Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrMissingIDToken = errors.New("response missing ID token")
ErrMissingIDToken indicates a response that does not contain an id_token.
Functions ¶
This section is empty.
Types ¶
type OIDC ¶
type OIDC interface {
Process(ctx context.Context, cfg *oauth2.Config, code string) (*OIDCAuthenticationParams, error)
}
An OIDC extractor performs OIDC validation, extracting and storing the information required for Kubernetes authentication along the way.
type OIDCAuthenticationParams ¶
type OIDCAuthenticationParams struct {
Username string `json:"email" schema:"email"` // TODO(negz): Support other claims.
ClientID string `json:"clientID" schema:"clientID"`
ClientSecret string `json:"clientSecret" schema:"clientSecret"`
IDToken string `json:"idToken" schema:"idToken"`
RefreshToken string `json:"refreshToken" schema:"refreshToken"`
IssuerURL string `json:"issuer" schema:"issuer"`
}
OIDCAuthenticationParams are the parameters required for kubectl to authenticate to Kubernetes via OIDC.
type Option ¶
type Option func(*oidcExtractor) error
An Option represents a OIDC extractor option.
func EmailDomain ¶
EmailDomain adds the given email domain to an OIDC extractor
func HTTPClient ¶
HTTPClient allows the use of a bespoke context.
Source Files
Click to show internal directories.
Click to hide internal directories.