diff --git a/api/v1beta3/auth_config_types.go b/api/v1beta3/auth_config_types.go index db2bbb2d..31424185 100644 --- a/api/v1beta3/auth_config_types.go +++ b/api/v1beta3/auth_config_types.go @@ -164,9 +164,7 @@ type PatternExpression struct { Value string `json:"value,omitempty"` } -type CelExpression struct { - Expression string `json:"expression,omitempty"` -} +type CelExpression string type CelPredicate struct { Predicate string `json:"predicate,omitempty"` @@ -208,7 +206,7 @@ type ValueOrSelector struct { // The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. Selector string `json:"selector,omitempty"` - Expression CelExpression `json:",omitempty"` + Expression CelExpression `json:"expression,omitempty"` } type CommonEvaluatorSpec struct { @@ -413,7 +411,7 @@ type PlainIdentitySpec struct { // The following Authorino custom modifiers are supported: @extract:{sep:" ",pos:0}, @replace{old:"",new:""}, @case:upper|lower, @base64:encode|decode and @strip. Selector string `json:"selector"` - Expression CelExpression `json:",omitempty"` + Expression CelExpression `json:"expression,omitempty"` } type AnonymousAccessSpec struct{} @@ -451,7 +449,7 @@ type HttpEndpointSpec struct { // E.g. https://ext-auth-server.io/metadata?p={request.path} Url string `json:"url"` - UrlExpression CelExpression `json:",omitempty"` + UrlExpression CelExpression `json:"urlExpression,omitempty"` // HTTP verb used in the request to the service. Accepted values: GET (default), POST. // When the request method is POST, the authorization JSON is passed in the body of the request. diff --git a/api/v1beta3/zz_generated.deepcopy.go b/api/v1beta3/zz_generated.deepcopy.go index 1f89a632..cbc7f560 100644 --- a/api/v1beta3/zz_generated.deepcopy.go +++ b/api/v1beta3/zz_generated.deepcopy.go @@ -481,21 +481,6 @@ func (in *CallbackSpec) DeepCopy() *CallbackSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CelExpression) DeepCopyInto(out *CelExpression) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CelExpression. -func (in *CelExpression) DeepCopy() *CelExpression { - if in == nil { - return nil - } - out := new(CelExpression) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CelPredicate) DeepCopyInto(out *CelPredicate) { *out = *in @@ -697,7 +682,6 @@ func (in *HeaderSuccessResponseSpec) DeepCopy() *HeaderSuccessResponseSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HttpEndpointSpec) DeepCopyInto(out *HttpEndpointSpec) { *out = *in - out.UrlExpression = in.UrlExpression if in.Method != nil { in, out := &in.Method, &out.Method *out = new(HttpMethod) @@ -1116,7 +1100,6 @@ func (in *PatternRef) DeepCopy() *PatternRef { func (in *PlainAuthResponseSpec) DeepCopyInto(out *PlainAuthResponseSpec) { *out = *in in.Value.DeepCopyInto(&out.Value) - out.Expression = in.Expression } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlainAuthResponseSpec. @@ -1132,7 +1115,6 @@ func (in *PlainAuthResponseSpec) DeepCopy() *PlainAuthResponseSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PlainIdentitySpec) DeepCopyInto(out *PlainIdentitySpec) { *out = *in - out.Expression = in.Expression } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlainIdentitySpec. @@ -1321,7 +1303,6 @@ func (in *UserInfoMetadataSpec) DeepCopy() *UserInfoMetadataSpec { func (in *ValueOrSelector) DeepCopyInto(out *ValueOrSelector) { *out = *in in.Value.DeepCopyInto(&out.Value) - out.Expression = in.Expression } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValueOrSelector. diff --git a/controllers/auth_config_controller.go b/controllers/auth_config_controller.go index 90977ba2..eb358ce5 100644 --- a/controllers/auth_config_controller.go +++ b/controllers/auth_config_controller.go @@ -183,8 +183,8 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf for identityCfgName, identity := range authConfigIdentityConfigs { extendedProperties := make([]evaluators.IdentityExtension, len(identity.Defaults)+len(identity.Overrides)) for propertyName, property := range identity.Defaults { - if property.Expression.Expression != "" { - if expression, err := cel.NewExpression(property.Expression.Expression); err == nil { + if property.Expression != "" { + if expression, err := cel.NewExpression(string(property.Expression)); err == nil { extendedProperties = append(extendedProperties, evaluators.NewIdentityExtension(propertyName, expression, false)) } else { return nil, err @@ -197,8 +197,8 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf } } for propertyName, property := range identity.Overrides { - if