tokenreview

package

v0.0.0-...-edfa39e Latest Latest Go to latest Published: Jan 28, 2019 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/simpleusd/istio

Links

Open Source Insights

Documentation ¶

Index ¶

type K8sSvcAcctAuthn
- func NewK8sSvcAcctAuthn(apiServerAddr string, apiServerCert []byte, reviewerSvcAcct string) *K8sSvcAcctAuthn
- func (authn *K8sSvcAcctAuthn) ValidateK8sJwt(jwt string) ([]string, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type K8sSvcAcctAuthn ¶

type K8sSvcAcctAuthn struct {
	// contains filtered or unexported fields
}

K8sSvcAcctAuthn authenticates a k8s service account (JWT) through the k8s TokenReview API.

func NewK8sSvcAcctAuthn ¶

func NewK8sSvcAcctAuthn(apiServerAddr string, apiServerCert []byte, reviewerSvcAcct string) *K8sSvcAcctAuthn

NewK8sSvcAcctAuthn creates a new authenticator for k8s JWTs apiServerURL: the URL of k8s API Server apiServerCert: the CA certificate of k8s API Server reviewerSvcAcct: the service account of the k8s token reviewer

func (*K8sSvcAcctAuthn) ValidateK8sJwt ¶

func (authn *K8sSvcAcctAuthn) ValidateK8sJwt(jwt string) ([]string, error)

ValidateK8sJwt validates a k8s JWT at API server. Return {<namespace>, <serviceaccountname>} in the JWT when the validation passes. Otherwise, return the error. jwt: the JWT to validate

Source Files ¶

View all Source files

k8sauthn.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL