server

package

v0.0.0-...-675700b Latest Latest Go to latest Published: Nov 8, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/labring/sealos

Documentation ¶

Index ¶

Constants
type AuthRequest
- func (ar AuthRequest) String() string
type AuthScope
type AuthServer
- func NewAuthServer(c *Config) (*AuthServer, error)
type AuthzResult
type Config
- func LoadConfig(fileName string) (*Config, error)
type ServerConfig
type TokenConfig

Constants ¶

View Source

const (
	DefaultMaxRequestsPerAccount    = 1000
	DefaultMaxRequestsPerIP         = 1000
	DefaultReqLimitersResetInterval = 1 * time.Hour
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthRequest ¶

type AuthRequest struct {
	RemoteConnAddr string
	RemoteAddr     string
	RemoteIP       net.IP
	User           string
	Password       api.PasswordString
	Account        string
	Service        string
	Scopes         []AuthScope
	Labels         api.Labels
}

func (AuthRequest) String ¶

func (ar AuthRequest) String() string

type AuthScope ¶

type AuthScope struct {
	Type    string
	Class   string
	Name    string
	Actions []string
}

type AuthServer ¶

type AuthServer struct {
	// contains filtered or unexported fields
}

func NewAuthServer ¶

func NewAuthServer(c *Config) (*AuthServer, error)

func (*AuthServer) Authenticate ¶

func (as *AuthServer) Authenticate(ar *AuthRequest) (bool, api.Labels, kubernetes.Client, error)

func (*AuthServer) Authorize ¶

func (as *AuthServer) Authorize(client kubernetes.Client, ar *AuthRequest) ([]AuthzResult, error)

func (*AuthServer) CreateToken ¶

func (as *AuthServer) CreateToken(ar *AuthRequest, ares []AuthzResult) (string, error)

CreateToken https://github.com/docker/distribution/blob/master/docs/spec/auth/token.md#example

func (*AuthServer) ParseRequest ¶

func (as *AuthServer) ParseRequest(req *http.Request) (*AuthRequest, error)

func (*AuthServer) ServeHTTP ¶

func (as *AuthServer) ServeHTTP(rw http.ResponseWriter, req *http.Request)

func (*AuthServer) Stop ¶

func (as *AuthServer) Stop()

type AuthzResult ¶

type AuthzResult struct {
	// contains filtered or unexported fields
}

type Config ¶

type Config struct {
	Server ServerConfig `yaml:"server"`
	Token  TokenConfig  `yaml:"token"`
}

func LoadConfig ¶

func LoadConfig(fileName string) (*Config, error)

type ServerConfig ¶

type ServerConfig struct {
	ListenAddress string `yaml:"addr,omitempty"`
	PathPrefix    string `yaml:"path_prefix,omitempty"`

	MaxRequestsPerIP         int           `yaml:"max_requests_per_ip,omitempty"`
	MaxRequestsPerAccount    int           `yaml:"max_requests_per_account,omitempty"`
	ReqLimitersResetInterval time.Duration `yaml:"req_limiters_reset_interval,omitempty"`
	WhiteIPCidrList          []string      `yaml:"white_ip_cidr_list,omitempty"`
	WhiteUserList            []string      `yaml:"white_user_list,omitempty"`
}

nolint:revive

type TokenConfig ¶

type TokenConfig struct {
	Issuer     string `yaml:"issuer,omitempty"`
	CertFile   string `yaml:"certificate,omitempty"`
	KeyFile    string `yaml:"key,omitempty"`
	Expiration int64  `yaml:"expiration,omitempty"`
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL