keystone

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 20, 2018 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TypeUser    string = "user"
	TypeGroup   string = "group"
	TypeProject string = "project"
	TypeRole    string = "role"
)

Supported types for policy match.

View Source 
const (
	Projects        = "projects"
	RoleAssignments = "role_assignments"
)

By now only project syncing is supported TODO(mfedosin): Implement syncing of role assignments, system role assignments, and user groups

Variables

This section is empty.

Functions

func GetToken 

func GetToken(options gophercloud.AuthOptions) (*tokens3.Token, error)

GetToken creates a token by authenticate with keystone.

Types

type Authenticator 

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator contacts openstack keystone to validate user's token passed in the request. The keystone endpoint is passed during apiserver startup

func (*Authenticator) AuthenticateToken 

func (a *Authenticator) AuthenticateToken(token string) (user.Info, bool, error)

AuthenticateToken checks the token via Keystone call

type Authorizer 

type Authorizer struct {
	// contains filtered or unexported fields
}

Authorizer contacts openstack keystone to check whether the user can perform requested operations. The keystone endpoint and policy list are passed during apiserver startup

func (*Authorizer) Authorize 

func (a *Authorizer) Authorize(attributes authorizer.Attributes) (authorized authorizer.Decision, reason string, err error)

Authorize checks whether the user can perform an operation

type Config added in v0.2.0 

type Config struct {
	Address             string
	CertFile            string
	KeyFile             string
	KeystoneURL         string
	KeystoneCA          string
	PolicyFile          string
	PolicyConfigMapName string
	SyncConfigFile      string
	SyncConfigMapName   string
	Kubeconfig          string
}

Config configures a keystone webhook server

func NewConfig added in v0.2.0 

func NewConfig() *Config

NewConfig returns a Config

func (*Config) AddFlags added in v0.2.0 

func (c *Config) AddFlags(fs *pflag.FlagSet)

AddFlags adds flags for a specific AutoScaler to the specified FlagSet

func (*Config) ValidateFlags added in v0.2.0 

func (c *Config) ValidateFlags() error

ValidateFlags validates whether flags are set up correctly

type KeystoneAuth added in v0.2.0 

type KeystoneAuth struct {
	// contains filtered or unexported fields
}

KeystoneAuth manages authentication and authorization

func NewKeystoneAuth added in v0.2.0 

func NewKeystoneAuth(c *Config) (*KeystoneAuth, error)

NewKeystoneAuth returns a new KeystoneAuth controller

func (*KeystoneAuth) Handler added in v0.2.0 

func (k *KeystoneAuth) Handler(w http.ResponseWriter, r *http.Request)

Handler serves the http requests

func (*KeystoneAuth) Run added in v0.2.0 

func (k *KeystoneAuth) Run()

Run starts the keystone webhook server.

type Syncer added in v0.2.0 

type Syncer struct {
	// contains filtered or unexported fields
}

Syncer synchronizes auth data between Keystone and Kubernetes

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.