middleware

package
v0.4.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 6, 2022 License: MIT Imports: 8 Imported by: 0

Documentation

Overview

Kubernetes HTTP auth middleware for managing access via client ID (service account token) present in request header.

Index

Constants

View Source
const (
	AuthStatusContextKey contextKey = "k8s-http-auth.middleware.status"
)

Variables

View Source
var (
	JSONNotImplementedHandler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		w.Header().Set("Content-Type", "application/json")
		w.WriteHeader(http.StatusNotImplemented)
		_ = json.NewEncoder(w).Encode(map[string]string{
			"error": "not implemented",
			"details": strings.Join([]string{
				"you are likely seeing this because there is no \"next\" handler",
				"available in the k8s-http-auth middleware",
			}, " "),
		})
	})

	JSONUnauthorizedHandler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		w.Header().Set("Content-Type", "application/json")
		w.WriteHeader(http.StatusUnauthorized)
		_ = json.NewEncoder(w).Encode(map[string]string{"error": "unauthorized"})
	})
)

Functions

This section is empty.

Types

type Func

type Func func(http.Handler) http.Handler

Func is the function type returned from New for use as an http middleware.

func NewFunc

func NewFunc(rev reviewer.TokenReviewCreator, opts *Options) Func

NewFunc creates a new Func for use with an http mux (router).

type Middleware

type Middleware interface {
	http.Handler

	// WithNext accepts the "next" http.Handler in the middleware
	// stack and returns the wrapping Middleware.
	WithNext(http.Handler) Middleware
}

Middleware is an http.Handler that knows how to wrap another http.Handler as in a middleware chain.

func New

New creates a Middleware for use with an http mux (router).

type Options

type Options struct {
	// Audiences are passed directly with a token review when
	// validating a request.
	Audiences []string

	// IDHeader is the header key checked when validating a
	// request.
	IDHeader string

	// UnauthorizedHandler is used when the incoming request is not
	// authorized. The handler is expected to run
	// http.ResponseWriter.WriteHeader. If not provided, the
	// default will be JSONUnauthorizedHandler.
	UnauthorizedHandler http.Handler
}

Options may be passed to New when creating a middleware func type.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL