Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewAuthenticator ¶
func NewAuthenticator( issuer, clientID string, upstream *url.URL, skipExpiry bool, retrySeconds time.Duration, serviceCerts *certs.ServiceCerts, logger *zap.Logger) (authenticator.Authenticator, error)
NewAuthenticator returns an oidc authenticator that does full ID token validation using the provider's pub keys.
Types ¶
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
Authenticator is used for configuring oidc authenticators
func (*Authenticator) Authenticate ¶
func (a *Authenticator) Authenticate(r *http.Request) (authenticator.Requestor, error)
Authenticate processes the passed request, validating its ID token in the `Authorization: Bearer XY` header using the provider configured in `Open()`. This will check the issuer
type Config ¶
Config is used for configuring oidc authenticators
func (*Config) Open ¶
func (c *Config) Open(upstream *url.URL, serviceCerts *certs.ServiceCerts, logger *zap.Logger) (authenticator.Authenticator, error)
Open returns an OIDC authenticator for the configured settings
type DexIDToken ¶
DexIDToken has a set of claims, and a subject
type IDTokenVerifier ¶
type IDTokenVerifier interface {
Verify(ctx context.Context, rawIDToken string) (DexIDToken, error)
}
IDTokenVerifier abstracts oidc.IDTokenVerifier (which is a struct) so we can pass a mock verifier for tests
Source Files
Click to show internal directories.
Click to hide internal directories.