auth

package

v0.0.0-...-60f4931 Latest Latest Go to latest Published: Sep 12, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kelda/blimp

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetAuth(req AuthenticatedRequest) *proto.BlimpAuth
func RegistryAuthHeader(cred types.AuthConfig) (string, error)
type AuthenticatedRequest
type BlimpRegistryAuth
- func BlimpRegcred(auth *auth.BlimpAuth) (BlimpRegistryAuth, error)
type RegistryCredentials
- func GetLocalRegistryCredentials(dockerConfig *configfile.ConfigFile) (RegistryCredentials, error)
type User
- func AuthorizeRequest(blimpAuth *proto.BlimpAuth) (User, error)
- func ParseIDToken(token string) (User, error)

Constants ¶

View Source

const JSONCredUsername = "_json"

JSONCredUsername is the username that we use for registry credentials to the Blimp registry to indicate that the password is a JSON-encoded auth.BlimpAuth, as opposed to a plain ID token.

Variables ¶

This section is empty.

Functions ¶

func GetAuth ¶

func GetAuth(req AuthenticatedRequest) *proto.BlimpAuth

func RegistryAuthHeader ¶

func RegistryAuthHeader(cred types.AuthConfig) (string, error)

Types ¶

type AuthenticatedRequest ¶

type AuthenticatedRequest interface {
	GetOldToken() string
	GetAuth() *proto.BlimpAuth
}

type BlimpRegistryAuth ¶

type BlimpRegistryAuth struct {
	Username string
	Password string
}

func BlimpRegcred ¶

func BlimpRegcred(auth *auth.BlimpAuth) (BlimpRegistryAuth, error)

func (BlimpRegistryAuth) ToBlimpAuth ¶

func (regAuth BlimpRegistryAuth) ToBlimpAuth() (*auth.BlimpAuth, error)

func (BlimpRegistryAuth) ToContainerRegistry ¶

func (regAuth BlimpRegistryAuth) ToContainerRegistry() authn.Authenticator

func (BlimpRegistryAuth) ToDocker ¶

func (regAuth BlimpRegistryAuth) ToDocker() types.AuthConfig

func (BlimpRegistryAuth) ToProtobuf ¶

func (regAuth BlimpRegistryAuth) ToProtobuf() *cluster.RegistryCredential

type RegistryCredentials ¶

type RegistryCredentials map[string]types.AuthConfig

func GetLocalRegistryCredentials ¶

func GetLocalRegistryCredentials(dockerConfig *configfile.ConfigFile) (RegistryCredentials, error)

GetLocalRegistryCredentials reads the user's registry credentials from their local machine.

func (RegistryCredentials) LookupByHost ¶

func (creds RegistryCredentials) LookupByHost(host string) (types.AuthConfig, bool)

func (RegistryCredentials) LookupByImage ¶

func (creds RegistryCredentials) LookupByImage(image string) (types.AuthConfig, bool)

func (RegistryCredentials) ToProtobuf ¶

func (creds RegistryCredentials) ToProtobuf() map[string]*cluster.RegistryCredential

type User ¶

type User struct {
	Namespace string
}

func AuthorizeRequest ¶

func AuthorizeRequest(blimpAuth *proto.BlimpAuth) (User, error)

func ParseIDToken ¶

func ParseIDToken(token string) (User, error)

Blimp used to use Auth0 for account management. Auth0 tokens were used to identify and authorize users. Blimp no longer does per-user authentication since only self-hosted clusters are supported. The "token" is used for namespacing resources, and access control to the cluster is controlled via a shared secret. Therefore, we don't do any validation on the token.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL