authenticator

package
v1.5.0-beta.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 18, 2016 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsValidServiceAccountKeyFile

func IsValidServiceAccountKeyFile(file string) bool

IsValidServiceAccountKeyFile returns true if a valid public RSA key can be read from the given file

func New

New returns an authenticator.Request or an error that supports the standard Kubernetes authentication mechanisms.

func NewAuthenticatorFromTokens added in v1.5.0

func NewAuthenticatorFromTokens(tokens map[string]*user.DefaultInfo) authenticator.Request

newAuthenticatorFromToken returns an authenticator.Request or an error

Types

type AuthenticatorConfig

type AuthenticatorConfig struct {
	Anonymous                   bool
	AnyToken                    bool
	BasicAuthFile               string
	ClientCAFile                string
	TokenAuthFile               string
	OIDCIssuerURL               string
	OIDCClientID                string
	OIDCCAFile                  string
	OIDCUsernameClaim           string
	OIDCGroupsClaim             string
	ServiceAccountKeyFiles      []string
	ServiceAccountLookup        bool
	ServiceAccountTokenGetter   serviceaccount.ServiceAccountTokenGetter
	KeystoneURL                 string
	KeystoneCAFile              string
	WebhookTokenAuthnConfigFile string
	WebhookTokenAuthnCacheTTL   time.Duration

	RequestHeaderConfig *RequestHeaderConfig
}

type RequestHeaderConfig added in v1.5.0

type RequestHeaderConfig struct {
	// UsernameHeaders are the headers to check (in order, case-insensitively) for an identity. The first header with a value wins.
	UsernameHeaders []string
	// ClientCA points to CA bundle file which is used verify the identity of the front proxy
	ClientCA string
	// AllowedClientNames is a list of common names that may be presented by the authenticating front proxy.  Empty means: accept any.
	AllowedClientNames []string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL