Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewFromTokens ¶
func NewFromTokens(tokens map[string]*user.DefaultInfo) authenticator.Request
NewFromTokens returns an authenticator.Request or an error
Types ¶
type DelegatingAuthenticatorConfig ¶
type DelegatingAuthenticatorConfig struct { Anonymous bool TokenAccessReviewClient authenticationclient.TokenReviewInterface // CacheTTL is the length of time that a token authentication answer will be cached. CacheTTL time.Duration // ClientCAFile is the CA bundle file used to authenticate client certificates ClientCAFile string RequestHeaderConfig *RequestHeaderConfig }
DelegatingAuthenticatorConfig is the minimal configuration needed to create an authenticator built to delegate authentication to a kube API server
func (DelegatingAuthenticatorConfig) New ¶
func (c DelegatingAuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDefinitions, error)
type RequestHeaderConfig ¶
type RequestHeaderConfig struct { // UsernameHeaders are the headers to check (in order, case-insensitively) for an identity. The first header with a value wins. UsernameHeaders []string // GroupHeaders are the headers to check (case-insensitively) for a group names. All values will be used. GroupHeaders []string // ExtraHeaderPrefixes are the head prefixes to check (case-insentively) for filling in // the user.Info.Extra. All values of all matching headers will be added. ExtraHeaderPrefixes []string // ClientCA points to CA bundle file which is used verify the identity of the front proxy ClientCA string // AllowedClientNames is a list of common names that may be presented by the authenticating front proxy. Empty means: accept any. AllowedClientNames []string }
Click to show internal directories.
Click to hide internal directories.