pub enum Oauth2Opt {
Show 31 variants
List(CommonOpt),
Get(Named),
CreateBasic {
name: String,
displayname: String,
origin: String,
copt: CommonOpt,
},
CreatePublic {
name: String,
displayname: String,
origin: String,
copt: CommonOpt,
},
UpdateScopeMap(Oauth2CreateScopeMapOpt),
DeleteScopeMap(Oauth2DeleteScopeMapOpt),
UpdateSupScopeMap(Oauth2CreateScopeMapOpt),
DeleteSupScopeMap(Oauth2DeleteScopeMapOpt),
UpdateClaimMap {
copt: CommonOpt,
name: String,
claim_name: String,
group: String,
values: Vec<String>,
},
UpdateClaimMapJoin {
copt: CommonOpt,
name: String,
claim_name: String,
join: Oauth2ClaimMapJoin,
},
DeleteClaimMap {
copt: CommonOpt,
name: String,
claim_name: String,
group: String,
},
ResetSecrets(Named),
ShowBasicSecret(Named),
Delete(Named),
SetDisplayname(Oauth2SetDisplayname),
SetName {
nopt: Named,
name: String,
},
SetLandingUrl {
nopt: Named,
url: Url,
},
SetImage {
nopt: Named,
path: PathBuf,
image_type: Option<ImageType>,
},
RemoveImage(Named),
AddOrigin {
name: String,
origin: Url,
copt: CommonOpt,
},
RemoveOrigin {
name: String,
origin: Url,
copt: CommonOpt,
},
EnablePkce(Named),
DisablePkce(Named),
EnableLegacyCrypto(Named),
DisableLegacyCrypto(Named),
EnableStrictRedirectUri {
name: String,
copt: CommonOpt,
},
DisableStrictRedirectUri {
name: String,
copt: CommonOpt,
},
EnablePublicLocalhost {
copt: CommonOpt,
name: String,
},
DisablePublicLocalhost {
copt: CommonOpt,
name: String,
},
PreferShortUsername(Named),
PreferSPNUsername(Named),
}
Variants§
List(CommonOpt)
List all configured oauth2 clients
Get(Named)
Display a selected oauth2 client
CreateBasic
Create a new oauth2 confidential client that is protected by basic auth.
CreatePublic
Create a new OAuth2 public client that requires PKCE. You should prefer using confidential client types if possible over public ones.
Public clients have many limitations and can not access all API’s of OAuth2. For example rfc7662 token introspection requires client authentication.
UpdateScopeMap(Oauth2CreateScopeMapOpt)
Update or add a new mapping from a group to scopes that it provides to members
DeleteScopeMap(Oauth2DeleteScopeMapOpt)
Remove a mapping from groups to scopes
UpdateSupScopeMap(Oauth2CreateScopeMapOpt)
Update or add a new mapping from a group to scopes that it provides to members
DeleteSupScopeMap(Oauth2DeleteScopeMapOpt)
Remove a mapping from groups to scopes
UpdateClaimMap
Update or add a new mapping from a group to custom claims that it provides to members
UpdateClaimMapJoin
Fields
join: Oauth2ClaimMapJoin
The join strategy. Valid values are csv (comma separated value), ssv (space separated value) and array.
DeleteClaimMap
Remove a mapping from groups to a custom claim
ResetSecrets(Named)
Reset the secrets associated to this client
ShowBasicSecret(Named)
Show the associated basic secret for this client
Delete(Named)
Delete a oauth2 client
SetDisplayname(Oauth2SetDisplayname)
Set a new display name for a client
SetName
Set a new name for this client. You may need to update your integrated applications after this so that they continue to function correctly.
SetLandingUrl
The landing URL is the default origin of the OAuth2 client. Additionally, this landing URL is the target when Kanidm redirects the user from the apps listing page.
SetImage
The image presented on the Kanidm Apps Listing page for an OAuth2 resource server.
Fields
RemoveImage(Named)
Removes the custom image previously set.
AddOrigin
Add a supplemental URL as a redirection target. For example a phone app
may use a redirect URL such as app://my-cool-app
to trigger a native
redirection event out of a browser.
RemoveOrigin
Remove a supplemental redirect URL from the OAuth2 client configuration.
EnablePkce(Named)
Enable PKCE on this oauth2 client. This defaults to being enabled.
DisablePkce(Named)
Disable PKCE on this oauth2 client to work around insecure clients that may not support it. You should request the client to enable PKCE!
EnableLegacyCrypto(Named)
Enable legacy signing crypto on this oauth2 client. This defaults to being disabled. You only need to enable this for openid clients that do not support modern cryptographic operations.
DisableLegacyCrypto(Named)
Disable legacy signing crypto on this oauth2 client. This is the default.
EnableStrictRedirectUri
Enable strict validation of redirect URLs. Previously redirect URLs only validated the origin of the URL matched. When enabled, redirect URLs must match exactly.
DisableStrictRedirectUri
EnablePublicLocalhost
Allow public clients to redirect to localhost.
DisablePublicLocalhost
Disable public clients redirecting to localhost.
PreferShortUsername(Named)
Use the ‘name’ attribute instead of ‘spn’ for the preferred_username
PreferSPNUsername(Named)
Use the ‘spn’ attribute instead of ‘name’ for the preferred_username
Implementations§
Trait Implementations§
source§impl FromArgMatches for Oauth2Opt
impl FromArgMatches for Oauth2Opt
source§fn from_arg_matches(__clap_arg_matches: &ArgMatches) -> Result<Self, Error>
fn from_arg_matches(__clap_arg_matches: &ArgMatches) -> Result<Self, Error>
source§fn from_arg_matches_mut(
__clap_arg_matches: &mut ArgMatches,
) -> Result<Self, Error>
fn from_arg_matches_mut( __clap_arg_matches: &mut ArgMatches, ) -> Result<Self, Error>
source§fn update_from_arg_matches(
&mut self,
__clap_arg_matches: &ArgMatches,
) -> Result<(), Error>
fn update_from_arg_matches( &mut self, __clap_arg_matches: &ArgMatches, ) -> Result<(), Error>
ArgMatches
to self
.source§fn update_from_arg_matches_mut<'b>(
&mut self,
__clap_arg_matches: &mut ArgMatches,
) -> Result<(), Error>
fn update_from_arg_matches_mut<'b>( &mut self, __clap_arg_matches: &mut ArgMatches, ) -> Result<(), Error>
ArgMatches
to self
.source§impl Subcommand for Oauth2Opt
impl Subcommand for Oauth2Opt
source§fn augment_subcommands<'b>(__clap_app: Command) -> Command
fn augment_subcommands<'b>(__clap_app: Command) -> Command
source§fn augment_subcommands_for_update<'b>(__clap_app: Command) -> Command
fn augment_subcommands_for_update<'b>(__clap_app: Command) -> Command
Command
] so it can instantiate self
via
[FromArgMatches::update_from_arg_matches_mut
] Read moresource§fn has_subcommand(__clap_name: &str) -> bool
fn has_subcommand(__clap_name: &str) -> bool
Self
can parse a specific subcommandAuto Trait Implementations§
impl Freeze for Oauth2Opt
impl RefUnwindSafe for Oauth2Opt
impl Send for Oauth2Opt
impl Sync for Oauth2Opt
impl Unpin for Oauth2Opt
impl UnwindSafe for Oauth2Opt
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more