minimal roundtripping change

pkg/oauth/apis/oauth/types.go

@@ -35,6 +35,11 @@ type OAuthAccessToken struct {
 
 	// RefreshToken is the value by which this token can be renewed. Can be blank.
 	RefreshToken string
+
+	// InactivityTimeoutSeconds is the value in seconds, from the
+	// CreationTimestamp, after which this token can no longer be used.
+	// The value is automatically incremented when the token is used.
+	InactivityTimeoutSeconds int32
 }
 
 // +genclient
@@ -107,6 +112,19 @@ type OAuthClient struct {
 	// AccessTokenMaxAgeSeconds overrides the default access token max age for tokens granted to this client.
 	// 0 means no expiration.
 	AccessTokenMaxAgeSeconds *int32
+
+	// AccessTokenInactivityTimeoutSeconds overrides the default token
+	// inactivity timeout for tokens granted to this client.
+	// The value represents the maximum amount of time that can occur between
+	// consecutive uses of the token. Tokens become invalid if they are not
+	// used within this temporal window. The user will need to acquire a new
+	// token to regain access once a token times out.
+	// This value needs to be set only if the default set in configuration is
+	// not appropriate for this client. Valid values are:
+	// - 0: Tokens for this client never time out
+	// - X: Tokens time out if there is no activity for X seconds
+	// The current minimum allowed value for X is 300 (5 minutes)
+	AccessTokenInactivityTimeoutSeconds *int32
 }
 
 type GrantHandlerType string

pkg/oauth/apis/oauth/v1/zz_generated.conversion.go

@@ -81,14 +81,10 @@ func autoConvert_v1_OAuthAccessToken_To_oauth_OAuthAccessToken(in *v1.OAuthAcces
 	out.UserUID = in.UserUID
 	out.AuthorizeToken = in.AuthorizeToken
 	out.RefreshToken = in.RefreshToken
+	// WARNING: in.InactivityTimeoutSeconds requires manual conversion: does not exist in peer-type
 	return nil
 }
 
-// Convert_v1_OAuthAccessToken_To_oauth_OAuthAccessToken is an autogenerated conversion function.
-func Convert_v1_OAuthAccessToken_To_oauth_OAuthAccessToken(in *v1.OAuthAccessToken, out *oauth.OAuthAccessToken, s conversion.Scope) error {
-	return autoConvert_v1_OAuthAccessToken_To_oauth_OAuthAccessToken(in, out, s)
-}
-
 func autoConvert_oauth_OAuthAccessToken_To_v1_OAuthAccessToken(in *oauth.OAuthAccessToken, out *v1.OAuthAccessToken, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	out.ClientName = in.ClientName
@@ -109,7 +105,17 @@ func Convert_oauth_OAuthAccessToken_To_v1_OAuthAccessToken(in *oauth.OAuthAccess
 
 func autoConvert_v1_OAuthAccessTokenList_To_oauth_OAuthAccessTokenList(in *v1.OAuthAccessTokenList, out *oauth.OAuthAccessTokenList, s conversion.Scope) error {
 	out.ListMeta = in.ListMeta
-	out.Items = *(*[]oauth.OAuthAccessToken)(unsafe.Pointer(&in.Items))
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]oauth.OAuthAccessToken, len(*in))
+		for i := range *in {
+			if err := Convert_v1_OAuthAccessToken_To_oauth_OAuthAccessToken(&(*in)[i], &(*out)[i], s); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
 	return nil
 }
 
@@ -120,7 +126,17 @@ func Convert_v1_OAuthAccessTokenList_To_oauth_OAuthAccessTokenList(in *v1.OAuthA
 
 func autoConvert_oauth_OAuthAccessTokenList_To_v1_OAuthAccessTokenList(in *oauth.OAuthAccessTokenList, out *v1.OAuthAccessTokenList, s conversion.Scope) error {
 	out.ListMeta = in.ListMeta
-	out.Items = *(*[]v1.OAuthAccessToken)(unsafe.Pointer(&in.Items))
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]v1.OAuthAccessToken, len(*in))
+		for i := range *in {
+			if err := Convert_oauth_OAuthAccessToken_To_v1_OAuthAccessToken(&(*in)[i], &(*out)[i], s); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
 	return nil
 }
 
@@ -198,14 +214,10 @@ func autoConvert_v1_OAuthClient_To_oauth_OAuthClient(in *v1.OAuthClient, out *oa
 	out.GrantMethod = oauth.GrantHandlerType(in.GrantMethod)
 	out.ScopeRestrictions = *(*[]oauth.ScopeRestriction)(unsafe.Pointer(&in.ScopeRestrictions))
 	out.AccessTokenMaxAgeSeconds = (*int32)(unsafe.Pointer(in.AccessTokenMaxAgeSeconds))
+	// WARNING: in.AccessTokenInactivityTimeoutSeconds requires manual conversion: does not exist in peer-type
 	return nil
 }
 
-// Convert_v1_OAuthClient_To_oauth_OAuthClient is an autogenerated conversion function.
-func Convert_v1_OAuthClient_To_oauth_OAuthClient(in *v1.OAuthClient, out *oauth.OAuthClient, s conversion.Scope) error {
-	return autoConvert_v1_OAuthClient_To_oauth_OAuthClient(in, out, s)
-}
-
 func autoConvert_oauth_OAuthClient_To_v1_OAuthClient(in *oauth.OAuthClient, out *v1.OAuthClient, s conversion.Scope) error {
 	out.ObjectMeta = in.ObjectMeta
 	out.Secret = in.Secret
@@ -275,7 +287,17 @@ func Convert_oauth_OAuthClientAuthorizationList_To_v1_OAuthClientAuthorizationLi
 
 func autoConvert_v1_OAuthClientList_To_oauth_OAuthClientList(in *v1.OAuthClientList, out *oauth.OAuthClientList, s conversion.Scope) error {
 	out.ListMeta = in.ListMeta
-	out.Items = *(*[]oauth.OAuthClient)(unsafe.Pointer(&in.Items))
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]oauth.OAuthClient, len(*in))
+		for i := range *in {
+			if err := Convert_v1_OAuthClient_To_oauth_OAuthClient(&(*in)[i], &(*out)[i], s); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
 	return nil
 }
 
@@ -286,7 +308,17 @@ func Convert_v1_OAuthClientList_To_oauth_OAuthClientList(in *v1.OAuthClientList,
 
 func autoConvert_oauth_OAuthClientList_To_v1_OAuthClientList(in *oauth.OAuthClientList, out *v1.OAuthClientList, s conversion.Scope) error {
 	out.ListMeta = in.ListMeta
-	out.Items = *(*[]v1.OAuthClient)(unsafe.Pointer(&in.Items))
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]v1.OAuthClient, len(*in))
+		for i := range *in {
+			if err := Convert_oauth_OAuthClient_To_v1_OAuthClient(&(*in)[i], &(*out)[i], s); err != nil {
+				return err
+			}
+		}
+	} else {
+		out.Items = nil
+	}
 	return nil
 }