Documentation ¶
Overview ¶
Package kubernetes provide auth strategy to authenticate, incoming HTTP requests using a Kubernetes Service Account Token. This authentication strategy makes it easy to introduce apps, into a Kubernetes Pod and make Pod authenticate Pod.
Example ¶
st := SetServiceAccountToken("Service Account Token") cache := store.New(2) kube := New(cache, st) r, _ := http.NewRequest("", "/", nil) _, err := kube.Authenticate(r.Context(), r) fmt.Println(err != nil)
Output: true
Index ¶
- func GetAuthenticateFunc(opts ...auth.Option) token.AuthenticateFunc
- func New(c store.Cache, opts ...auth.Option) auth.Strategy
- func SetAPIVersion(version string) auth.Option
- func SetAddress(addr string) auth.Option
- func SetAudiences(auds []string) auth.Option
- func SetClientTransport(rt http.RoundTripper) auth.Option
- func SetHTTPClient(c *http.Client) auth.Option
- func SetServiceAccountToken(token string) auth.Option
- func SetTLSConfig(tls *tls.Config) auth.Option
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetAuthenticateFunc ¶
func GetAuthenticateFunc(opts ...auth.Option) token.AuthenticateFunc
GetAuthenticateFunc return function to authenticate request using kubernetes token review. The returned function typically used with the token strategy.
Example ¶
cache := store.New(2) fn := GetAuthenticateFunc() kube := token.New(fn, cache) r, _ := http.NewRequest("", "/", nil) _, err := kube.Authenticate(r.Context(), r) fmt.Println(err != nil)
Output: true
func New ¶
New return strategy authenticate request using kubernetes token review. New is similar to token.New().
Example ¶
cache := store.New(2) kube := New(cache) r, _ := http.NewRequest("", "/", nil) _, err := kube.Authenticate(r.Context(), r) fmt.Println(err != nil)
Output: true
func SetAPIVersion ¶
SetAPIVersion sets kuberntess api version. e.g authentication.k8s.io/v1
func SetAddress ¶
SetAddress sets kuberntess api server address e.g http://host:port or https://host:port.
func SetAudiences ¶
SetAudiences sets the list of the identifiers that the resource server presented with the token identifies as.
func SetClientTransport ¶
func SetClientTransport(rt http.RoundTripper) auth.Option
SetClientTransport sets underlying http client transport.
func SetHTTPClient ¶
SetHTTPClient sets underlying http client.
func SetServiceAccountToken ¶
SetServiceAccountToken sets kubernetes service account token for token review API.
Types ¶
This section is empty.