c, 0x0c, 0x96, 0x2e, 0x22, 0x83, 0xd2, 0x73, 0x64, 0xf0, 0x0e, |
|
| 2846 |
+ 0x2c, 0x5b, 0xbe, 0xcd, 0xda, 0x3d, 0x9c, 0x53, 0xcc, 0xeb, 0x32, 0xd5, 0xc7, 0xeb, 0x8a, 0xb0, |
|
| 2847 |
+ 0xdc, 0xce, 0x3a, 0x69, 0x1e, 0x4b, 0xee, 0xc3, 0x5a, 0xce, 0x80, 0x27, 0xd3, 0xf3, 0xed, 0x3a, |
|
| 2848 |
+ 0xc8, 0x25, 0x6e, 0xaa, 0x25, 0xd6, 0xda, 0xe3, 0x10, 0x3a, 0x89, 0xd7, 0x78, 0xa2, 0xc1, 0x8d, |
|
| 2849 |
+ 0x09, 0xbd, 0x73, 0x15, 0xda, 0x38, 0xce, 0x6b, 0xa3, 0x79, 0x19, 0x6d, 0xe4, 0x82, 0x9e, 0x22, |
|
| 2850 |
+ 0x8f, 0x9f, 0xe6, 0xa1, 0x22, 0xd1, 0x71, 0x63, 0xfe, 0x8b, 0xb2, 0x78, 0x0d, 0x3b, 0x96, 0x59, |
|
| 2851 |
+ 0x01, 0x13, 0x4a, 0x12, 0x2b, 0x0a, 0xbd, 0x78, 0x20, 0xad, 0x54, 0x79, 0x49, 0x1b, 0x6a, 0xa6, |
|
| 2852 |
+ 0x6d, 0x3b, 0xd1, 0x6f, 0x93, 0xe9, 0xc6, 0x3e, 0x8e, 0x92, 0x88, 0x9a, 0x7c, 0x1d, 0xe1, 0xb5, |
|
| 2853 |
+ 0x66, 0xd1, 0x49, 0xc7, 0xf1, 0xe4, 0x00, 0xd6, 0x51, 0x27, 0x43, 0xdf, 0xb3, 0x3f, 0xc1, 0xba, |
|
| 2854 |
+ 0x25, 0xe7, 0x1a, 0xa9, 0x25, 0xfa, 0x75, 0x7c, 0x59, 0xed, 0xbd, 0x4e, 0x27, 0x81, 0xe8, 0x64, |
|
| 2855 |
+ 0x2e, 0x79, 0x2b, 0x9a, 0xb0, 0x89, 0x4e, 0x38, 0x0a, 0x2a, 0x0a, 0xaa, 0x1a, 0x4f, 0xd7, 0xd4, |
|
| 2856 |
+ 0x4e, 0x73, 0x28, 0xd2, 0x81, 0x4a, 0x37, 0x30, 0x3d, 0xa1, 0x7a, 0x31, 0x16, 0xd5, 0xeb, 0x23, |
|
| 2857 |
+ 0x15, 0x7e, 0x90, 0xba, 0xfe, 0x3a, 0xdf, 0xaa, 0xca, 0xcf, 0x0f, 0x4d, 0xcf, 0x76, 0x59, 0xf0, |
|
| 2858 |
+ 0xe8, 0x6b, 0xbc, 0x48, 0x64, 0xb9, 0xe4, 0x7b, 0x0d, 0x6a, 0xbc, 0x70, 0xbf, 0xe0, 0x28, 0xbf, |
|
| 2859 |
+ 0x4b, 0x4c, 0xcf, 0xe2, 0x35, 0xa5, 0xf5, 0xa2, 0x8a, 0xa8, 0x56, 0xf4, 0x60, 0x7d, 0xc7, 0xf6, |
|
| 2860 |
+ 0x6c, 0xfc, 0x38, 0x0b, 0xf5, 0x4c, 0xdb, 0x8c, 0x5a, 0x4d, 0xde, 0x28, 0xfe, 0x63, 0xa3, 0x35, |
|
| 2861 |
+ 0x3b, 0xa9, 0xe6, 0x2e, 0x32, 0xa9, 0xe6, 0x9f, 0x33, 0xa9, 0xd2, 0x11, 0xbc, 0x30, 0x6d, 0x04, |
|
| 2862 |
+ 0x37, 0xfe, 0xd4, 0xe0, 0xa5, 0x69, 0x75, 0xba, 0x8a, 0x31, 0xd2, 0xcf, 0x8f, 0x91, 0xf7, 0x2f, |
|
| 2863 |
+ 0x31, 0x46, 0x26, 0x44, 0x3e, 0x65, 0x96, 0x9c, 0x69, 0xb0, 0x9a, 0xa1, 0x5c, 0x45, 0x7e, 0x5f, |
|
| 2864 |
+ 0xe4, 0xf3, 0x7b, 0xfb, 0xd2, 0xf9, 0x4d, 0x49, 0x09, 0x2f, 0xf7, 0xd5, 0x09, 0x37, 0xfa, 0x92, |
|
| 2865 |
+ 0x8b, 0xee, 0xc0, 0x74, 0x47, 0x17, 0xfa, 0xd5, 0x48, 0xca, 0xfb, 0x8f, 0x4d, 0x4b, 0x7c, 0x6c, |
|
| 2866 |
+ 0xba, 0x21, 0x9e, 0x7f, 0x02, 0x20, 0xdf, 0x42, 0xc5, 0x4a, 0xff, 0x1d, 0xc8, 0x9e, 0xad, 0xec, |
|
| 2867 |
+ 0x75, 0x2e, 0x16, 0xe7, 0x33, 0xfe, 0x5e, 0xc4, 0x5b, 0x67, 0x00, 0x34, 0xbb, 0x5d, 0xeb, 0xd5, |
|
| 2868 |
+ 0xd3, 0xdf, 0x37, 0x67, 0xce, 0xf0, 0xf9, 0x15, 0x9f, 0xef, 0x9e, 0x6e, 0x6a, 0xa7, 0xf8, 0x9c, |
|
| 2869 |
+ 0xe1, 0xf3, 0x04, 0x9f, 0x1f, 0xfe, 0xd8, 0x9c, 0xf9, 0x6c, 0xf6, 0x64, 0xf7, 0x9f, 0x00, 0x00, |
|
| 2870 |
+ 0x00, 0xff, 0xff, 0xf7, 0xe5, 0x0b, 0x39, 0x25, 0x0e, 0x00, 0x00, |
|
| 2868 | 2871 |
} |
| ... | ... |
@@ -90,6 +90,12 @@ message OAuthAuthorizeToken {
|
| 90 | 90 |
// UserUID is the unique UID associated with this token. UserUID and UserName must both match |
| 91 | 91 |
// for this token to be valid. |
| 92 | 92 |
optional string userUID = 8; |
| 93 |
+ |
|
| 94 |
+ // CodeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636 |
|
| 95 |
+ optional string codeChallenge = 9; |
|
| 96 |
+ |
|
| 97 |
+ // CodeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636 |
|
| 98 |
+ optional string codeChallengeMethod = 10; |
|
| 93 | 99 |
} |
| 94 | 100 |
|
| 95 | 101 |
// OAuthAuthorizeTokenList is a collection of OAuth authorization tokens |
| ... | ... |
@@ -11,7 +11,7 @@ const GroupName = "" |
| 11 | 11 |
var SchemeGroupVersion = unversioned.GroupVersion{Group: GroupName, Version: "v1"}
|
| 12 | 12 |
|
| 13 | 13 |
var ( |
| 14 |
- SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes, addConversionFuncs) |
|
| 14 |
+ SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes, addConversionFuncs, addDefaultingFuncs) |
|
| 15 | 15 |
AddToScheme = SchemeBuilder.AddToScheme |
| 16 | 16 |
) |
| 17 | 17 |
|
| ... | ... |
@@ -44,15 +44,17 @@ func (OAuthAccessTokenList) SwaggerDoc() map[string]string {
|
| 44 | 44 |
} |
| 45 | 45 |
|
| 46 | 46 |
var map_OAuthAuthorizeToken = map[string]string{
|
| 47 |
- "": "OAuthAuthorizeToken describes an OAuth authorization token", |
|
| 48 |
- "metadata": "Standard object's metadata.", |
|
| 49 |
- "clientName": "ClientName references the client that created this token.", |
|
| 50 |
- "expiresIn": "ExpiresIn is the seconds from CreationTime before this token expires.", |
|
| 51 |
- "scopes": "Scopes is an array of the requested scopes.", |
|
| 52 |
- "redirectURI": "RedirectURI is the redirection associated with the token.", |
|
| 53 |
- "state": "State data from request", |
|
| 54 |
- "userName": "UserName is the user name associated with this token", |
|
| 55 |
- "userUID": "UserUID is the unique UID associated with this token. UserUID and UserName must both match for this token to be valid.", |
|
| 47 |
+ "": "OAuthAuthorizeToken describes an OAuth authorization token", |
|
| 48 |
+ "metadata": "Standard object's metadata.", |
|
| 49 |
+ "clientName": "ClientName references the client that created this token.", |
|
| 50 |
+ "expiresIn": "ExpiresIn is the seconds from CreationTime before this token expires.", |
|
| 51 |
+ "scopes": "Scopes is an array of the requested scopes.", |
|
| 52 |
+ "redirectURI": "RedirectURI is the redirection associated with the token.", |
|
| 53 |
+ "state": "State data from request", |
|
| 54 |
+ "userName": "UserName is the user name associated with this token", |
|
| 55 |
+ "userUID": "UserUID is the unique UID associated with this token. UserUID and UserName must both match for this token to be valid.", |
|
| 56 |
+ "codeChallenge": "CodeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636", |
|
| 57 |
+ "codeChallengeMethod": "CodeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636", |
|
| 56 | 58 |
} |
| 57 | 59 |
|
| 58 | 60 |
func (OAuthAuthorizeToken) SwaggerDoc() map[string]string {
|
| ... | ... |
@@ -63,6 +63,12 @@ type OAuthAuthorizeToken struct {
|
| 63 | 63 |
// UserUID is the unique UID associated with this token. UserUID and UserName must both match |
| 64 | 64 |
// for this token to be valid. |
| 65 | 65 |
UserUID string `json:"userUID,omitempty" protobuf:"bytes,8,opt,name=userUID"` |
| 66 |
+ |
|
| 67 |
+ // CodeChallenge is the optional code_challenge associated with this authorization code, as described in rfc7636 |
|
| 68 |
+ CodeChallenge string `json:"codeChallenge,omitempty" protobuf:"bytes,9,opt,name=codeChallenge"` |
|
| 69 |
+ |
|
| 70 |
+ // CodeChallengeMethod is the optional code_challenge_method associated with this authorization code, as described in rfc7636 |
|
| 71 |
+ CodeChallengeMethod string `json:"codeChallengeMethod,omitempty" protobuf:"bytes,10,opt,name=codeChallengeMethod"` |
|
| 66 | 72 |
} |
| 67 | 73 |
|
| 68 | 74 |
// +genclient=true |
| ... | ... |
@@ -160,6 +160,7 @@ func Convert_api_OAuthAccessTokenList_To_v1_OAuthAccessTokenList(in *api.OAuthAc |
| 160 | 160 |
} |
| 161 | 161 |
|
| 162 | 162 |
func autoConvert_v1_OAuthAuthorizeToken_To_api_OAuthAuthorizeToken(in *OAuthAuthorizeToken, out *api.OAuthAuthorizeToken, s conversion.Scope) error {
|
| 163 |
+ SetDefaults_OAuthAuthorizeToken(in) |
|
| 163 | 164 |
if err := pkg_api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
|
| 164 | 165 |
return err |
| 165 | 166 |
} |
| ... | ... |
@@ -173,6 +174,8 @@ func autoConvert_v1_OAuthAuthorizeToken_To_api_OAuthAuthorizeToken(in *OAuthAuth |
| 173 | 173 |
out.State = in.State |
| 174 | 174 |
out.UserName = in.UserName |
| 175 | 175 |
out.UserUID = in.UserUID |
| 176 |
+ out.CodeChallenge = in.CodeChallenge |
|
| 177 |
+ out.CodeChallengeMethod = in.CodeChallengeMethod |
|
| 176 | 178 |
return nil |
| 177 | 179 |
} |
| 178 | 180 |
|
| ... | ... |
@@ -194,6 +197,8 @@ func autoConvert_api_OAuthAuthorizeToken_To_v1_OAuthAuthorizeToken(in *api.OAuth |
| 194 | 194 |
out.State = in.State |
| 195 | 195 |
out.UserName = in.UserName |
| 196 | 196 |
out.UserUID = in.UserUID |
| 197 |
+ out.CodeChallenge = in.CodeChallenge |
|
| 198 |
+ out.CodeChallengeMethod = in.CodeChallengeMethod |
|
| 197 | 199 |
return nil |
| 198 | 200 |
} |
| 199 | 201 |
|
| ... | ... |
@@ -123,6 +123,8 @@ func DeepCopy_v1_OAuthAuthorizeToken(in interface{}, out interface{}, c *convers
|
| 123 | 123 |
out.State = in.State |
| 124 | 124 |
out.UserName = in.UserName |
| 125 | 125 |
out.UserUID = in.UserUID |
| 126 |
+ out.CodeChallenge = in.CodeChallenge |
|
| 127 |
+ out.CodeChallengeMethod = in.CodeChallengeMethod |
|
| 126 | 128 |
return nil |
| 127 | 129 |
} |
| 128 | 130 |
} |
| ... | ... |
@@ -3,6 +3,7 @@ package validation |
| 3 | 3 |
import ( |
| 4 | 4 |
"fmt" |
| 5 | 5 |
"net/url" |
| 6 |
+ "regexp" |
|
| 6 | 7 |
"strings" |
| 7 | 8 |
|
| 8 | 9 |
"k8s.io/kubernetes/pkg/api/validation" |
| ... | ... |
@@ -74,6 +75,8 @@ func ValidateAccessTokenUpdate(newToken, oldToken *api.OAuthAccessToken) field.E |
| 74 | 74 |
return append(allErrs, validation.ValidateImmutableField(newToken, &copied, field.NewPath(""))...)
|
| 75 | 75 |
} |
| 76 | 76 |
|
| 77 |
+var codeChallengeRegex = regexp.MustCompile("^[a-zA-Z0-9._~-]{43,128}$")
|
|
| 78 |
+ |
|
| 77 | 79 |
func ValidateAuthorizeToken(authorizeToken *api.OAuthAuthorizeToken) field.ErrorList {
|
| 78 | 80 |
allErrs := validation.ValidateObjectMeta(&authorizeToken.ObjectMeta, false, ValidateTokenName, field.NewPath("metadata"))
|
| 79 | 81 |
allErrs = append(allErrs, ValidateClientNameField(authorizeToken.ClientName, field.NewPath("clientName"))...)
|
| ... | ... |
@@ -87,6 +90,24 @@ func ValidateAuthorizeToken(authorizeToken *api.OAuthAuthorizeToken) field.Error |
| 87 | 87 |
allErrs = append(allErrs, field.Invalid(field.NewPath("redirectURI"), authorizeToken.RedirectURI, msg))
|
| 88 | 88 |
} |
| 89 | 89 |
|
| 90 |
+ if len(authorizeToken.CodeChallenge) > 0 || len(authorizeToken.CodeChallengeMethod) > 0 {
|
|
| 91 |
+ switch {
|
|
| 92 |
+ case len(authorizeToken.CodeChallenge) == 0: |
|
| 93 |
+ allErrs = append(allErrs, field.Required(field.NewPath("codeChallenge"), "required if codeChallengeMethod is specified"))
|
|
| 94 |
+ case !codeChallengeRegex.MatchString(authorizeToken.CodeChallenge): |
|
| 95 |
+ allErrs = append(allErrs, field.Invalid(field.NewPath("codeChallenge"), authorizeToken.CodeChallenge, "must be 43-128 characters [a-zA-Z0-9.~_-]"))
|
|
| 96 |
+ } |
|
| 97 |
+ |
|
| 98 |
+ switch authorizeToken.CodeChallengeMethod {
|
|
| 99 |
+ case "": |
|
| 100 |
+ allErrs = append(allErrs, field.Required(field.NewPath("codeChallengeMethod"), "required if codeChallenge is specified"))
|
|
| 101 |
+ case "plain", "S256": |
|
| 102 |
+ // no-op, good |
|
| 103 |
+ default: |
|
| 104 |
+ allErrs = append(allErrs, field.NotSupported(field.NewPath("codeChallengeMethod"), authorizeToken.CodeChallengeMethod, []string{"plain", "S256"}))
|
|
| 105 |
+ } |
|
| 106 |
+ } |
|
| 107 |
+ |
|
| 90 | 108 |
return allErrs |
| 91 | 109 |
} |
| 92 | 110 |
|
| ... | ... |
@@ -123,6 +123,8 @@ func DeepCopy_api_OAuthAuthorizeToken(in interface{}, out interface{}, c *conver
|
| 123 | 123 |
out.State = in.State |
| 124 | 124 |
out.UserName = in.UserName |
| 125 | 125 |
out.UserUID = in.UserUID |
| 126 |
+ out.CodeChallenge = in.CodeChallenge |
|
| 127 |
+ out.CodeChallengeMethod = in.CodeChallengeMethod |
|
| 126 | 128 |
return nil |
| 127 | 129 |
} |
| 128 | 130 |
} |
| ... | ... |
@@ -185,11 +185,13 @@ func (s *storage) convertToAuthorizeToken(data *osin.AuthorizeData) (*api.OAuthA |
| 185 | 185 |
Name: data.Code, |
| 186 | 186 |
CreationTimestamp: unversioned.Time{Time: data.CreatedAt},
|
| 187 | 187 |
}, |
| 188 |
- ClientName: data.Client.GetId(), |
|
| 189 |
- ExpiresIn: int64(data.ExpiresIn), |
|
| 190 |
- Scopes: scope.Split(data.Scope), |
|
| 191 |
- RedirectURI: data.RedirectUri, |
|
| 192 |
- State: data.State, |
|
| 188 |
+ CodeChallenge: data.CodeChallenge, |
|
| 189 |
+ CodeChallengeMethod: data.CodeChallengeMethod, |
|
| 190 |
+ ClientName: data.Client.GetId(), |
|
| 191 |
+ ExpiresIn: int64(data.ExpiresIn), |
|
| 192 |
+ Scopes: scope.Split(data.Scope), |
|
| 193 |
+ RedirectURI: data.RedirectUri, |
|
| 194 |
+ State: data.State, |
|
| 193 | 195 |
} |
| 194 | 196 |
if err := s.user.ConvertToAuthorizeToken(data.UserData, token); err != nil {
|
| 195 | 197 |
return nil, err |
| ... | ... |
@@ -211,14 +213,16 @@ func (s *storage) convertFromAuthorizeToken(authorize *api.OAuthAuthorizeToken) |
| 211 | 211 |
} |
| 212 | 212 |
|
| 213 | 213 |
return &osin.AuthorizeData{
|
| 214 |
- Code: authorize.Name, |
|
| 215 |
- Client: &clientWrapper{authorize.ClientName, client},
|
|
| 216 |
- ExpiresIn: int32(authorize.ExpiresIn), |
|
| 217 |
- Scope: scope.Join(authorize.Scopes), |
|
| 218 |
- RedirectUri: authorize.RedirectURI, |
|
| 219 |
- State: authorize.State, |
|
| 220 |
- CreatedAt: authorize.CreationTimestamp.Time, |
|
| 221 |
- UserData: user, |
|
| 214 |
+ Code: authorize.Name, |
|
| 215 |
+ CodeChallenge: authorize.CodeChallenge, |
|
| 216 |
+ CodeChallengeMethod: authorize.CodeChallengeMethod, |
|
| 217 |
+ Client: &clientWrapper{authorize.ClientName, client},
|
|
| 218 |
+ ExpiresIn: int32(authorize.ExpiresIn), |
|
| 219 |
+ Scope: scope.Join(authorize.Scopes), |
|
| 220 |
+ RedirectUri: authorize.RedirectURI, |
|
| 221 |
+ State: authorize.State, |
|
| 222 |
+ CreatedAt: authorize.CreationTimestamp.Time, |
|
| 223 |
+ UserData: user, |
|
| 222 | 224 |
}, nil |
| 223 | 225 |
} |
| 224 | 226 |
|