auth

package

v0.0.0-...-2b3a616 Latest Latest Go to latest Published: Apr 18, 2017 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/apprenda-kismatic/kubernetes-ldap

Links

Open Source Insights

Documentation ¶

Index ¶

type LDAPTokenIssuer
- func (lti *LDAPTokenIssuer) ServeHTTP(resp http.ResponseWriter, req *http.Request)
type TokenReviewRequest
type TokenReviewSpec
type TokenReviewStatus
type TokenWebhook
- func NewTokenWebhook(verifier token.Verifier) *TokenWebhook
- func (tw *TokenWebhook) ServeHTTP(resp http.ResponseWriter, req *http.Request)
type UserInfo

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type LDAPTokenIssuer ¶

type LDAPTokenIssuer struct {
	LDAPServer        string
	LDAPAuthenticator ldap.Authenticator
	TokenSigner       token.Signer
}

LDAPTokenIssuer issues cryptographically secure tokens after authenticating the user against a backing LDAP directory.

func (*LDAPTokenIssuer) ServeHTTP ¶

func (lti *LDAPTokenIssuer) ServeHTTP(resp http.ResponseWriter, req *http.Request)

type TokenReviewRequest ¶

type TokenReviewRequest struct {
	Kind       string            `json:"kind"`
	APIVersion string            `json:"apiVersion"`
	Spec       TokenReviewSpec   `json:"spec"`
	Status     TokenReviewStatus `json:"status"`
}

TokenReviewRequest is issued by K8s to this service

type TokenReviewSpec ¶

type TokenReviewSpec struct {
	Token string `json:"token"`
}

TokenReviewSpec contains the token being reviewed

type TokenReviewStatus ¶

type TokenReviewStatus struct {
	// Authenticated is true if the token is valid
	Authenticated bool `json:"authenticated,omitempty"`
	// User contains information about the authenticated user.
	User UserInfo `json:"user,omitempty"`
}

TokenReviewStatus is the result of the token authentication request.

type TokenWebhook ¶

type TokenWebhook struct {
	// contains filtered or unexported fields
}

TokenWebhook responds to requests from the K8s authentication webhook

func NewTokenWebhook ¶

func NewTokenWebhook(verifier token.Verifier) *TokenWebhook

NewTokenWebhook returns a TokenWebhook with the given verifier

func (*TokenWebhook) ServeHTTP ¶

func (tw *TokenWebhook) ServeHTTP(resp http.ResponseWriter, req *http.Request)

ServeHTTP verifies the incoming token and sends the user's info back if the token is valid.

type UserInfo ¶

type UserInfo struct {
	// The name that uniquely identifies this user among all active users.
	Username string `json:"username,omitempty"`
	// A unique value that identifies this user across time. If this user is
	// deleted and another user by the same name is added, they will have
	// different UIDs.
	UID string `json:"uid,omitempty"`
	// The names of groups this user is a part of.
	Groups []string `json:"groups,omitempty"`
	// Any additional information provided by the authenticator.
	Extra map[string][]string `json:"extra,omitempty"`
}

UserInfo contains information about the user

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL