Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenricatorConfig ¶
type AuthenricatorConfig struct {
RequestHeaderConfig *authenticatorfactory.RequestHeaderConfig
ClientCert *ClientCertAuthenticationConfig
// CacheTTL is the length of time that a token authentication answer will be cached.
TokenSuccessCacheTTL time.Duration
TokenFailureCacheTTL time.Duration
APIAudiences authenticator.Audiences
TokenRequest *TokenAuthenticationConfig
Anonymous bool
}
AuthenricatorConfig is the minimal configuration needed to create an authenticator built to delegate authentication to upstream kube API servers
func (AuthenricatorConfig) New ¶
func (c AuthenricatorConfig) New() (authenticator.Request, *spec.SecurityDefinitions, error)
type ClientCertAuthenticationConfig ¶
type ClientCertAuthenticationConfig struct {
// CAContentProvider are the options for verifying incoming connections using mTLS and directly assigning to users.
// Generally this is the CA bundle file used to authenticate client certificates
// If this is nil, then mTLS will not be used.
CAContentProvider authenticatorfactory.CAContentProvider
// SNIVerifyOptionsPorvider provides dynamic verifyOptions for each sni hostname
SNIVerifyOptionsPorvider x509.SNIVerifyOptionsProvider
}
func (*ClientCertAuthenticationConfig) New ¶
func (c *ClientCertAuthenticationConfig) New() authenticator.Request
type TokenAuthenticationConfig ¶
type TokenAuthenticationConfig struct {
// remote cluster token auth
ClusterClientProvider clusters.ClientProvider
}
Source Files
Click to show internal directories.
Click to hide internal directories.