Documentation ¶
Index ¶
- func GetExtraValue(key string, ctx context.Context) []string
- func GetUID(ctx context.Context) (uid string)
- func Groups(ctx context.Context) (groups []string)
- func IsAdministrator(ctx context.Context, privilegedUsername string) bool
- func SetupAuthentication(genericAPIServerConfig *genericapiserver.Config, ...) error
- func SetupAuthenticationWithoutAudiences(genericAPIServerConfig *genericapiserver.Config, ...) error
- func UsernameAndTenantID(ctx context.Context) (username string, tenantID string)
- type Config
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetUID ¶ added in v1.4.0
GetUID implementation decomposition in the original kubernetes api server the user name obtained in *Userinfo is the actual userID.
func IsAdministrator ¶
IsAdministrator check whether administrator
func SetupAuthentication ¶
func SetupAuthentication(genericAPIServerConfig *genericapiserver.Config, authenticationOpts *options.AuthenticationWithAPIOptions) error
SetupAuthentication config the generic apiserver by authentication options.
func SetupAuthenticationWithoutAudiences ¶
func SetupAuthenticationWithoutAudiences(genericAPIServerConfig *genericapiserver.Config, authenticationOpts *options.AuthenticationOptions, apiAudiences []string) error
SetupAuthenticationWithoutAudiences config the generic apiserver by authentication options.
Types ¶
type Config ¶
type Config struct { ClientCAFile string TokenAuthFile string OIDCIssuerURL string OIDCExternalIssuerURL string OIDCClientID string OIDCCAFile string OIDCUsernameClaim string OIDCUsernamePrefix string OIDCGroupsClaim string OIDCGroupsPrefix string OIDCTenantIDClaim string OIDCTenantIDPrefix string OIDCSigningAlgs []string OIDCRequiredClaims map[string]string APIAudiences authenticator.Audiences WebhookTokenAuthnConfigFile string WebhookTokenAuthnVersion string WebhookTokenAuthnCacheTTL time.Duration TokenSuccessCacheTTL time.Duration TokenFailureCacheTTL time.Duration RequestHeaderConfig *authenticatorfactory.RequestHeaderConfig }
Config contains the data on how to authenticate a request to the Kube API Server
func (Config) New ¶
func (config Config) New() (authenticator.Request, *spec.SecurityDefinitions, error)
New returns an authenticator.Request or an error that supports the standard Kubernetes authentication mechanisms.
Click to show internal directories.
Click to hide internal directories.