Documentation

Overview

    This is very very very specific instance when we're using unsafe. We want being as close as possible to the k8s OIDC integration, thus we're reusing their authenticator and how they are parsing the flags

    However their New() function creates the authenticator in async manner, which makes stuff tricky for us.

    It's hard verifying the authenticator is initialized (you get a hard-coded error back, but you cannot make the authentication pass due to asymmetric encryption nature.)

    Thus we're re-exporting two private methods to create authenticator in a sync manner, and ensure it's initialized by fetching the OIDC /.well-known/openid-configuration and letting it configure itself

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type OIDCAuthenticator

    type OIDCAuthenticator struct {
    	APIAudiences []string
    
    	logr.Logger
    	// contains filtered or unexported fields
    }

    func (*OIDCAuthenticator) AddFlags

    func (O *OIDCAuthenticator) AddFlags(fs *pflag.FlagSet)

    func (*OIDCAuthenticator) Authenticate

    func (O *OIDCAuthenticator) Authenticate(ctx context.Context) (user.Info, error)

    func (*OIDCAuthenticator) Init

    func (O *OIDCAuthenticator) Init() error

    func (*OIDCAuthenticator) InjectLogger

    func (O *OIDCAuthenticator) InjectLogger(l logr.Logger) error