property.Expression.Expression != "" { - if expression, err := cel.NewExpression(property.Expression.Expression); err == nil { + if property.Expression != "" { + if expression, err := cel.NewExpression(string(property.Expression)); err == nil { extendedProperties = append(extendedProperties, evaluators.NewIdentityExtension(propertyName, expression, true)) } else { return nil, err @@ -298,12 +298,12 @@ func (r *AuthConfigReconciler) translateAuthConfig(ctx context.Context, authConf } case api.PlainIdentityAuthentication: - if identity.Plain.Expression.Expression != "" { - expression, err := cel.NewStringExpression(identity.Plain.Expression.Expression) + if identity.Plain.Expression != "" { + expression, err := cel.NewStringExpression(string(identity.Plain.Expression)) if err != nil { return nil, err } - translatedIdentity.Plain = &identity_evaluators.Plain{Value: expression, Pattern: identity.Plain.Expression.Expression} + translatedIdentity.Plain = &identity_evaluators.Plain{Value: expression, Pattern: string(identity.Plain.Expression)} } else { translatedIdentity.Plain = &identity_evaluators.Plain{Value: &json.JSONValue{Pattern: identity.Plain.Selector}, Pattern: identity.Plain.Selector} } @@ -921,8 +921,8 @@ func (r *AuthConfigReconciler) buildGenericHttpEvaluator(ctx context.Context, ht } var dynamicEndpoint expressions.Value - if http.UrlExpression.Expression != "" { - endpoint, err := cel.NewStringExpression(http.UrlExpression.Expression) + if http.UrlExpression != "" { + endpoint, err := cel.NewStringExpression(string(http.UrlExpression)) if err != nil { return nil, err } else { @@ -1074,9 +1074,9 @@ func getJsonFromStaticDynamic(value *api.ValueOrSelector) (expressions.Value, er if value == nil { return nil, nil } - - if value.Expression.Expression != "" { - return cel.NewExpression(value.Expression.Expression) + expression := string(value.Expression) + if expression != "" { + return cel.NewExpression(expression) } return &json.JSONValue{ diff --git a/install/crd/authorino.kuadrant.io_authconfigs.yaml b/install/crd/authorino.kuadrant.io_authconfigs.yaml index 6f03a31d..5d7f18c3 100644 --- a/install/crd/authorino.kuadrant.io_authconfigs.yaml +++ b/install/crd/authorino.kuadrant.io_authconfigs.yaml @@ -3011,8 +3011,6 @@ spec: - name type: object type: object - expression: - type: string headers: additionalProperties: properties: @@ -3125,6 +3123,8 @@ spec: by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. E.g. https://ext-auth-server.io/metadata?p={request.path} type: string + urlExpression: + type: string required: - url type: object @@ -3477,8 +3477,6 @@ spec: - name type: object type: object - expression: - type: string headers: additionalProperties: properties: @@ -3587,6 +3585,8 @@ spec: by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. E.g. https://ext-auth-server.io/metadata?p={request.path} type: string + urlExpression: + type: string required: - url type: object @@ -3780,8 +3780,6 @@ spec: - name type: object type: object - expression: - type: string headers: additionalProperties: properties: @@ -3890,6 +3888,8 @@ spec: by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. E.g. https://ext-auth-server.io/metadata?p={request.path} type: string + urlExpression: + type: string required: - url type: object diff --git a/install/manifests.yaml b/install/manifests.yaml index ef9eb525..d8ec8689 100644 --- a/install/manifests.yaml +++ b/install/manifests.yaml @@ -3319,8 +3319,6 @@ spec: - name type: object type: object - expression: - type: string headers: additionalProperties: properties: @@ -3433,6 +3431,8 @@ spec: by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. E.g. https://ext-auth-server.io/metadata?p={request.path} type: string + urlExpression: + type: string required: - url type: object @@ -3833,8 +3833,6 @@ spec: - name type: object type: object - expression: - type: string headers: additionalProperties: properties: @@ -3943,6 +3941,8 @@ spec: by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. E.g. https://ext-auth-server.io/metadata?p={request.path} type: string + urlExpression: + type: string required: - url type: object @@ -4149,8 +4149,6 @@ spec: - name type: object type: object - expression: - type: string headers: additionalProperties: properties: @@ -4259,6 +4257,8 @@ spec: by https://pkg.go.dev/github.com/tidwall/gjson and selects value from the authorization JSON. E.g. https://ext-auth-server.io/metadata?p={request.path} type: string + urlExpression: + type: string required: - url type: object