Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ACP ¶
type ACP struct { Config ID string `json:"id"` Name string `json:"name"` Version string `json:"version"` }
ACP is the Access Control Policy retrieved from the platform.
type Config ¶
type Config struct { JWT *jwt.Config `json:"jwt,omitempty"` BasicAuth *basicauth.Config `json:"basicAuth,omitempty"` APIKey *apikey.Config `json:"apiKey,omitempty"` OIDC *oidc.Config `json:"oidc,omitempty"` OIDCGoogle *OIDCGoogle `json:"oidcGoogle,omitempty"` OAuthIntro *oauthintro.Config `json:"oAuthIntro,omitempty"` }
Config is the configuration of an Access Control Policy. It is used to set up ACP handlers.
func ConfigFromPolicy ¶
func ConfigFromPolicy(policy *hubv1alpha1.AccessControlPolicy) *Config
ConfigFromPolicy returns an ACP configuration for the given policy without resolving secret references.
func ConfigFromPolicyWithSecret ¶ added in v1.2.0
func ConfigFromPolicyWithSecret(policy *hubv1alpha1.AccessControlPolicy, secrets SecretGetter) (*Config, error)
ConfigFromPolicyWithSecret returns an ACP configuration for the given policy and resolves its secret references.
type KubeSecretGetter ¶ added in v1.2.0
type KubeSecretGetter struct {
// contains filtered or unexported fields
}
KubeSecretGetter allows getting Kubernetes secrets.
func NewKubeSecretValueGetter ¶ added in v1.2.0
func NewKubeSecretValueGetter(secrets corev1lister.SecretLister) *KubeSecretGetter
NewKubeSecretValueGetter creates a KubeSecretGetter instance.
func (KubeSecretGetter) GetValue ¶ added in v1.2.0
func (g KubeSecretGetter) GetValue(secret *corev1.SecretReference, key string) ([]byte, error)
GetValue returns the value of the given key in the given Kubernetes secret.
type OIDCGoogle ¶ added in v0.6.0
OIDCGoogle is the Google OIDC configuration.
type SecretGetter ¶ added in v1.2.0
type SecretGetter interface {
GetValue(secret *corev1.SecretReference, key string) ([]byte, error)
}
SecretGetter allows getting secrets.
type Watcher ¶
type Watcher struct {
// contains filtered or unexported fields
}
Watcher watches hub ACPs.
func NewWatcher ¶
func NewWatcher(interval time.Duration, client Client, hubClientSet hubclientset.Interface, hubInformer hubinformer.SharedInformerFactory) *Watcher
NewWatcher returns a new Watcher.