diff --git a/crate-hashes.json b/crate-hashes.json index 0c14db8c..a7ddcc2d 100644 --- a/crate-hashes.json +++ b/crate-hashes.json @@ -4,14 +4,5 @@ "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-derive@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube-runtime@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", "git+https://github.com/kube-rs/kube-rs?rev=fe69cc486ff8e62a7da61d64ec3ebbd9e64c43b5#kube@3.0.1": "1irm4g79crlxjm3iqrgvx0f6wxdcj394ky84q89pk9i36y2mlw3n", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#k8s-version@0.1.3": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-certs@0.4.0": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-operator-derive@0.3.1": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-operator@0.108.0": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-shared@0.1.0": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-telemetry@0.6.2": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-versioned-macros@0.8.3": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-versioned@0.8.3": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", - "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.108.0#stackable-webhook@0.9.0": "08ahxagis53c7bxnj53xgzv5l619av1lwfc67cswrsp2wcakzns3", "git+https://github.com/stackabletech/product-config.git?tag=0.8.0#product-config@0.8.0": "1dz70kapm2wdqcr7ndyjji0lhsl98bsq95gnb2lw487wf6yr7987" } \ No newline at end of file diff --git a/rust/operator-binary/src/authentication/oidc.rs b/rust/operator-binary/src/authentication/oidc.rs index c0c1912e..761bb9b0 100644 --- a/rust/operator-binary/src/authentication/oidc.rs +++ b/rust/operator-binary/src/authentication/oidc.rs @@ -63,6 +63,18 @@ fn add_authenticator_config( "druid.auth.pac4j.oidc.scope".to_string(), Some(scopes.join(" ")), ); + + // Serialize the enum to get the snake_case string representation + let method_string = + serde_json::to_value(oidc.client_authentication_method).expect("serializing ClientAuthenticationMethod to string"); + let method_string = method_string + .as_str() + .expect("ClientAuthenticationMethod should serialize to a string"); + config.insert( + "druid.auth.pac4j.oidc.clientAuthenticationMethod".to_string(), + Some(method_string.to_string()), + ); + config.insert( "druid.auth.authenticatorChain".to_string(), Some(r#"["DruidSystemAuthenticator", "Oidc"]"#.to_string()), @@ -184,11 +196,12 @@ mod tests { }, "preferred_username".to_owned(), vec!["openid".to_owned()], - None, + Some(oidc::v1alpha1::IdentityProviderHint::Keycloak), ); let oidc = oidc::v1alpha1::ClientAuthenticationOptions { client_credentials_secret_ref: "nifi-keycloak-client".to_owned(), extra_scopes: vec![], + client_authentication_method: oidc::v1alpha1::ClientAuthenticationMethod::ClientSecretPost, product_specific_fields: (), }; @@ -223,6 +236,10 @@ mod tests { )) ); + assert_eq!( + properties.get("druid.auth.pac4j.oidc.clientAuthenticationMethod"), + Some(&Some("client_secret_post".to_owned())) + ); assert!(properties.contains_key("druid.auth.pac4j.oidc.clientID")); assert!(properties.contains_key("druid.auth.pac4j.oidc.clientSecret")); assert!(properties.contains_key("druid.auth.pac4j.cookiePassphrase")); diff --git a/rust/operator-binary/src/crd/authentication.rs b/rust/operator-binary/src/crd/authentication.rs index e8a3ea81..df0e963b 100644 --- a/rust/operator-binary/src/crd/authentication.rs +++ b/rust/operator-binary/src/crd/authentication.rs @@ -701,12 +701,12 @@ zookeeperConfigMapName: zk-config-map .cloned() .ok_or_else(|| stackable_operator::client::Error::ListResources { source: kube::Error::Api(Box::new(kube::core::Status { - status: None, code: 404, - message: "AuthenticationClass not found".to_owned(), - metadata: None, - reason: "NotFound".to_owned(), + message: "AuthenticationClass not found".into(), + reason: "NotFound".into(), + status: Some(kube::core::response::StatusSummary::Failure), details: None, + metadata: Default::default(), })), }) }) diff --git a/rust/operator-binary/src/extensions.rs b/rust/operator-binary/src/extensions.rs index 00165d94..dcb1d4f4 100644 --- a/rust/operator-binary/src/extensions.rs +++ b/rust/operator-binary/src/extensions.rs @@ -119,7 +119,8 @@ mod tests { oidc: oidc::v1alpha1::ClientAuthenticationOptions { client_credentials_secret_ref: "".to_string(), extra_scopes: vec![], - product_specific_fields: (), + client_authentication_method: Default::default(), + product_specific_fields: () } }] })