identity

package
v0.20.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2024 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIKey 

type APIKey struct {
	auth.AuthCredentials

	Name           string              `yaml:"name"`
	LabelSelectors k8s_labels.Selector `yaml:"labelSelectors"`
	Namespace      string              `yaml:"namespace"`
	// contains filtered or unexported fields
}

func NewApiKeyIdentity 

func NewApiKeyIdentity(name string, labelSelectors k8s_labels.Selector, namespace string, authCred auth.AuthCredentials, k8sClient k8s_client.Reader, ctx context.Context) *APIKey

func (*APIKey) AddK8sSecretBasedIdentity added in v0.9.0 

func (a *APIKey) AddK8sSecretBasedIdentity(ctx context.Context, new k8s.Secret)

func (*APIKey) Call 

func (a *APIKey) Call(pipeline auth.AuthPipeline, _ context.Context) (interface{}, error)

Call will evaluate the credentials within the request against the authorized ones

func (*APIKey) GetK8sSecretLabelSelectors added in v0.9.0 

func (a *APIKey) GetK8sSecretLabelSelectors() k8s_labels.Selector

func (*APIKey) RevokeK8sSecretBasedIdentity added in v0.9.0 

func (a *APIKey) RevokeK8sSecretBasedIdentity(ctx context.Context, deleted k8s_types.NamespacedName)

type HMAC 

type HMAC struct {
	auth.AuthCredentials

	Secret string `yaml:"secret"`
}

func (*HMAC) Call 

func (h *HMAC) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)

type KubernetesAuth 

type KubernetesAuth struct {
	auth.AuthCredentials
	// contains filtered or unexported fields
}

func NewKubernetesAuthIdentity 

func NewKubernetesAuthIdentity(authCred auth.AuthCredentials, audiences []string) (*KubernetesAuth, error)

func (*KubernetesAuth) Call 

func (kubeAuth *KubernetesAuth) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)

type MTLS 

type MTLS struct {
	auth.AuthCredentials

	Name           string
	LabelSelectors k8s_labels.Selector
	Namespace      string
	// contains filtered or unexported fields
}

func NewMTLSIdentity added in v0.9.0 

func NewMTLSIdentity(name string, labelSelectors k8s_labels.Selector, namespace string, k8sClient k8s_client.Reader, ctx context.Context) *MTLS

func (*MTLS) AddK8sSecretBasedIdentity added in v0.9.0 

func (m *MTLS) AddK8sSecretBasedIdentity(ctx context.Context, new k8s.Secret)

func (*MTLS) Call 

func (m *MTLS) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)

func (*MTLS) GetK8sSecretLabelSelectors added in v0.9.0 

func (m *MTLS) GetK8sSecretLabelSelectors() k8s_labels.Selector

func (*MTLS) RevokeK8sSecretBasedIdentity added in v0.9.0 

func (m *MTLS) RevokeK8sSecretBasedIdentity(ctx context.Context, deleted k8s_types.NamespacedName)

type Noop 

type Noop struct {
	auth.AuthCredentials
}

func (*Noop) Call 

func (n *Noop) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)

type OAuth2 

type OAuth2 struct {
	auth.AuthCredentials

	TokenIntrospectionUrl string `yaml:"tokenIntrospectionUrl"`
	TokenTypeHint         string `yaml:"tokenTypeHint,omitempty"`
	ClientID              string `yaml:"clientId"`
	ClientSecret          string `yaml:"clientSecret"`
}

func NewOAuth2Identity 

func NewOAuth2Identity(tokenIntrospectionUrl string, tokenTypeHint string, clientID string, clientSecret string, creds auth.AuthCredentials) *OAuth2

func (*OAuth2) Call 

func (oauth *OAuth2) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)

type OIDC 

type OIDC struct {
	auth.AuthCredentials
	Endpoint string `yaml:"endpoint"`
	// contains filtered or unexported fields
}

func NewOIDC 

func NewOIDC(endpoint string, creds auth.AuthCredentials, ttl int, ctx gocontext.Context) *OIDC

func (*OIDC) Call 

func (oidc *OIDC) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)

func (*OIDC) Clean 

func (oidc *OIDC) Clean(ctx gocontext.Context) error

Clean ensures the goroutine started by configureProviderRefresh is cleaned up

func (*OIDC) GetURL 

func (oidc *OIDC) GetURL(name string, ctx gocontext.Context) (*url.URL, error)

type Plain added in v0.9.0 

type Plain struct {
	Value   expressions.Value
	Pattern string
}

func (*Plain) BuildRequestWithCredentials added in v0.9.0 

func (p *Plain) BuildRequestWithCredentials(ctx context.Context, endpoint string, method string, credentialValue string, body io.Reader) (*http.Request, error)

func (*Plain) Call added in v0.9.0 

func (p *Plain) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)

func (*Plain) GetCredentialsFromReq added in v0.9.0 

func (p *Plain) GetCredentialsFromReq(*envoy_auth.AttributeContext_HttpRequest) (string, error)

func (*Plain) GetCredentialsIn added in v0.9.0 

func (p *Plain) GetCredentialsIn() string

func (*Plain) GetCredentialsKeySelector added in v0.9.0 

func (p *Plain) GetCredentialsKeySelector() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.