apiserver: k8s.io/apiserver/pkg/authentication/user Index | Files

package user

import "k8s.io/apiserver/pkg/authentication/user"

Package user contains utilities for dealing with simple user exchange in the auth packages. The user.Info interface defines an interface for exchanging that info.

Index

Package Files

doc.go user.go

Constants

const (
    SystemPrivilegedGroup = "system:masters"
    NodesGroup            = "system:nodes"
    AllUnauthenticated    = "system:unauthenticated"
    AllAuthenticated      = "system:authenticated"

    Anonymous     = "system:anonymous"
    APIServerUser = "system:apiserver"

    // core kubernetes process identities
    KubeProxy             = "system:kube-proxy"
    KubeControllerManager = "system:kube-controller-manager"
    KubeScheduler         = "system:kube-scheduler"
)

well-known user and group names

type DefaultInfo Uses

type DefaultInfo struct {
    Name   string
    UID    string
    Groups []string
    Extra  map[string][]string
}

DefaultInfo provides a simple user information exchange object for components that implement the UserInfo interface.

func (*DefaultInfo) GetExtra Uses

func (i *DefaultInfo) GetExtra() map[string][]string

func (*DefaultInfo) GetGroups Uses

func (i *DefaultInfo) GetGroups() []string

func (*DefaultInfo) GetName Uses

func (i *DefaultInfo) GetName() string

func (*DefaultInfo) GetUID Uses

func (i *DefaultInfo) GetUID() string

type Info Uses

type Info interface {
    // GetName returns the name that uniquely identifies this user among all
    // other active users.
    GetName() string
    // GetUID returns a unique value for a particular user that will change
    // if the user is removed from the system and another user is added with
    // the same name.
    GetUID() string
    // GetGroups returns the names of the groups the user is a member of
    GetGroups() []string

    // GetExtra can contain any additional information that the authenticator
    // thought was interesting.  One example would be scopes on a token.
    // Keys in this map should be namespaced to the authenticator or
    // authenticator/authorizer pair making use of them.
    // For instance: "example.org/foo" instead of "foo"
    // This is a map[string][]string because it needs to be serializeable into
    // a SubjectAccessReviewSpec.authorization.k8s.io for proper authorization
    // delegation flows
    // In order to faithfully round-trip through an impersonation flow, these keys
    // MUST be lowercase.
    GetExtra() map[string][]string
}

Info describes a user that has been authenticated to the system.

Package user is imported by 471 packages. Updated 2019-01-17. Refresh now. Tools for package owners.