auth

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 15, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package auth collects structures and functions around the generation and processing of credentials.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateCertificate added in v0.0.16

func CreateCertificate(
	ctx context.Context,
	cluster *kubernetes.Cluster,
	cert CertParam,
	owner *metav1.OwnerReference,
) error

CreateCertificate creates a certificate resource, for the given cluster issuer

func ExtendLocalTrust added in v0.0.16

func ExtendLocalTrust(certs string)

ExtendLocalTrust makes the certs found in specified PEM string available as root CA certs, beyond the standard certs. It does this by creating an in-memory pool of certs filled from both the system pool and the argument, and setting this as the cert origin for net/http's default transport. Ditto for the websocket's default dialer.

func GetFirstUserAccount added in v0.1.4

func GetFirstUserAccount(ctx context.Context) (string, string, error)

GetFirstUserAccount returns the credentials of the oldest Epinio user. This should normally be the one created during installation unless someone deleted that.

func GetUserAccounts added in v0.1.4

func GetUserAccounts(ctx context.Context) (*gin.Accounts, error)

GetUserAccounts returns all Epinio users as a gin.Accounts object to be passed to the BasicAuth middleware.

func GetUserSecretsByAge added in v0.1.4

func GetUserSecretsByAge(ctx context.Context) ([]corev1.Secret, error)

GetUserSecretsByAge returns the user BasicAuth Secrets sorted from older to younger by creationTimestamp.

func HashBcrypt

func HashBcrypt(password string) (hash string, err error)

HashBcrypt generates an Bcrypt hash for a password. See https://github.com/foomo/htpasswd for the origin of this code. MIT licensed, as per `blob/master/LICENSE.txt`

Types

type CertParam added in v0.0.19

type CertParam struct {
	Name      string
	Namespace string
	Domain    string
	Issuer    string
	Labels    map[string]string
}

CertParam describes the cert-manager certificate CRD. It's passed to CreateCertificate to create the cert-manager certificate CR.

type PasswordAuth

type PasswordAuth struct {
	Username string
	Password string
}

PasswordAuth wraps a set of password-based credentials

func RandomPasswordAuth

func RandomPasswordAuth() (*PasswordAuth, error)

RandomPasswordAuth generates a random user+password combination. Both elements are random 16-character hex strings.

func (*PasswordAuth) Htpassword

func (auth *PasswordAuth) Htpassword() (string, error)

Htpassword returns user+hash string suitable for use by Traefik's BasicAuth module.

type SecretsSortable added in v0.1.4

type SecretsSortable []corev1.Secret

func (SecretsSortable) Len added in v0.1.4

func (a SecretsSortable) Len() int

func (SecretsSortable) Less added in v0.1.4

func (a SecretsSortable) Less(i, j int) bool

func (SecretsSortable) Swap added in v0.1.4

func (a SecretsSortable) Swap(i, j int)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL