diff --git a/api/v1alpha1/oidc_types.go b/api/v1alpha1/oidc_types.go index de05eb1678..9d79f08730 100644 --- a/api/v1alpha1/oidc_types.go +++ b/api/v1alpha1/oidc_types.go @@ -155,4 +155,25 @@ type OIDCCookieNames struct { // If not specified, defaults to "IdToken-(randomly generated uid)" // +optional IDToken *string `json:"idToken,omitempty"` + // The name of the cookie used to store the RefreshToken in the + // [Refresh Request](https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokens). + // If not specified, defaults to "RefreshToken-(randomly generated uid)" + // +optional + // +notImplementedHide + RefreshToken *string `json:"refreshToken,omitempty"` + // The name of the cookie used to store the expiry time of the OAuth tokens. + // If not specified, defaults to "OauthExpires-(randomly generated uid)" + // +optional + // +notImplementedHide + OauthExpires *string `json:"oauthExpires,omitempty"` + // The name of the cookie used to store the nonce value used to generate OAuth tokens. + // If not specified, defaults to "OauthNonce-(randomly generated uid)" + // +optional + // +notImplementedHide + OauthNonce *string `json:"oauthNonce,omitempty"` + // The name of the cookie used to store the HMAC of OAuth tokens. + // If not specified, defaults to "OauthHMAC-(randomly generated uid)" + // +optional + // +notImplementedHide + OauthHMAC *string `json:"oauthHMAC,omitempty"` } diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 2ef356c263..d36b8d1512 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -4219,6 +4219,26 @@ func (in *OIDCCookieNames) DeepCopyInto(out *OIDCCookieNames) { *out = new(string) **out = **in } + if in.RefreshToken != nil { + in, out := &in.RefreshToken, &out.RefreshToken + *out = new(string) + **out = **in + } + if in.OauthExpires != nil { + in, out := &in.OauthExpires, &out.OauthExpires + *out = new(string) + **out = **in + } + if in.OauthNonce != nil { + in, out := &in.OauthNonce, &out.OauthNonce + *out = new(string) + **out = **in + } + if in.OauthHMAC != nil { + in, out := &in.OauthHMAC, &out.OauthHMAC + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCCookieNames. diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_securitypolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_securitypolicies.yaml index 4188b7a41b..c3cf160260 100644 --- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_securitypolicies.yaml +++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_securitypolicies.yaml @@ -3527,6 +3527,27 @@ spec: [Authentication Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest). If not specified, defaults to "IdToken-(randomly generated uid)" type: string + oauthExpires: + description: |- + The name of the cookie used to store the expiry time of the OAuth tokens. + If not specified, defaults to "OauthExpires-(randomly generated uid)" + type: string + oauthHMAC: + description: |- + The name of the cookie used to store the HMAC of OAuth tokens. + If not specified, defaults to "OauthHMAC-(randomly generated uid)" + type: string + oauthNonce: + description: |- + The name of the cookie used to store the nonce value used to generate OAuth tokens. + If not specified, defaults to "OauthNonce-(randomly generated uid)" + type: string + refreshToken: + description: |- + The name of the cookie used to store the RefreshToken in the + [Refresh Request](https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokens). + If not specified, defaults to "RefreshToken-(randomly generated uid)" + type: string type: object defaultRefreshTokenTTL: description: |-