updated

codeready-toolchain · Sep 7, 2023 · ed29c3b · ed29c3b
1 parent e89c2c1
commit ed29c3b
Show file tree

Hide file tree

Showing 5 changed files with 79 additions and 21 deletions.
diff --git a/api/v1alpha1/masteruserrecord_types.go b/api/v1alpha1/masteruserrecord_types.go
@@ -80,6 +80,10 @@ type MasterUserRecordSpec struct {
 	// temporarily marked as optional until the migration took place (CRT-1321)
 	// +optional
 	TierName string `json:"tierName,omitempty"`
+
+	// PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to
+	// be "propagated" down the resource dependency chain
+	PropagatedClaims PropagatedClaims `json:"propagatedClaims,omitempty"`
 }
 
 type UserAccountEmbedded struct {

diff --git a/api/v1alpha1/useraccount_types.go b/api/v1alpha1/useraccount_types.go
@@ -44,6 +44,10 @@ type UserAccountSpec struct {
 	// a new IdP provider client, and contains the user's "original-sub" claim
 	// +optional
 	OriginalSub string `json:"originalSub,omitempty"`
+
+	// PropagatedClaims contains a selection of claim values from the SSO Identity Provider which are intended to
+	// be "propagated" down the resource dependency chain
+	PropagatedClaims PropagatedClaims `json:"propagatedClaims,omitempty"`
 }
 
 // UserAccountStatus defines the observed state of UserAccount

diff --git a/api/v1alpha1/usersignup_types.go b/api/v1alpha1/usersignup_types.go
@@ -197,20 +197,21 @@ type UserSignupSpec struct {
 	OriginalSub string `json:"originalSub,omitempty"`
 
 	// IdentityClaims contains as-is claim values extracted from the user's access token
-	IdentityClaims IdentityClaimsEmbedded `json:"identitytokenClaims,omitempty"`
+	IdentityClaims IdentityClaimsEmbedded `json:"identityClaims,omitempty"`
 }
 
 // IdentityClaimsEmbedded is used to define a set of SSO claim values that we are interested in storing
 // +k8s:openapi-gen=true
 type IdentityClaimsEmbedded struct {
+
+	// PropagatedClaims
+	PropagatedClaims PropagatedClaims `json:",inline"`
+
 	// Sub contains the value of the 'sub' claim
 	Sub string `json:"sub,omitempty"`
 
-	// UserID contains the value of the 'user_id' claim
-	UserID string `json:"userID,omitempty"`
-
-	// AccountID contains the value of the 'account_id' claim
-	AccountID string `json:"accountID,omitempty"`
+	// Email contains the user's email address
+	Email string `json:"email,omitempty"`
 
 	// GivenName contains the value of the 'given_name' claim
 	// +optional
@@ -223,6 +224,14 @@ type IdentityClaimsEmbedded struct {
 	// Company contains the value of the 'company' claim
 	// +optional
 	Company string `json:"company,omitempty"`
+}
+
+type PropagatedClaims struct {
+	// UserID contains the value of the 'user_id' claim
+	UserID string `json:"userID,omitempty"`
+
+	// AccountID contains the value of the 'account_id' claim
+	AccountID string `json:"accountID,omitempty"`
 
 	// OriginalSub is an optional property temporarily introduced for the purpose of migrating the users to
 	// a new IdP provider client, and contains the user's "original-sub" claim

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go