Documentation ¶
Overview ¶
Package kubernetes provides a storage interface using Kubernetes third party APIs.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthCode ¶
type AuthCode struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ObjectMeta `json:"metadata,omitempty"` ClientID string `json:"clientID"` Scopes []string `json:"scopes,omitempty"` RedirectURI string `json:"redirectURI"` Nonce string `json:"nonce,omitempty"` State string `json:"state,omitempty"` Claims Claims `json:"claims,omitempty"` ConnectorID string `json:"connectorID,omitempty"` ConnectorData []byte `json:"connectorData,omitempty"` Expiry time.Time `json:"expiry"` }
AuthCode is a mirrored struct from storage with JSON struct tags and Kubernetes type metadata.
type AuthCodeList ¶
type AuthCodeList struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ListMeta `json:"metadata,omitempty"` AuthCodes []AuthCode `json:"items"` }
AuthCodeList is a list of AuthCodes.
type AuthRequest ¶
type AuthRequest struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ObjectMeta `json:"metadata,omitempty"` ClientID string `json:"clientID"` ResponseTypes []string `json:"responseTypes,omitempty"` Scopes []string `json:"scopes,omitempty"` RedirectURI string `json:"redirectURI"` Nonce string `json:"nonce,omitempty"` State string `json:"state,omitempty"` // The client has indicated that the end user must be shown an approval prompt // on all requests. The server cannot cache their initial action for subsequent // attempts. ForceApprovalPrompt bool `json:"forceApprovalPrompt,omitempty"` LoggedIn bool `json:"loggedIn"` // The identity of the end user. Generally nil until the user authenticates // with a backend. Claims Claims `json:"claims,omitempty"` // The connector used to login the user. Set when the user authenticates. ConnectorID string `json:"connectorID,omitempty"` ConnectorData []byte `json:"connectorData,omitempty"` Expiry time.Time `json:"expiry"` }
AuthRequest is a mirrored struct from storage with JSON struct tags and Kubernetes type metadata.
type AuthRequestList ¶
type AuthRequestList struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ListMeta `json:"metadata,omitempty"` AuthRequests []AuthRequest `json:"items"` }
AuthRequestList is a list of AuthRequests.
type Claims ¶
type Claims struct { UserID string `json:"userID"` Username string `json:"username"` Email string `json:"email"` EmailVerified bool `json:"emailVerified"` Groups []string `json:"groups,omitempty"` }
Claims is a mirrored struct from storage with JSON struct tags.
type Client ¶
type Client struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ObjectMeta `json:"metadata,omitempty"` Secret string `json:"secret,omitempty"` RedirectURIs []string `json:"redirectURIs,omitempty"` TrustedPeers []string `json:"trustedPeers,omitempty"` Public bool `json:"public"` Name string `json:"name,omitempty"` LogoURL string `json:"logoURL,omitempty"` }
Client is a mirrored struct from storage with JSON struct tags and Kubernetes type metadata.
TODO(ericchiang): Kubernetes has an extremely restricted set of characters it can use for IDs. Consider base32ing client IDs.
type ClientList ¶
type ClientList struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ListMeta `json:"metadata,omitempty"` Clients []Client `json:"items"` }
ClientList is a list of Clients.
type Config ¶
type Config struct { InCluster bool `yaml:"inCluster"` KubeConfigPath string `yaml:"kubeConfigPath"` GCFrequency int64 `yaml:"gcFrequency"` // seconds }
Config values for the Kubernetes storage type.
type Keys ¶
type Keys struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ObjectMeta `json:"metadata,omitempty"` // Key for creating and verifying signatures. These may be nil. SigningKey *jose.JSONWebKey `json:"signingKey,omitempty"` SigningKeyPub *jose.JSONWebKey `json:"signingKeyPub,omitempty"` // Old signing keys which have been rotated but can still be used to validate // existing signatures. VerificationKeys []storage.VerificationKey `json:"verificationKeys,omitempty"` // The next time the signing key will rotate. // // For caching purposes, implementations MUST NOT update keys before this time. NextRotation time.Time `json:"nextRotation"` }
Keys is a mirrored struct from storage with JSON struct tags and Kubernetes type metadata.
type Password ¶
type Password struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ObjectMeta `json:"metadata,omitempty"` // The Kubernetes name is actually an encoded version of this value. // // This field is IMMUTABLE. Do not change. Email string `json:"email,omitempty"` Hash []byte `json:"hash,omitempty"` Username string `json:"username,omitempty"` UserID string `json:"userID,omitempty"` }
Password is a mirrored struct from the stroage with JSON struct tags and Kubernetes type metadata.
type RefreshList ¶
type RefreshList struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ListMeta `json:"metadata,omitempty"` RefreshTokens []RefreshToken `json:"items"` }
RefreshList is a list of refresh tokens.
type RefreshToken ¶
type RefreshToken struct { k8sapi.TypeMeta `json:",inline"` k8sapi.ObjectMeta `json:"metadata,omitempty"` ClientID string `json:"clientID"` Scopes []string `json:"scopes,omitempty"` Nonce string `json:"nonce,omitempty"` Claims Claims `json:"claims,omitempty"` ConnectorID string `json:"connectorID,omitempty"` }
RefreshToken is a mirrored struct from storage with JSON struct tags and Kubernetes type metadata.