Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
A Authenticator is a bahamut.Authenticator compliant structure to authentify requests using an a3s token.
func New ¶
New returns a new Authenticator that will use the provided JWKS to cryptographically verify a request or session token. It will validate the token comes from the given issuer and has the correct audience.
func (*Authenticator) AuthenticateRequest ¶
func (a *Authenticator) AuthenticateRequest(bctx bahamut.Context) (bahamut.AuthAction, error)
AuthenticateRequest authenticates the request from the given bahamut.Context.
func (*Authenticator) AuthenticateSession ¶
func (a *Authenticator) AuthenticateSession(session bahamut.Session) (bahamut.AuthAction, error)
AuthenticateSession authenticates the given session.
type Option ¶
type Option func(*config)
An Option can be used to configure various options in the Authenticator.
func OptionExternalTrustedIssuers ¶
func OptionExternalTrustedIssuers(issuers ...RemoteIssuer) Option
OptionExternalTrustedIssuers sets the list of additionally trusted issuers. This is to trust tokens from other a3s instances as valid and authenticated.
func OptionIgnoredResources ¶
OptionIgnoredResources sets the list of identities that should skip authentication.
type RemoteIssuer ¶
A RemoteIssuer holds the URL and the CertPool containing a CA to validate the server
Source Files