Documentation
¶
Overview ¶
This is very very very specific instance when we're using unsafe. We want being as close as possible to the k8s OIDC integration, thus we're reusing their authenticator and how they are parsing the flags
However their New() function creates the authenticator in async manner, which makes stuff tricky for us.
It's hard verifying the authenticator is initialized (you get a hard-coded error back, but you cannot make the authentication pass due to asymmetric encryption nature.)
Thus we're re-exporting two private methods to create authenticator in a sync manner, and ensure it's initialized by fetching the OIDC /.well-known/openid-configuration and letting it configure itself
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type OIDCAuthenticator ¶
type OIDCAuthenticator struct {
APIAudiences []string
logr.Logger
// contains filtered or unexported fields
}
func (*OIDCAuthenticator) AddFlags ¶
func (O *OIDCAuthenticator) AddFlags(fs *pflag.FlagSet)
func (*OIDCAuthenticator) Authenticate ¶
func (*OIDCAuthenticator) Init ¶
func (O *OIDCAuthenticator) Init() error
func (*OIDCAuthenticator) InjectLogger ¶
func (O *OIDCAuthenticator) InjectLogger(l logr.Logger) error
Source Files
Click to show internal directories.
Click to hide internal directories.