Documentation ¶
Index ¶
Constants ¶
View Source
const CSRFTokenHeader = "X-CSRF-Token"
CSRFTokenHeader must be passed when requesting a WWW-Authenticate Basic challenge to prevent CSRF attacks on browsers. The presence of this header indicates that a user agent intended to make a basic auth request (as opposed to a browser being tricked into requesting /oauth/authorize?response_type=token&client_id=openshift-challenging-client). Because multiple clients (osc, Java client, etc) are required to set this header, it probably should not be changed.
Variables ¶
This section is empty.
Functions ¶
func NewBasicAuthChallenger ¶
func NewBasicAuthChallenger(realm string) oauthhandlers.AuthenticationChallenger
NewBasicAuthChallenger returns a AuthenticationChallenger that responds with a basic auth challenge for the supplied realm
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.