Add AlphaOptions struct and ensure that all children have valid JSON tags

pkg/apis/options/alpha_options.go

@@ -0,0 +1,31 @@
+package options
+
+// AlphaOptions contains alpha structured configuration options.
+// Usage of these options allows users to access alpha features that are not
+// available as part of the primary configuration structure for OAuth2 Proxy.
+//
+// :::warning
+// The options within this structure are considered alpha.
+// They may change between releases without notice.
+// :::
+type AlphaOptions struct {
+	// Upstreams is used to configure upstream servers.
+	// Once a user is authenticated, requests to the server will be proxied to
+	// these upstream servers based on the path mappings defined in this list.
+	Upstreams Upstreams `json:"upstreams,omitempty"`
+
+	// InjectRequestHeaders is used to configure headers that should be added
+	// to requests to upstream servers.
+	// Headers may source values from either the authenticated user's session
+	// or from a static secret value.
+	InjectRequestHeaders []Header `json:"injectRequestHeaders,omitempty"`
+
+	// InjectResponseHeaders is used to configure headers that should be added
+	// to responses from the proxy.
+	// This is typically used when using the proxy as an external authentication
+	// provider in conjunction with another proxy such as NGINX and its
+	// auth_request module.
+	// Headers may source values from either the authenticated user's session
+	// or from a static secret value.
+	InjectResponseHeaders []Header `json:"injectResponseHeaders,omitempty"`
+}

pkg/apis/options/common.go

@@ -10,13 +10,13 @@ import (
 // Only one source within the struct should be defined at any time.
 type SecretSource struct {
 	// Value expects a base64 encoded string value.
-	Value []byte
+	Value []byte `json:"value,omitempty"`
 
 	// FromEnv expects the name of an environment variable.
-	FromEnv string
+	FromEnv string `json:"fromEnv,omitempty"`
 
 	// FromFile expects a path to a file containing the secret value.
-	FromFile string
+	FromFile string `json:"fromFile,omitempty"`
 }
 
 // Duration is an alias for time.Duration so that we can ensure the marshalling

pkg/apis/options/header.go

@@ -5,26 +5,26 @@ package options
 type Header struct {
 	// Name is the header name to be used for this set of values.
 	// Names should be unique within a list of Headers.
-	Name string `json:"name"`
+	Name string `json:"name,omitempty"`
 
 	// PreserveRequestValue determines whether any values for this header
 	// should be preserved for the request to the upstream server.
 	// This option only takes effet on injected request headers.
 	// Defaults to false (headers that match this header will be stripped).
-	PreserveRequestValue bool `json:"preserveRequestValue"`
+	PreserveRequestValue bool `json:"preserveRequestValue,omitempty"`
 
 	// Values contains the desired values for this header
-	Values []HeaderValue `json:"values"`
+	Values []HeaderValue `json:"values,omitempty"`
 }
 
 // HeaderValue represents a single header value and the sources that can
 // make up the header value
 type HeaderValue struct {
 	// Allow users to load the value from a secret source
-	*SecretSource
+	*SecretSource `json:",omitempty"`
 
 	// Allow users to load the value from a session claim
-	*ClaimSource
+	*ClaimSource `json:",omitempty"`
 }
 
 // ClaimSource allows loading a header value from a claim within the session
@@ -40,5 +40,5 @@ type ClaimSource struct {
 	// BasicAuthPassword converts this claim into a basic auth header.
 	// Note the value of claim will become the basic auth username and the
 	// basicAuthPassword will be used as the password value.
-	BasicAuthPassword *SecretSource
+	BasicAuthPassword *SecretSource `json:"basicAuthPassword,omitempty"`
 }

pkg/apis/options/upstreams.go

@@ -8,11 +8,11 @@ type Upstreams []Upstream
 type Upstream struct {
 	// ID should be a unique identifier for the upstream.
 	// This value is required for all upstreams.
-	ID string `json:"id"`
+	ID string `json:"id,omitempty"`
 
 	// Path is used to map requests to the upstream server.
 	// The closest match will take precedence and all Paths must be unique.
-	Path string `json:"path"`
+	Path string `json:"path,omitempty"`
 
 	// The URI of the upstream server. This may be an HTTP(S) server of a File
 	// based URL. It may include a path, in which case all requests will be served
@@ -24,19 +24,19 @@ type Upstream struct {
 	// - file://host/path
 	// If the URI's path is "/base" and the incoming request was for "/dir",
 	// the upstream request will be for "/base/dir".
-	URI string `json:"uri"`
+	URI string `json:"uri,omitempty"`
 
 	// InsecureSkipTLSVerify will skip TLS verification of upstream HTTPS hosts.
 	// This option is insecure and will allow potential Man-In-The-Middle attacks
 	// betweem OAuth2 Proxy and the usptream server.
 	// Defaults to false.
-	InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify"`
+	InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty"`
 
 	// Static will make all requests to this upstream have a static response.
 	// The response will have a body of "Authenticated" and a response code
 	// matching StaticCode.
 	// If StaticCode is not set, the response will return a 200 response.
-	Static bool `json:"static"`
+	Static bool `json:"static,omitempty"`
 
 	// StaticCode determines the response code for the Static response.
 	// This option can only be used with Static enabled.
@@ -50,9 +50,9 @@ type Upstream struct {
 	// PassHostHeader determines whether the request host header should be proxied
 	// to the upstream server.
 	// Defaults to true.
-	PassHostHeader *bool `json:"passHostHeader"`
+	PassHostHeader *bool `json:"passHostHeader,omitempty"`
 
 	// ProxyWebSockets enables proxying of websockets to upstream servers
 	// Defaults to true.
-	ProxyWebSockets *bool `json:"proxyWebSockets"`
+	ProxyWebSockets *bool `json:"proxyWebSockets,omitempty"`
 }