Documentation ¶
Overview ¶
Package local contains an AuthProvider implementation backed by a passwd-like file stored in the secrets backend. This is primarily meant for testing, but could also be used in small setups.
Index ¶
- func New(s *secrets.SecretEngine) common.AuthProvider
- type AuthProvider
- func (a *AuthProvider) Authenticate(req *types.LoginRequest) (*types.AuthResult, error)
- func (a *AuthProvider) Close() error
- func (a *AuthProvider) CreateUser(req *types.CreateUserRequest) error
- func (a *AuthProvider) DeleteUser(username string) error
- func (a *AuthProvider) GetUser(username string) (*types.VDIUser, error)
- func (a *AuthProvider) GetUsers() ([]*types.VDIUser, error)
- func (l *AuthProvider) Reconcile(ctx context.Context, reqLogger logr.Logger, c client.Client, ...) error
- func (a *AuthProvider) Setup(c client.Client, cluster *appv1.VDICluster) error
- func (a *AuthProvider) UpdateUser(username string, req *types.UpdateUserRequest) error
- type User
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AuthProvider ¶
type AuthProvider struct { common.AuthProvider // contains filtered or unexported fields }
AuthProvider implements an AuthProvider that uses a local secret similar to a passwd file to authenticate users and map them to roles. This is primarily intended for testing and ideally external auth providers would be supported.
func (*AuthProvider) Authenticate ¶
func (a *AuthProvider) Authenticate(req *types.LoginRequest) (*types.AuthResult, error)
Authenticate implements AuthProvider and simply checks the provided password in the request against the hash in the file.
func (*AuthProvider) Close ¶
func (a *AuthProvider) Close() error
Close returns nil automatically as no cleanup is required.
func (*AuthProvider) CreateUser ¶
func (a *AuthProvider) CreateUser(req *types.CreateUserRequest) error
CreateUser implements AuthProvider and serves a POST /api/users request
func (*AuthProvider) DeleteUser ¶
func (a *AuthProvider) DeleteUser(username string) error
DeleteUser implements AuthProvider and serves a DELETE /api/users/{user} request
func (*AuthProvider) GetUser ¶
func (a *AuthProvider) GetUser(username string) (*types.VDIUser, error)
GetUser implements AuthProvider and serves a GET /api/users/{user} request
func (*AuthProvider) GetUsers ¶
func (a *AuthProvider) GetUsers() ([]*types.VDIUser, error)
GetUsers implements AuthProvider and serves a GET /api/users request
func (*AuthProvider) Reconcile ¶
func (l *AuthProvider) Reconcile(ctx context.Context, reqLogger logr.Logger, c client.Client, cluster *appv1.VDICluster, adminPass string) error
Reconcile prepares the resources required to use the local authentication driver.
func (*AuthProvider) Setup ¶
func (a *AuthProvider) Setup(c client.Client, cluster *appv1.VDICluster) error
Setup implements the AuthProvider interface and sets a local reference to the k8s client and vdi cluster.
func (*AuthProvider) UpdateUser ¶
func (a *AuthProvider) UpdateUser(username string, req *types.UpdateUserRequest) error
UpdateUser implements AuthProvider and serves a PUT /api/users/{user} request
type User ¶
User is a struct implementation of a user as stored in the passwd file.
func (*User) Encode ¶
Encode will return the string representation of this user for storage in the secret.
func (*User) PasswordMatchesHash ¶
PasswordMatchesHash returns true if the supplied password matches the hash for this user.