apiserver

package
v3.8.22-1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 17, 2017 License: Apache-2.0 Imports: 82 Imported by: 0

Documentation

Index

Constants

View Source
const (
	OpenShiftOAuthCallbackPrefix = "/oauth2callback"
	OpenShiftWebConsoleClientID  = "openshift-web-console"
	OpenShiftBrowserClientID     = "openshift-browser-client"
	OpenShiftCLIClientID         = "openshift-challenging-client"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type CompletedConfig

type CompletedConfig struct {
	// contains filtered or unexported fields
}

func (CompletedConfig) New

func (c CompletedConfig) New(delegationTarget genericapiserver.DelegationTarget) (*OAuthAPIServer, error)

New returns a new instance of OAuthAPIServer from the given config.

func (CompletedConfig) V1RESTStorage

func (c CompletedConfig) V1RESTStorage() (map[string]rest.Storage, error)

type CompletedOAuthConfig

type CompletedOAuthConfig struct {
	// contains filtered or unexported fields
}

func (CompletedOAuthConfig) New

func (c CompletedOAuthConfig) New(delegationTarget genericapiserver.DelegationTarget) (*OAuthServer, error)

this server is odd. It doesn't delegate. We mostly leave it alone, so I don't plan to make it look "normal". We'll model it as a separate API server to reason about its handling chain, but otherwise, just let it be

type ExtraConfig

type ExtraConfig struct {
	CoreAPIServerClientConfig *restclient.Config
	ServiceAccountMethod      configapi.GrantHandlerType

	// TODO these should all become local eventually
	Scheme   *runtime.Scheme
	Registry *registered.APIRegistrationManager
	Codecs   serializer.CodecFactory
	// contains filtered or unexported fields
}

type ExtraOAuthConfig

type ExtraOAuthConfig struct {
	Options configapi.OAuthConfig

	// AssetPublicAddresses contains valid redirectURI prefixes to direct browsers to the web console
	AssetPublicAddresses []string

	// KubeClient is kubeclient with enough permission for the auth API
	KubeClient kclientset.Interface

	// EventsClient is for creating user events
	EventsClient corev1.EventInterface

	// RouteClient provides a client for OpenShift routes API.
	RouteClient routeclient.Interface

	UserClient                userclient.UserResourceInterface
	IdentityClient            userclient.IdentityInterface
	UserIdentityMappingClient userclient.UserIdentityMappingInterface

	OAuthAccessTokenClient         oauthclient.OAuthAccessTokenInterface
	OAuthAuthorizeTokenClient      oauthclient.OAuthAuthorizeTokenInterface
	OAuthClientClient              oauthclient.OAuthClientInterface
	OAuthClientAuthorizationClient oauthclient.OAuthClientAuthorizationInterface

	SessionAuth *session.Authenticator

	HandlerWrapper handlerWrapper
}

type OAuthAPIServer

type OAuthAPIServer struct {
	GenericAPIServer *genericapiserver.GenericAPIServer
}

type OAuthAPIServerConfig

type OAuthAPIServerConfig struct {
	GenericConfig *genericapiserver.RecommendedConfig
	ExtraConfig   ExtraConfig
}

func (*OAuthAPIServerConfig) Complete

func (c *OAuthAPIServerConfig) Complete() completedConfig

Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.

type OAuthServer

type OAuthServer struct {
	GenericAPIServer *genericapiserver.GenericAPIServer

	PublicURL url.URL
}

OAuthServer serves non-API endpoints for openshift.

type OAuthServerConfig

type OAuthServerConfig struct {
	GenericConfig    *genericapiserver.RecommendedConfig
	ExtraOAuthConfig ExtraOAuthConfig
}

func NewOAuthServerConfig

func NewOAuthServerConfig(oauthConfig configapi.OAuthConfig, userClientConfig *rest.Config) (*OAuthServerConfig, error)

func (*OAuthServerConfig) Complete

func (c *OAuthServerConfig) Complete() completedOAuthConfig

Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.

func (*OAuthServerConfig) EnsureBootstrapOAuthClients

func (c *OAuthServerConfig) EnsureBootstrapOAuthClients(context genericapiserver.PostStartHookContext) error

TODO, this moves to the `apiserver.go` when we have it for this group TODO TODO, this actually looks a lot like a controller or an add-on manager style thing. Seems like we'd want to do this outside EnsureBootstrapOAuthClients creates or updates the bootstrap oauth clients that openshift relies upon.

func (*OAuthServerConfig) WithOAuth

func (c *OAuthServerConfig) WithOAuth(handler http.Handler, requestContextMapper request.RequestContextMapper) (http.Handler, error)

WithOAuth decorates the given handler by serving the OAuth2 endpoints while passing through all other requests to the given handler.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL