GO-2025-3637: Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS in github.com/minio/operator

auth

package

v0.0.0-...-7c1f234 Latest Latest Go to latest Published: Jun 30, 2025 License: AGPL-3.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/minio/operator

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type IdentityProvider ¶

type IdentityProvider struct {
	KeyFunc oauth2.StateKeyFunc
	Client  *oauth2.Provider
	RoleARN string
}

IdentityProvider Identity implementation

Define the structure of a IdentityProvider with Client inside and define the functions that are used during the authentication flow.

func (IdentityProvider) GenerateLoginURL ¶

func (c IdentityProvider) GenerateLoginURL() string

GenerateLoginURL returns a new URL used by the user to login against the idp

func (IdentityProvider) Logout ¶

func (c IdentityProvider) Logout(refreshToken string) error

Logout ends session on IDP

func (IdentityProvider) VerifyIdentity ¶

func (c IdentityProvider) VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error)

VerifyIdentity will verify the user identity against the idp using the authorization code flow

func (IdentityProvider) VerifyIdentityForOperator ¶

func (c IdentityProvider) VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error)

VerifyIdentityForOperator will verify the user identity against the idp using the authorization code flow

type IdentityProviderI ¶

type IdentityProviderI interface {
	VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error)
	VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error)
	GenerateLoginURL() string
	Logout(refreshToken string) error
}

IdentityProviderI interface with all functions to be implemented by mock when testing, it should include all IdentityProvider respective api calls that are used within this project.

Source Files ¶

View all Source files

idp.go

Directories ¶

Path	Synopsis
idp
oauth2 Package oauth2 contains all the necessary configurations to initialize the idp communication using oauth2 protocol	Package oauth2 contains all the necessary configurations to initialize the idp communication using oauth2 protocol
token
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL