Documentation ¶
Overview ¶
Package credentials includes validators for the credentials provided for KongConsumers.
Index ¶
Constants ¶
const TypeKey = "kongCredType"
TypeKey indicates the key in a consumer secret which identifies the type of credential that is being provided for the consumer.
Variables ¶
var ( KeyAuthFields = []string{"key"} BasicAuthFields = []string{"username", "password"} HMACAuthFields = []string{"username", "secret"} JWTAuthFields = []string{"algorithm", "rsa_public_key", "key", "secret"} MTLsAuthFields = []string{"subject_name"} OAUTH2AuthFields = []string{"name", "client_id", "client_secret", "redirect_uris"} ACLAuthFields = []string{"group"} )
var CredTypeToFields = map[string][]string{ "key-auth": KeyAuthFields, "keyauth_credential": KeyAuthFields, "basic-auth": BasicAuthFields, "basicauth_credential": BasicAuthFields, "hmac-auth": HMACAuthFields, "hmacauth_credential": HMACAuthFields, "jwt": JWTAuthFields, "jwt_secret": JWTAuthFields, "oauth2": OAUTH2AuthFields, "acl": ACLAuthFields, "mtls-auth": MTLsAuthFields, }
var SupportedTypes = sets.NewString(
"basic-auth",
"hmac-auth",
"jwt",
"key-auth",
"oauth2",
"acl",
)
SupportedCreds indicates all the "kongCredType"s which are supported for KongConsumer credentials.
Functions ¶
func IsKeyUniqueConstrained ¶
IsKeyUniqueConstrained indicates whether or not a given key and its type there are unique constraints in place.
Types ¶
type Credential ¶
type Credential struct { // ConsumerName indicates the name of the KongConsumer which this credential // is supplied for. ConsumerName string // ConsumerNamespace indicates the namespace that the KongConsumer which this // credential is supplied for. ConsumerNamespace string // Type indicates the credential type, which will reference one of the types // in the SupportedTypes set. Type string // Key is the key for the credentials data Key string // Value is the data provided for the key Value string }
Credential is a metadata struct to help validate the contents of consumer credentials, particularly unique constraints on the underlying data.
type Index ¶
Index is a map of credentials types to a map of credential keys to the underlying values already seen for that type and key. This type is used as a history tracker for validation so that callers can keep track of the credentials they've seen thus far and validate whether new credentials they encounter are in violation of any constraints on their respective types.
func (Index) ValidateCredentialsForUniqueKeyConstraints ¶ added in v2.1.0
func (cs Index) ValidateCredentialsForUniqueKeyConstraints(consumerName string, secret *corev1.Secret) error
ValidateCredentialsForUniqueKeyConstraints will attempt to add a new Credential to the CredentialsTypeMap and will validate it for both normal structure validation and for unique key constraint violations.