Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrMissingIDToken = errors.New("response missing ID token")
ErrMissingIDToken indicates a response that does not contain an id_token.
Functions ¶
This section is empty.
Types ¶
type OIDC ¶
type OIDC interface {
Process(ctx context.Context, cfg *oauth2.Config, code string) (*OIDCAuthenticationParams, error)
}
An OIDC extractor performs OIDC validation, extracting and storing the information required for Kubernetes authentication along the way.
type OIDCAuthenticationParams ¶
type OIDCAuthenticationParams struct { Username string `json:"email" schema:"email"` // TODO(negz): Support other claims. ClientID string `json:"clientID" schema:"clientID"` ClientSecret string `json:"clientSecret" schema:"clientSecret"` IDToken string `json:"idToken" schema:"idToken"` RefreshToken string `json:"refreshToken" schema:"refreshToken"` IssuerURL string `json:"issuer" schema:"issuer"` }
OIDCAuthenticationParams are the parameters required for kubectl to authenticate to Kubernetes via OIDC.
type Option ¶
type Option func(*oidcExtractor) error
An Option represents a OIDC extractor option.
func EmailDomain ¶
EmailDomain adds the given email domain to an OIDC extractor
func HTTPClient ¶
HTTPClient allows the use of a bespoke context.
Click to show internal directories.
Click to hide internal directories.