auth

package

v0.11.0-rc.3 Latest Latest Go to latest Published: Jul 2, 2024 License: Apache-2.0 Imports: 9 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package auth contains structures, interfaces and utility functions useful for both server and client authentication agents.

Index ¶

Constants
func GetToken(ctx context.Context, c client.Client, namespace string) (string, error)
func GetTokenFromSecret(secret *v1.Secret) (string, error)
type AWSIdentityInfo
type CertificateIdentityResponse
- func NewCertificateIdentityResponse(namespace string, identityResponse *responsetypes.SigningRequestResponse, ...) (*CertificateIdentityResponse, error)
- func (resp *CertificateIdentityResponse) HasAWSValues() bool

Constants ¶

View Source

const (
	// IdsURI is the path where to contact the Authentication Service to get the clusterID.
	IdsURI = "/ids"
	// IdentityURI is the path where to contact the Authentication Service
	// to have a ServiceAccont Identity.
	IdentityURI = "/identity"
	// CertIdentityURI is the path where to contact the Authentication Service
	// to have a Certificate Identity.
	CertIdentityURI = "/identity/certificate"
)

View Source

const (
	// TokenSecretName is the name of the secret containing the authentication token for the local cluster.
	TokenSecretName = "auth-token"
)

Variables ¶

This section is empty.

Functions ¶

func GetToken ¶ added in v0.3.0

func GetToken(ctx context.Context, c client.Client, namespace string) (string, error)

GetToken retrieves the token for the local cluster.

func GetTokenFromSecret ¶ added in v0.3.0

func GetTokenFromSecret(secret *v1.Secret) (string, error)

GetTokenFromSecret retrieves the token for the local cluster given its secret.

Types ¶

type AWSIdentityInfo ¶ added in v0.3.0

type AWSIdentityInfo struct {
	AccessKeyID     string `json:"accessKeyID"`
	SecretAccessKey string `json:"secretAccessKey"`
	Region          string `json:"region"`
	EKSClusterID    string `json:"eksClusterID"`
	IAMUserArn      string `json:"iamUserArn"`
}

AWSIdentityInfo contains the information required by a cluster to get a valied IAM-based identity.

type CertificateIdentityResponse ¶ added in v0.3.0

type CertificateIdentityResponse struct {
	Namespace    string `json:"namespace"`
	Certificate  string `json:"certificate,omitempty"`
	APIServerURL string `json:"apiServerUrl"`
	APIServerCA  string `json:"apiServerCA,omitempty"`

	AWSIdentityInfo AWSIdentityInfo `json:"aws,omitempty"`
}

CertificateIdentityResponse is the response on a certificate identity request.

func NewCertificateIdentityResponse ¶ added in v0.3.0

func NewCertificateIdentityResponse(
	namespace string, identityResponse *responsetypes.SigningRequestResponse,
	apiServerConfig apiserver.Config) (*CertificateIdentityResponse, error)

NewCertificateIdentityResponse makes a new CertificateIdentityResponse.

func (*CertificateIdentityResponse) HasAWSValues ¶ added in v0.3.0

func (resp *CertificateIdentityResponse) HasAWSValues() bool

HasAWSValues checks if the response has all the required AWS fields set.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL