kubernetes: k8s.io/kubernetes/pkg/kubeapiserver/authenticator Index | Files

package authenticator

import "k8s.io/kubernetes/pkg/kubeapiserver/authenticator"


Package Files


func IsValidServiceAccountKeyFile Uses

func IsValidServiceAccountKeyFile(file string) bool

IsValidServiceAccountKeyFile returns true if a valid public RSA key can be read from the given file

type Config Uses

type Config struct {
    Anonymous                   bool
    BasicAuthFile               string
    BootstrapToken              bool
    ClientCAFile                string
    TokenAuthFile               string
    OIDCIssuerURL               string
    OIDCClientID                string
    OIDCCAFile                  string
    OIDCUsernameClaim           string
    OIDCUsernamePrefix          string
    OIDCGroupsClaim             string
    OIDCGroupsPrefix            string
    OIDCSigningAlgs             []string
    OIDCRequiredClaims          map[string]string
    ServiceAccountKeyFiles      []string
    ServiceAccountLookup        bool
    ServiceAccountIssuer        string
    APIAudiences                authenticator.Audiences
    WebhookTokenAuthnConfigFile string
    WebhookTokenAuthnCacheTTL   time.Duration

    TokenSuccessCacheTTL time.Duration
    TokenFailureCacheTTL time.Duration

    RequestHeaderConfig *authenticatorfactory.RequestHeaderConfig

    // TODO, this is the only non-serializable part of the entire config.  Factor it out into a clientconfig
    ServiceAccountTokenGetter   serviceaccount.ServiceAccountTokenGetter
    BootstrapTokenAuthenticator authenticator.Token

Config contains the data on how to authenticate a request to the Kube API Server

func (Config) New Uses

func (config Config) New() (authenticator.Request, *spec.SecurityDefinitions, error)

New returns an authenticator.Request or an error that supports the standard Kubernetes authentication mechanisms.

Package authenticator imports 24 packages (graph) and is imported by 59 packages. Updated 2019-02-25. Refresh now. Tools for package owners.