apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
  name: vikunja-test-oauth-client
  # Has to live in the same namespace as the stackspin-*-oauth-variables secret
  namespace: flux-system
spec:
  # TODO copied from wekan: https://github.com/wekan/wekan/wiki/Keycloak
  grantTypes:
    - authorization_code
    - refresh_token
    - client_credentials
    - implicit
  responseTypes:
    - id_token
    - code
  scope: "openid profile email stackspin_roles"
  secretName: stackspin-vikunja-test-oauth-variables
  redirectUris:
    - https://test.${vikunja_domain}/auth/openid/stackspin
  tokenEndpointAuthMethod: client_secret_post