auth

package

v1.0.2 Latest Latest Go to latest Published: Jul 17, 2020 License: Apache-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cnrancher/octopus-api-server

Links

Open Source Insights

Documentation ¶

Overview ¶

refer to: https://github.com/rancher/k3s/blob/master/pkg/clientaccess/clientaccess.go

Index ¶

Constants
func AgentAccessInfoToKubeConfig(destFile, server, token string) error
func Get(path string, info *Info) ([]byte, error)
func GetCACerts(u url.URL) ([]byte, error)
func GetHTTPClient(cacerts []byte) *http.Client
func GetJWTSecretTokenName(token string) (string, error)
func GetTokenAuthFromRequest(req *http.Request) string
func NormalizeAndValidateTokenForUser(server, token, user string) (string, error)
func ParseUsernamePassword(token string) (string, string, bool)
func SplitJWTTokenParts(token string) ([]string, error)
func SplitTokenParts(tokenID string) (string, string)
func ToAuthMiddleware(a Authenticator) auth.Middleware
type Authenticator
- func NewK3sAuthenticator(ctx context.Context, endpoint string, client *kubernetes.Clientset) Authenticator
type Handler
- func NewAuthHandler(ctx context.Context, host string, client *kubernetes.Clientset) *Handler
- func (h *Handler) ServeHTTP(writer http.ResponseWriter, req *http.Request)
type Info
- func ParseAndValidateToken(server, token string) (*Info, error)
- func (i *Info) KubeConfig() *clientcmdapi.Config
- func (i *Info) ToToken() string
- func (i *Info) WriteKubeConfig(destFile string) error
type K3sAuthenticator
- func (a *K3sAuthenticator) Authenticate(req *http.Request) (bool, string, error)
type OverrideURLCallback
type TokenSecretData

Constants ¶

View Source

const (
	CookieName      = "R_SESS"
	AuthHeaderName  = "Authorization"
	AuthValuePrefix = "Bearer"
	BasicAuthPrefix = "Basic"

	OctopusAPILabel = "authn.management.octopusapi.io/octopus-api"

	TokenNamespace = "kube-system"
)

Variables ¶

This section is empty.

Functions ¶

func AgentAccessInfoToKubeConfig ¶

func AgentAccessInfoToKubeConfig(destFile, server, token string) error

func Get ¶

func Get(path string, info *Info) ([]byte, error)

func GetCACerts ¶

func GetCACerts(u url.URL) ([]byte, error)

func GetHTTPClient ¶

func GetHTTPClient(cacerts []byte) *http.Client

func GetJWTSecretTokenName ¶

func GetJWTSecretTokenName(token string) (string, error)

func GetTokenAuthFromRequest ¶

func GetTokenAuthFromRequest(req *http.Request) string

func NormalizeAndValidateTokenForUser ¶

func NormalizeAndValidateTokenForUser(server, token, user string) (string, error)

func ParseUsernamePassword ¶

func ParseUsernamePassword(token string) (string, string, bool)

func SplitJWTTokenParts ¶

func SplitJWTTokenParts(token string) ([]string, error)

func SplitTokenParts ¶

func SplitTokenParts(tokenID string) (string, string)

func ToAuthMiddleware ¶

func ToAuthMiddleware(a Authenticator) auth.Middleware

Types ¶

type Authenticator ¶

type Authenticator interface {
	Authenticate(req *http.Request) (authed bool, user string, err error)
}

func NewK3sAuthenticator ¶

func NewK3sAuthenticator(ctx context.Context, endpoint string, client *kubernetes.Clientset) Authenticator

type Handler ¶

type Handler struct {
	Host string
	// contains filtered or unexported fields
}

func NewAuthHandler ¶

func NewAuthHandler(ctx context.Context, host string, client *kubernetes.Clientset) *Handler

NewHandler creates a new AuthHandler

func (*Handler) ServeHTTP ¶

func (h *Handler) ServeHTTP(writer http.ResponseWriter, req *http.Request)

type Info ¶

type Info struct {
	URL     string `json:"url,omitempty"`
	CACerts []byte `json:"cacerts,omitempty"`

	Token string `json:"token,omitempty"`
	// contains filtered or unexported fields
}

func ParseAndValidateToken ¶

func ParseAndValidateToken(server, token string) (*Info, error)

func (*Info) KubeConfig ¶

func (i *Info) KubeConfig() *clientcmdapi.Config

func (*Info) ToToken ¶

func (i *Info) ToToken() string

func (*Info) WriteKubeConfig ¶

func (i *Info) WriteKubeConfig(destFile string) error

type K3sAuthenticator ¶

type K3sAuthenticator struct {
	// contains filtered or unexported fields
}

func (*K3sAuthenticator) Authenticate ¶

func (a *K3sAuthenticator) Authenticate(req *http.Request) (bool, string, error)

type OverrideURLCallback ¶

type OverrideURLCallback func(config []byte) (*url.URL, error)

type TokenSecretData ¶

type TokenSecretData struct {
	Issuer    string `json:"issuer,omitempty"`
	ExpiresAt string `json:"expiresAt,omitempty"`
	IssuedAt  string `json:"issuedAt,omitempty"`
	Subject   string `json:"subject,omitempty"`
	Key       string `json:"key,omitempty"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL