Documentation ¶
Overview ¶
Package credentials includes validators for the credentials provided for KongConsumers.
Index ¶
Constants ¶
const TypeKey = "kongCredType"
TypeKey indicates the key in a consumer secret which identifies the type of credential that is being provided for the consumer.
Variables ¶
var ( KeyAuthFields = []string{"key"} BasicAuthFields = []string{"username", "password"} HMACAuthFields = []string{"username", "secret"} JWTAuthFields = []string{"algorithm", "rsa_public_key", "key", "secret"} MTLsAuthFields = []string{"subject_name"} OAUTH2AuthFields = []string{"name", "client_id", "client_secret", "redirect_uris"} ACLAuthFields = []string{"group"} )
var CredTypeToFields = map[string][]string{ "key-auth": KeyAuthFields, "keyauth_credential": KeyAuthFields, "basic-auth": BasicAuthFields, "basicauth_credential": BasicAuthFields, "hmac-auth": HMACAuthFields, "hmacauth_credential": HMACAuthFields, "jwt": JWTAuthFields, "jwt_secret": JWTAuthFields, "oauth2": OAUTH2AuthFields, "acl": ACLAuthFields, "mtls-auth": MTLsAuthFields, }
var SupportedTypes = sets.NewString(
"basic-auth",
"hmac-auth",
"jwt",
"key-auth",
"oauth2",
"acl",
"mtls-auth",
)
SupportedTypes indicates all the "kongCredType"s which are supported for KongConsumer credentials.
Functions ¶
func IsKeyUniqueConstrained ¶
IsKeyUniqueConstrained indicates whether or not a given key and its type there are unique constraints in place.
func ValidateCredentials ¶
ValidateCredentials performs basic validation on a credential secret given the Kubernetes secret which contains credentials data.
Types ¶
type Credential ¶
type Credential struct { // Type indicates the credential type, which will reference one of the types // in the SupportedTypes set. Type string // Key is the key for the credentials data Key string // Value is the data provided for the key Value string }
Credential is a metadata struct to help validate the contents of consumer credentials, particularly unique constraints on the underlying data.
type Index ¶
Index is a map of credentials types to a map of credential keys to the underlying values already seen for that type and key. This type is used as a history tracker for validation so that callers can keep track of the credentials they've seen thus far and validate whether new credentials they encounter are in violation of any constraints on their respective types.
func (Index) ValidateCredentialsForUniqueKeyConstraints ¶
ValidateCredentialsForUniqueKeyConstraints will attempt to add a new Credential to the CredentialsTypeMap and will validate it for both normal structure validation and for unique key constraint violations.