{{- if index .Values.ocAuth.enabled }}
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
  name: open-cloud-client
spec:
  grantTypes:
    - implicit
    - refresh_token
    - authorization_code
    - client_credentials
  responseTypes:
    - id_token
    - token
    - code
  scope: openid profile email roles
  secretName: oc-auth-got-secret
  redirectUris:
    - https://myapp.example.com/callback
  postLogoutRedirectUris:
    - http://localhost:3000
  tokenEndpointAuthMethod: client_secret_post
  allowedCorsOrigins:
    - http://localhost
{{- end }}