lib

package module

v0.0.0-...-373d8b7 Latest Latest Go to latest Published: Mar 17, 2023 License: Apache-2.0 Imports: 10 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/adambkaplan/go-k8s-middleware

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func AuthErr(statusCode int, message string) authErr
type SubjectAuthorizer
- func NewSubjectAuthorizer(client kubernetes.Interface) *SubjectAuthorizer
- func (s *SubjectAuthorizer) AuthorizeSubject(ctx context.Context, user authnv1.UserInfo, ...) (bool, error)
type TokenAuthenticator
- func NewTokenAuthenticator(client kubernetes.Interface) *TokenAuthenticator
- func (t *TokenAuthenticator) AuthenticateFromHeader(ctx context.Context, authHeader string) (bool, authnv1.UserInfo, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrBadRequest      = AuthErr(http.StatusBadRequest, "bad request: invalid token format")
	ErrUnauthenticated = AuthErr(http.StatusUnauthorized, "bad request: unauthenticated")
	ErrInternalAuthN   = AuthErr(http.StatusInternalServerError, "internal error: failed to authenticate user")
	ErrInternalAuthZ   = AuthErr(http.StatusInternalServerError, "internal error: failed to authorize user")
)

Functions ¶

func AuthErr ¶

func AuthErr(statusCode int, message string) authErr

Types ¶

type SubjectAuthorizer ¶

type SubjectAuthorizer struct {
	// contains filtered or unexported fields
}

func NewSubjectAuthorizer ¶

func NewSubjectAuthorizer(client kubernetes.Interface) *SubjectAuthorizer

NewSubjectAuthorizer creates a new authorizer with the provided Kubernetes client.

func (*SubjectAuthorizer) AuthorizeSubject ¶

func (s *SubjectAuthorizer) AuthorizeSubject(ctx context.Context, user authnv1.UserInfo, namespace, group, resource, verb string) (bool, error)

AuthorizeSubject checks if the user is allowed to perform the provided action

type TokenAuthenticator ¶

type TokenAuthenticator struct {
	// contains filtered or unexported fields
}

func NewTokenAuthenticator ¶

func NewTokenAuthenticator(client kubernetes.Interface) *TokenAuthenticator

func (*TokenAuthenticator) AuthenticateFromHeader ¶

func (t *TokenAuthenticator) AuthenticateFromHeader(ctx context.Context, authHeader string) (bool, authnv1.UserInfo, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL