Documentation
¶
Index ¶
- func AuthenticationHandlerFilter(handler http.Handler, authenticator authenticator.Request, ...) http.Handler
- func AuthorizationFilter(handler http.Handler, authorizer authorizer.Authorizer, ...) http.Handler
- func Forbidden(reason string, attributes authorizer.Action, w http.ResponseWriter, ...)
- func ImpersonationFilter(handler http.Handler, a authorizer.Authorizer, groupCache GroupCache, ...) http.Handler
- func NewBypassAuthorizer(auth authorizer.Authorizer, paths ...string) authorizer.Authorizer
- type GroupCache
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AuthenticationHandlerFilter ¶
func AuthenticationHandlerFilter(handler http.Handler, authenticator authenticator.Request, contextMapper kapi.RequestContextMapper) http.Handler
AuthenticationHandlerFilter creates a filter object that will enforce authentication directly
func AuthorizationFilter ¶
func AuthorizationFilter(handler http.Handler, authorizer authorizer.Authorizer, authorizationAttributeBuilder authorizer.AuthorizationAttributeBuilder, contextMapper kapi.RequestContextMapper) http.Handler
AuthorizationFilter imposes normal authorization rules
func Forbidden ¶
func Forbidden(reason string, attributes authorizer.Action, w http.ResponseWriter, req *http.Request)
Forbidden renders a simple forbidden error to the response
func ImpersonationFilter ¶
func ImpersonationFilter(handler http.Handler, a authorizer.Authorizer, groupCache GroupCache, contextMapper kapi.RequestContextMapper) http.Handler
ImpersonationFilter checks for impersonation rules against the current user.
func NewBypassAuthorizer ¶
func NewBypassAuthorizer(auth authorizer.Authorizer, paths ...string) authorizer.Authorizer
NewBypassAuthorizer creates an Authorizer that always allows the exact paths described, and delegates to the nested authorizer for everything else.
Types ¶
Source Files
Click to show internal directories.
Click to hide internal directories.