Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type K8sSvcAcctAuthn ¶
type K8sSvcAcctAuthn struct {
// contains filtered or unexported fields
}
K8sSvcAcctAuthn authenticates a k8s service account (JWT) through the k8s TokenReview API.
func NewK8sSvcAcctAuthn ¶
func NewK8sSvcAcctAuthn(apiServerAddr string, apiServerCert []byte, reviewerSvcAcct string) *K8sSvcAcctAuthn
NewK8sSvcAcctAuthn creates a new authenticator for k8s JWTs apiServerURL: the URL of k8s API Server apiServerCert: the CA certificate of k8s API Server reviewerSvcAcct: the service account of the k8s token reviewer
func (*K8sSvcAcctAuthn) ValidateK8sJwt ¶
func (authn *K8sSvcAcctAuthn) ValidateK8sJwt(jwt string) ([]string, error)
ValidateK8sJwt validates a k8s JWT at API server. Return {<namespace>, <serviceaccountname>} in the JWT when the validation passes. Otherwise, return the error. jwt: the JWT to validate
Click to show internal directories.
Click to hide internal directories.