Skip to content
This repository has been archived by the owner on Nov 16, 2022. It is now read-only.

Commit

Permalink
Revert "KEYCLOAK-16488 Add AuthZ settings to client CRD"
Browse files Browse the repository at this point in the history
This reverts commit d5fb27b.

(cherry picked from commit 4d46a87)
  • Loading branch information
slaskawi committed Jan 7, 2021
1 parent d9c19ba commit fb67471
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 1,080 deletions.
342 changes: 0 additions & 342 deletions deploy/crds/keycloak.org_keycloakclients_crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,348 +47,6 @@ spec:
type: string
description: Client Attributes.
type: object
authorizationServicesEnabled:
description: True if fine-grained authorization support is enabled
for this client.
type: boolean
authorizationSettings:
description: Authorization settings for this resource server.
properties:
allowRemoteResourceManagement:
description: True if resources should be managed remotely by
the resource server.
type: boolean
clientId:
description: Client ID.
type: string
decisionStrategy:
description: The decision strategy dictates how permissions
are evaluated and how a final decision is obtained. 'Affirmative'
means that at least one permission must evaluate to a positive
decision in order to grant access to a resource and its scopes.
'Unanimous' means that all permissions must evaluate to a
positive decision in order for the final decision to be also
positive.
type: string
id:
description: ID.
type: string
name:
description: Name.
type: string
policies:
description: Policies.
items:
properties:
config:
additionalProperties:
type: string
description: Config.
type: object
decisionStrategy:
description: The decision strategy dictates how the policies
associated with a given permission are evaluated and
how a final decision is obtained. 'Affirmative' means
that at least one policy must evaluate to a positive
decision in order for the final decision to be also
positive. 'Unanimous' means that all policies must evaluate
to a positive decision in order for the final decision
to be also positive. 'Consensus' means that the number
of positive decisions must be greater than the number
of negative decisions. If the number of positive and
negative is the same, the final decision will be negative.
type: string
description:
description: A description for this policy.
type: string
id:
description: ID.
type: string
logic:
description: The logic dictates how the policy decision
should be made. If 'Positive', the resulting effect
(permit or deny) obtained during the evaluation of this
policy will be used to perform a decision. If 'Negative',
the resulting effect will be negated, in other words,
a permit becomes a deny and vice-versa.
type: string
name:
description: The name of this policy.
type: string
owner:
description: Owner.
type: string
policies:
description: Policies.
items:
type: string
type: array
resources:
description: Resources.
items:
type: string
type: array
resourcesData:
description: Resources Data.
items:
properties:
_id:
description: ID.
type: string
attributes:
additionalProperties:
type: string
description: The attributes associated with the
resource.
type: object
displayName:
description: A unique name for this resource. The
name can be used to uniquely identify a resource,
useful when querying for a specific resource.
type: string
icon_uri:
description: An URI pointing to an icon.
type: string
name:
description: A unique name for this resource. The
name can be used to uniquely identify a resource,
useful when querying for a specific resource.
type: string
ownerManagedAccess:
description: True if the access to this resource
can be managed by the resource owner.
type: boolean
scopes:
description: The scopes associated with this resource.
items: {}
type: array
type:
description: The type of this resource. It can be
used to group different resource instances with
the same type.
type: string
uris:
description: Set of URIs which are protected by
resource.
items:
type: string
type: array
type: object
type: array
scopes:
description: Scopes.
items:
type: string
type: array
scopesData:
description: Scopes Data.
items:
properties:
displayName:
description: A unique name for this scope. The name
can be used to uniquely identify a scope, useful
when querying for a specific scope.
type: string
iconUri:
description: An URI pointing to an icon.
type: string
id:
description: ID.
type: string
name:
description: A unique name for this scope. The name
can be used to uniquely identify a scope, useful
when querying for a specific scope.
type: string
policies:
description: Policies.
items: {}
type: array
resources:
description: Resources.
items:
properties:
_id:
description: ID.
type: string
attributes:
additionalProperties:
type: string
description: The attributes associated with
the resource.
type: object
displayName:
description: A unique name for this resource.
The name can be used to uniquely identify
a resource, useful when querying for a specific
resource.
type: string
icon_uri:
description: An URI pointing to an icon.
type: string
name:
description: A unique name for this resource.
The name can be used to uniquely identify
a resource, useful when querying for a specific
resource.
type: string
ownerManagedAccess:
description: True if the access to this resource
can be managed by the resource owner.
type: boolean
scopes:
description: The scopes associated with this
resource.
items: {}
type: array
type:
description: The type of this resource. It
can be used to group different resource
instances with the same type.
type: string
uris:
description: Set of URIs which are protected
by resource.
items:
type: string
type: array
type: object
type: array
type: object
type: array
type:
description: Type.
type: string
type: object
type: array
policyEnforcementMode:
description: The policy enforcement mode dictates how policies
are enforced when evaluating authorization requests. 'Enforcing'
means requests are denied by default even when there is no
policy associated with a given resource. 'Permissive' means
requests are allowed even when there is no policy associated
with a given resource. 'Disabled' completely disables the
evaluation of policies and allows access to any resource.
type: string
resources:
description: Resources.
items:
properties:
_id:
description: ID.
type: string
attributes:
additionalProperties:
type: string
description: The attributes associated with the resource.
type: object
displayName:
description: A unique name for this resource. The name
can be used to uniquely identify a resource, useful
when querying for a specific resource.
type: string
icon_uri:
description: An URI pointing to an icon.
type: string
name:
description: A unique name for this resource. The name
can be used to uniquely identify a resource, useful
when querying for a specific resource.
type: string
ownerManagedAccess:
description: True if the access to this resource can be
managed by the resource owner.
type: boolean
scopes:
description: The scopes associated with this resource.
items: {}
type: array
type:
description: The type of this resource. It can be used
to group different resource instances with the same
type.
type: string
uris:
description: Set of URIs which are protected by resource.
items:
type: string
type: array
type: object
type: array
scopes:
description: Authorization Scopes.
items:
properties:
displayName:
description: A unique name for this scope. The name can
be used to uniquely identify a scope, useful when querying
for a specific scope.
type: string
iconUri:
description: An URI pointing to an icon.
type: string
id:
description: ID.
type: string
name:
description: A unique name for this scope. The name can
be used to uniquely identify a scope, useful when querying
for a specific scope.
type: string
policies:
description: Policies.
items: {}
type: array
resources:
description: Resources.
items:
properties:
_id:
description: ID.
type: string
attributes:
additionalProperties:
type: string
description: The attributes associated with the
resource.
type: object
displayName:
description: A unique name for this resource. The
name can be used to uniquely identify a resource,
useful when querying for a specific resource.
type: string
icon_uri:
description: An URI pointing to an icon.
type: string
name:
description: A unique name for this resource. The
name can be used to uniquely identify a resource,
useful when querying for a specific resource.
type: string
ownerManagedAccess:
description: True if the access to this resource
can be managed by the resource owner.
type: boolean
scopes:
description: The scopes associated with this resource.
items: {}
type: array
type:
description: The type of this resource. It can be
used to group different resource instances with
the same type.
type: string
uris:
description: Set of URIs which are protected by
resource.
items:
type: string
type: array
type: object
type: array
type: object
type: array
type: object
baseUrl:
description: Application base URL.
type: string
Expand Down
Loading

0 comments on commit fb67471

Please sign in to comment.