azure

package
v0.16.14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 20, 2024 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AKSAuthMode              = "aks"
	ARCAuthMode              = "arc"
	OBOAuthMode              = "obo"
	ClientCredentialAuthMode = "client-credential"
	PassthroughAuthMode      = "passthrough"
)
View Source 
const (
	BadTokenKey         = "badToken"
	HeaderBadKeyID      = "headerBadKeyID"
	HeaderBadAlgo       = "headerBadAlgo"
	HeaderBadtyp        = "headerBadtyp"
	HeaderBadtypType    = "headerBadtypType"
	HeaderBadtypMissing = "headerBadtypMissing"
	UClaimsMissing      = "uClaimsMissing"
	TsClaimsMissing     = "tsClaimsMissing"
	AtClaimsMissing     = "atClaimsMissing"
	AtClaimIncorrect    = "atClaimIncorrect"
	CnfClaimsMissing    = "cnfClaimsMissing"
	CnfJwkClaimsEmpty   = "cnfJwkClaimsEmpty"
	CnfJwkClaimsWrong   = "cnfJwkClaimsWrong"
	CnfJwkClaimsMissing = "cnfJwkClaimsMissing"
	AccessTokenCnfWrong = "accessTokenCnfWrong"
	AtClaimsWrongType   = "atClaimsWrongType"
	AtCnfClaimMissing   = "atCnfClaimMissing"
	AtCnfClaimWrong     = "atCnfClaimWrong"
	TsClaimsTypeString  = "tsClaimsTypeString"
	TsClaimsTypeUnknown = "tsClaimsTypeUnknown"
	UClaimsWrongType    = "uClaimsWrongType"
	SignatureWrongType  = "signatureWrongType"
)
View Source 
const (
	OrgType = "azure"
)

Variables

View Source 
var ErrClaimNotFound = fmt.Errorf("claim not found")

ErrorClaimNotFound indicates the given key was not found in the claims

Functions

func New 

func New(ctx context.Context, opts Options) (auth.Interface, error)

New is called per authentication request

func NewSWPoPKey added in v0.16.1 

func NewSWPoPKey() (*swPoPKey, error)

func NewSwkKey added in v0.16.1 

func NewSwkKey() (*swKey, error)

Types

type Authenticator 

type Authenticator struct {
	Options
	// contains filtered or unexported fields
}

func (Authenticator) Check 

func (s Authenticator) Check(ctx context.Context, token string) (*authv1.UserInfo, error)

func (Authenticator) UID 

func (s Authenticator) UID() string

type Claims added in v0.9.0 

type Claims map[string]interface{}

Claims maintains token claims

type Options 

type Options struct {
	Environment                              string
	ClientID                                 string
	ClientSecret                             string
	TenantID                                 string
	UseGroupUID                              bool
	AuthMode                                 string
	AKSTokenURL                              string
	EnablePOP                                bool
	POPTokenHostname                         string
	PoPTokenValidityDuration                 time.Duration
	ResolveGroupMembershipOnlyOnOverageClaim bool
	SkipGroupMembershipResolution            bool
	VerifyClientID                           bool
	ResourceId                               string
	AzureRegion                              string
	HttpClientRetryCount                     int
}

func NewOptions 

func NewOptions() Options

func (*Options) AddFlags 

func (o *Options) AddFlags(fs *pflag.FlagSet)

func (Options) Apply 

func (o Options) Apply(d *apps.Deployment) (extraObjs []runtime.Object, err error)

func (*Options) Validate 

func (o *Options) Validate() []error

type PoPToken added in v0.16.1 

type PoPToken struct {
	Header    string
	Payload   string
	Signature string
}

A struct that represents a PoP token

type PoPTokenBuilderImpl added in v0.16.1 

type PoPTokenBuilderImpl struct {
	// contains filtered or unexported fields
}

A concrete builder struct that implements the steps to build a PoP token

func NewPoPTokenBuilder added in v0.16.1 

func NewPoPTokenBuilder() *PoPTokenBuilderImpl

A constructor function that returns a new PoPTokenBuilderImpl

func (*PoPTokenBuilderImpl) GetToken added in v0.16.1 

func (b *PoPTokenBuilderImpl) GetToken() (string, error)

A method that returns the final PoP token as a string

func (*PoPTokenBuilderImpl) SetHeader added in v0.16.1 

func (b *PoPTokenBuilderImpl) SetHeader() error

A method that sets the header of the PoP token

func (*PoPTokenBuilderImpl) SetHostName added in v0.16.1 

func (b *PoPTokenBuilderImpl) SetHostName(hostName string) *PoPTokenBuilderImpl

func (*PoPTokenBuilderImpl) SetKid added in v0.16.1 

func (b *PoPTokenBuilderImpl) SetKid(kid string) *PoPTokenBuilderImpl

func (*PoPTokenBuilderImpl) SetPayload added in v0.16.1 

func (b *PoPTokenBuilderImpl) SetPayload() error

A method that sets the payload of the PoP token

func (*PoPTokenBuilderImpl) SetSignature added in v0.16.1 

func (b *PoPTokenBuilderImpl) SetSignature() error

A method that sets the signature of the PoP token

func (*PoPTokenBuilderImpl) SetTimestamp added in v0.16.1 

func (b *PoPTokenBuilderImpl) SetTimestamp(ts int64) *PoPTokenBuilderImpl

type PoPTokenVerifier added in v0.9.0 

type PoPTokenVerifier struct {
	PoPTokenValidityDuration time.Duration
	// contains filtered or unexported fields
}

PopTokenVerifier is validator for PoP tokens.

func NewPoPVerifier added in v0.9.0 

func NewPoPVerifier(hostName string, popTokenValidityDuration time.Duration) *PoPTokenVerifier

func (*PoPTokenVerifier) ValidatePopToken added in v0.9.0 

func (p *PoPTokenVerifier) ValidatePopToken(token string) (string, error)

ValidatePopToken is validating the pop token RFC : https://datatracker.ietf.org/doc/html/rfc7800

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.