Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IDTokenWebhookHandler ¶
type IDTokenWebhookHandler struct { ClientCfg *api.Config ForceLogin bool ExecCredentialMode bool Nonce string QuitChan chan struct{} }
IDTokenWebhookHandler carries configuration and any other state (like the nonce) between the main initialization and the subsequent fetching of the ID token passed to the server after authenticating.
func (*IDTokenWebhookHandler) ServeHTTP ¶
func (h *IDTokenWebhookHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
Extract ID token from form POST parameter, store it in kubeconf, send 200 OK response and then exit
type StdClaimsWithNonce ¶
type StdClaimsWithNonce struct { Nonce string `json:"nonce"` jwt.StandardClaims }
StdClaimsWithNonce - since all verification is done server side by the kubernetes API, all we are really interested in here is that: 1) the token is not expired or else we shouldn't store it and 2) that the nonce in the ID token is the same as that provided in the authorization request
Click to show internal directories.
Click to hide internal directories.