authz

package

v1.2.1 Latest Latest Go to latest Published: Jun 30, 2021 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

This section is empty.

This section is empty.

func NoAuth(request *restful.Request, response *restful.Response, chain *restful.FilterChain)

type AdminAuth struct {
	AllowFromLocalhost bool
}

AdminAuth validates that the client can access admin endpoints (like Secrets or Dataplane Token) You can access the endpoint in two cases

Request originates from localhost. We assume that if someone has an access to VM/Pod with server, they can do whatever they want. This is also for better UX
Request originates from outside of localhost but client certs are configured for HTTPS. Client certs are essentially self signed CAs (generated by kumactl generate tls-certificate). For now we do not support SAN validation with the same CA that was used to sign server cert

func (a *AdminAuth) Validate(request *restful.Request, response *restful.Response, chain *restful.FilterChain)