package google

import "istio.io/istio/security/pkg/stsservice/tokenmanager/google"

Index ¶

• Constants
• Variables
• type Duration
• type Plugin
• func CreateTokenManagerPlugin(credFetcher security.CredFetcher, trustDomain, gcpProjectNumber, gkeClusterURL string, enableCache bool) (*Plugin, error)
• func (p *Plugin) ClearCache()
• func (p *Plugin) DumpPluginStatus() ([]byte, error)
• func (p *Plugin) ExchangeToken(parameters security.StsRequestParameters) ([]byte, error)
• func (p *Plugin) GetGcpProjectNumber() string
• func (p *Plugin) GetMetadata(forCA bool, xdsAuthProvider, token string) (map[string]string, error)
• func (p *Plugin) SetEndpoints(fTokenEndpoint, aTokenEndpoint string)

Package Files ¶

tokenexchangeplugin.go

Constants ¶

const (
    GCPAuthProvider = "gcp"
)

Variables ¶

var (
    GCEProvider = "GoogleComputeEngine"
    // GKEClusterURL is the URL to send requests to the token exchange service.
    GKEClusterURL = env.RegisterStringVar("GKE_CLUSTER_URL", "", "The url of GKE cluster").Get()
)

type Duration ¶ Uses

type Duration struct {
    // Signed seconds of the span of time. Must be from -315,576,000,000
    // to +315,576,000,000 inclusive. Note: these bounds are computed from:
    // 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
    Seconds int64 `json:"seconds"`
}

type Plugin ¶ Uses

type Plugin struct {
    // contains filtered or unexported fields
}

Plugin supports token exchange with Google OAuth 2.0 authorization server.

func CreateTokenManagerPlugin ¶ Uses

func CreateTokenManagerPlugin(credFetcher security.CredFetcher, trustDomain, gcpProjectNumber, gkeClusterURL string, enableCache bool) (*Plugin, error)

CreateTokenManagerPlugin creates a plugin that fetches token from a Google OAuth 2.0 authorization server.

func (*Plugin) ClearCache ¶ Uses

func (p *Plugin) ClearCache()

ClearCache is only used for testing purposes.

func (*Plugin) DumpPluginStatus ¶ Uses

func (p *Plugin) DumpPluginStatus() ([]byte, error)

DumpTokenStatus dumps all token status in JSON

func (*Plugin) ExchangeToken ¶ Uses

func (p *Plugin) ExchangeToken(parameters security.StsRequestParameters) ([]byte, error)

GenerateToken takes STS request parameters and fetches token, returns StsResponseParameters in JSON.

func (*Plugin) GetGcpProjectNumber ¶ Uses

func (p *Plugin) GetGcpProjectNumber() string

GetGcpProjectNumber returns the GCP project number

func (*Plugin) GetMetadata ¶ Uses

func (p *Plugin) GetMetadata(forCA bool, xdsAuthProvider, token string) (map[string]string, error)

GetMetadata returns the metadata headers related to the token

func (*Plugin) SetEndpoints ¶ Uses

func (p *Plugin) SetEndpoints(fTokenEndpoint, aTokenEndpoint string)

SetEndpoints changes the endpoints for testing purposes only.

Directories ¶