tokenvalidation

package

v0.0.0-...-7591406 Latest Latest Go to latest Published: Feb 5, 2025 License: Apache-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openshift/oauth-apiserver

Documentation ¶

Index ¶

Constants
func NewBootstrapAuthenticator(tokens oauthclient.OAuthAccessTokenInterface, ...) kauthenticator.Token
func NewTokenAuthenticator(tokens oauthclient.OAuthAccessTokenInterface, users userclient.UserInterface, ...) kauthenticator.Token
type NoopGroupMapper
- func (n NoopGroupMapper) GroupsFor(username string) ([]*userv1.Group, error)
type OAuthTokenValidator
- func NewExpirationValidator() OAuthTokenValidator
- func NewUIDValidator() OAuthTokenValidator
type OAuthTokenValidatorFunc
- func (f OAuthTokenValidatorFunc) Validate(token *oauthv1.OAuthAccessToken, user *userv1.User) error
type OAuthTokenValidators
- func (v OAuthTokenValidators) Validate(token *oauthv1.OAuthAccessToken, user *userv1.User) error
type TimeoutValidator
- func NewTimeoutValidator(tokens oauthclient.OAuthAccessTokenInterface, ...) *TimeoutValidator
- func (a *TimeoutValidator) Run(stopCh <-chan struct{})
- func (a *TimeoutValidator) Validate(token *oauthv1.OAuthAccessToken, _ *userv1.User) error
type UserToGroupMapper

Constants ¶

View Source

const ClusterAdminGroup = "system:cluster-admins"

Variables ¶

This section is empty.

Functions ¶

func NewBootstrapAuthenticator ¶

func NewBootstrapAuthenticator(tokens oauthclient.OAuthAccessTokenInterface, getter bootstrap.BootstrapUserDataGetter, implicitAudiences kauthenticator.Audiences, validators ...OAuthTokenValidator) kauthenticator.Token

func NewTokenAuthenticator ¶

func NewTokenAuthenticator(tokens oauthclient.OAuthAccessTokenInterface, users userclient.UserInterface, groupMapper UserToGroupMapper, implicitAuds kauthenticator.Audiences, validators ...OAuthTokenValidator) kauthenticator.Token

Types ¶

type NoopGroupMapper ¶

type NoopGroupMapper struct{}

func (NoopGroupMapper) GroupsFor ¶

func (n NoopGroupMapper) GroupsFor(username string) ([]*userv1.Group, error)

type OAuthTokenValidator ¶

type OAuthTokenValidator interface {
	Validate(token *oauthv1.OAuthAccessToken, user *userv1.User) error
}

func NewExpirationValidator ¶

func NewExpirationValidator() OAuthTokenValidator

func NewUIDValidator ¶

func NewUIDValidator() OAuthTokenValidator

type OAuthTokenValidatorFunc ¶

type OAuthTokenValidatorFunc func(token *oauthv1.OAuthAccessToken, user *userv1.User) error

func (OAuthTokenValidatorFunc) Validate ¶

func (f OAuthTokenValidatorFunc) Validate(token *oauthv1.OAuthAccessToken, user *userv1.User) error

type OAuthTokenValidators ¶

type OAuthTokenValidators []OAuthTokenValidator

func (OAuthTokenValidators) Validate ¶

func (v OAuthTokenValidators) Validate(token *oauthv1.OAuthAccessToken, user *userv1.User) error

type TimeoutValidator ¶

type TimeoutValidator struct {
	// contains filtered or unexported fields
}

func NewTimeoutValidator ¶

func NewTimeoutValidator(tokens oauthclient.OAuthAccessTokenInterface, oauthClients oauthclientlister.OAuthClientLister, defaultTimeout time.Duration, minValidTimeout int32) *TimeoutValidator

func (*TimeoutValidator) Run ¶

func (a *TimeoutValidator) Run(stopCh <-chan struct{})

func (*TimeoutValidator) Validate ¶

func (a *TimeoutValidator) Validate(token *oauthv1.OAuthAccessToken, _ *userv1.User) error

Validate is called with a token when it is seen by an authenticator it touches only the tokenChannel so it is safe to call from other threads

type UserToGroupMapper ¶

type UserToGroupMapper interface {
	GroupsFor(username string) ([]*userv1.Group, error)
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
apis
options
rankedset

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL