auth

package
v1.0.0-rc.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 9 Imported by: 2

Documentation

Overview

Package auth contains structures, interfaces and utility functions useful for both server and client authentication agents.

Index

Constants

View Source
const (
	// IdsURI is the path where to contact the Authentication Service to get the clusterID.
	IdsURI = "/ids"
	// IdentityURI is the path where to contact the Authentication Service
	// to have a ServiceAccont Identity.
	IdentityURI = "/identity"
	// CertIdentityURI is the path where to contact the Authentication Service
	// to have a Certificate Identity.
	CertIdentityURI = "/identity/certificate"
)
View Source
const (
	// TokenSecretName is the name of the secret containing the authentication token for the local cluster.
	TokenSecretName = "auth-token"
)

Variables

This section is empty.

Functions

func GetToken added in v0.3.0

func GetToken(ctx context.Context, c client.Client, namespace string) (string, error)

GetToken retrieves the token for the local cluster.

func GetTokenFromSecret added in v0.3.0

func GetTokenFromSecret(secret *v1.Secret) (string, error)

GetTokenFromSecret retrieves the token for the local cluster given its secret.

Types

type AWSIdentityInfo added in v0.3.0

type AWSIdentityInfo struct {
	AccessKeyID     string `json:"accessKeyID"`
	SecretAccessKey string `json:"secretAccessKey"`
	Region          string `json:"region"`
	EKSClusterID    string `json:"eksClusterID"`
	IAMUserArn      string `json:"iamUserArn"`
}

AWSIdentityInfo contains the information required by a cluster to get a valied IAM-based identity.

type CertificateIdentityResponse added in v0.3.0

type CertificateIdentityResponse struct {
	Namespace    string `json:"namespace"`
	Certificate  string `json:"certificate,omitempty"`
	APIServerURL string `json:"apiServerUrl"`
	APIServerCA  string `json:"apiServerCA,omitempty"`

	AWSIdentityInfo AWSIdentityInfo `json:"aws,omitempty"`
}

CertificateIdentityResponse is the response on a certificate identity request.

func NewCertificateIdentityResponse added in v0.3.0

func NewCertificateIdentityResponse(
	namespace string, identityResponse *responsetypes.SigningRequestResponse,
	apiServerConfig apiserver.Config) (*CertificateIdentityResponse, error)

NewCertificateIdentityResponse makes a new CertificateIdentityResponse.

func (*CertificateIdentityResponse) HasAWSValues added in v0.3.0

func (resp *CertificateIdentityResponse) HasAWSValues() bool

HasAWSValues checks if the response has all the required AWS fields set.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL