authenticatorfactory

package
v0.0.0-...-d3ccc4f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 11, 2018 License: Apache-2.0, Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewFromTokens

func NewFromTokens(tokens map[string]*user.DefaultInfo) authenticator.Request

NewFromTokens returns an authenticator.Request or an error

Types

type DelegatingAuthenticatorConfig

type DelegatingAuthenticatorConfig struct {
	Anonymous bool

	TokenAccessReviewClient authenticationclient.TokenReviewInterface

	// CacheTTL is the length of time that a token authentication answer will be cached.
	CacheTTL time.Duration

	// ClientCAFile is the CA bundle file used to authenticate client certificates
	ClientCAFile string

	RequestHeaderConfig *RequestHeaderConfig
}

DelegatingAuthenticatorConfig is the minimal configuration needed to create an authenticator built to delegate authentication to a kube API server

func (DelegatingAuthenticatorConfig) New

type RequestHeaderConfig

type RequestHeaderConfig struct {
	// UsernameHeaders are the headers to check (in order, case-insensitively) for an identity. The first header with a value wins.
	UsernameHeaders []string
	// GroupHeaders are the headers to check (case-insensitively) for a group names.  All values will be used.
	GroupHeaders []string
	// ExtraHeaderPrefixes are the head prefixes to check (case-insentively) for filling in
	// the user.Info.Extra.  All values of all matching headers will be added.
	ExtraHeaderPrefixes []string
	// ClientCA points to CA bundle file which is used verify the identity of the front proxy
	ClientCA string
	// AllowedClientNames is a list of common names that may be presented by the authenticating front proxy.  Empty means: accept any.
	AllowedClientNames []string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL