Documentation
¶
Index ¶
- Constants
- func AuthenticateRequest(authnURL string, conjurVersion string, account string, username string) (*http.Request, error)
- func LoginRequest(authnURL string, conjurVersion string, csrBytes []byte, usernamePrefix string) (*http.Request, error)
- type Authenticator
- type Config
- func (config *Config) GetContainerMode() string
- func (config *Config) GetDefaultValues() map[string]string
- func (config *Config) GetEnvVariables() []string
- func (config *Config) GetRequiredVariables() []string
- func (config *Config) GetTokenFilePath() string
- func (config *Config) GetTokenTimeout() time.Duration
- func (config *Config) LoadConfig(settings map[string]string)
Constants ¶
View Source
const ( DefaultClientCertPath = "/etc/conjur/ssl/client.pem" DefaultInjectCertLogPath = "/tmp/conjur_copy_text_output.log" DefaultTokenFilePath = "/run/conjur/access-token" DefaultConjurVersion = "5" // DefaultTokenRefreshTimeout is the default time the system waits to reauthenticate on error DefaultTokenRefreshTimeout = "6m0s" // DefaultClientCertRetryCountLimit is the amount of times we wait after successful // login for the client certificate file to exist, where each time we wait for a second. DefaultClientCertRetryCountLimit = "10" AuthnType = "authn-k8s" )
Default settings (this comment added to satisfy linter)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Authenticator ¶
type Authenticator struct {
PublicCert *x509.Certificate
// contains filtered or unexported fields
}
Authenticator contains the configuration and client for the authentication connection to Conjur
func NewWithAccessToken ¶
func NewWithAccessToken(config Config, accessToken access_token.AccessToken) (*Authenticator, error)
NewWithAccessToken creates a new authenticator instance from a given access token
func (*Authenticator) Authenticate ¶
func (auth *Authenticator) Authenticate() error
Authenticate sends Conjur an authenticate request and writes the response to the token file (after decrypting it if needed). It also manages state of certificates. @deprecated Use AuthenticateWithContext instead
func (*Authenticator) AuthenticateWithContext ¶
func (auth *Authenticator) AuthenticateWithContext(ctx context.Context) error
func (*Authenticator) GetAccessToken ¶
func (auth *Authenticator) GetAccessToken() access_token.AccessToken
GetAccessToken is getter for accessToken
func (*Authenticator) IsLoggedIn ¶
func (auth *Authenticator) IsLoggedIn() bool
IsLoggedIn returns true if we are logged in (have a cert)
type Config ¶
type Config struct {
Common common.Config
InjectCertLogPath string
PodName string
PodNamespace string
ConjurVersion string
}
Config defines the configuration parameters for the authentication requests
func (*Config) GetContainerMode ¶
func (*Config) GetDefaultValues ¶
func (*Config) GetEnvVariables ¶
func (*Config) GetRequiredVariables ¶
func (*Config) GetTokenFilePath ¶
func (*Config) GetTokenTimeout ¶
func (*Config) LoadConfig ¶
Source Files
Click to show internal directories.
Click to hide internal directories.