helpers

package

v0.0.0-...-1c213c1 Latest Latest Go to latest Published: Mar 25, 2022 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cloudfoundry/cf-k8s-controllers

Documentation ¶

Index ¶

func JoinCertAndKey(certData, keyData []byte) []byte
func ObtainClientCert(testEnv *envtest.Environment, name string) ([]byte, []byte)
type AuthProvider
- func NewAuthProvider() *AuthProvider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func JoinCertAndKey ¶

func JoinCertAndKey(certData, keyData []byte) []byte

func ObtainClientCert ¶

func ObtainClientCert(testEnv *envtest.Environment, name string) ([]byte, []byte)

Types ¶

type AuthProvider ¶

type AuthProvider struct {
	// contains filtered or unexported fields
}

When configured to work with OIDC the k8s api server calls the /.well-known/openid-configuration endpoint of the configurd oidc issuer. Later when a token review is created the api server tries to validate the token using the public part of the key that the token was signed with. This public key is serverd on the jwks_uri endpoint that was advertised by the initial request of /.well-known/openid-configuration.

This utility generates JWT tokens and signs them with a signing key, while at the same time serving the public part of the signing key to the api server.

func NewAuthProvider ¶

func NewAuthProvider() *AuthProvider

func (*AuthProvider) APIServerExtraArgs ¶

func (p *AuthProvider) APIServerExtraArgs(oidcPrefix string) map[string]string

func (*AuthProvider) GenerateJWTToken ¶

func (p *AuthProvider) GenerateJWTToken(subject string, groups ...string) string

func (*AuthProvider) Stop ¶

func (p *AuthProvider) Stop()

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL