storage

package

v0.29.0 Latest Latest Go to latest Published: Mar 13, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vmware-tanzu/pinniped

Links

Open Source Insights

Documentation ¶

Index ¶

type DynamicGlobalSecretConfig
- func NewDynamicGlobalSecretConfig(fositeConfig *fosite.Config, keyFunc func() []byte) *DynamicGlobalSecretConfig
type KubeStorage
- func NewKubeStorage(secrets corev1client.SecretInterface, ...) *KubeStorage
type NullStorage
- func NewNullStorage(secrets corev1client.SecretInterface, ...) *NullStorage

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DynamicGlobalSecretConfig ¶

type DynamicGlobalSecretConfig struct {
	// contains filtered or unexported fields
}

DynamicGlobalSecretConfig is a wrapper around fosite.Config which allows us to always return dynamic secrets, since those secrets can change at any time when they are loaded or reloaded by our controllers.

func NewDynamicGlobalSecretConfig ¶

func NewDynamicGlobalSecretConfig(
	fositeConfig *fosite.Config,
	keyFunc func() []byte,
) *DynamicGlobalSecretConfig

func (*DynamicGlobalSecretConfig) GetAccessTokenLifespan ¶

func (d *DynamicGlobalSecretConfig) GetAccessTokenLifespan(ctx context.Context) time.Duration

func (*DynamicGlobalSecretConfig) GetAuthorizeCodeLifespan ¶

func (d *DynamicGlobalSecretConfig) GetAuthorizeCodeLifespan(ctx context.Context) time.Duration

func (*DynamicGlobalSecretConfig) GetGlobalSecret ¶

func (d *DynamicGlobalSecretConfig) GetGlobalSecret(_ctx context.Context) ([]byte, error)

func (*DynamicGlobalSecretConfig) GetHMACHasher ¶

func (d *DynamicGlobalSecretConfig) GetHMACHasher(ctx context.Context) func() hash.Hash

func (*DynamicGlobalSecretConfig) GetRefreshTokenLifespan ¶

func (d *DynamicGlobalSecretConfig) GetRefreshTokenLifespan(ctx context.Context) time.Duration

func (*DynamicGlobalSecretConfig) GetRotatedGlobalSecrets ¶

func (d *DynamicGlobalSecretConfig) GetRotatedGlobalSecrets(_ctx context.Context) ([][]byte, error)

func (*DynamicGlobalSecretConfig) GetTokenEntropy ¶

func (d *DynamicGlobalSecretConfig) GetTokenEntropy(ctx context.Context) int

type KubeStorage ¶

type KubeStorage struct {
	// contains filtered or unexported fields
}

func NewKubeStorage ¶

func NewKubeStorage(
	secrets corev1client.SecretInterface,
	oidcClientsClient v1alpha1.OIDCClientInterface,
	timeoutsConfiguration timeouts.Configuration,
	minBcryptCost int,
) *KubeStorage

func (KubeStorage) ClientAssertionJWTValid ¶

func (k KubeStorage) ClientAssertionJWTValid(ctx context.Context, jti string) error

func (KubeStorage) CreateAccessTokenSession ¶

func (k KubeStorage) CreateAccessTokenSession(ctx context.Context, signatureOfAccessToken string, requester fosite.Requester) (err error)

func (KubeStorage) CreateAuthorizeCodeSession ¶

func (k KubeStorage) CreateAuthorizeCodeSession(ctx context.Context, signatureOfAuthcode string, r fosite.Requester) (err error)

func (KubeStorage) CreateOpenIDConnectSession ¶

func (k KubeStorage) CreateOpenIDConnectSession(ctx context.Context, fullAuthcode string, requester fosite.Requester) error

func (KubeStorage) CreatePKCERequestSession ¶

func (k KubeStorage) CreatePKCERequestSession(ctx context.Context, signatureOfAuthcode string, requester fosite.Requester) error

func (KubeStorage) CreateRefreshTokenSession ¶

func (k KubeStorage) CreateRefreshTokenSession(ctx context.Context, signatureOfRefreshToken string, request fosite.Requester) (err error)

func (KubeStorage) DeleteAccessTokenSession ¶

func (k KubeStorage) DeleteAccessTokenSession(ctx context.Context, signatureOfAccessToken string) (err error)

func (KubeStorage) DeleteOpenIDConnectSession ¶

func (k KubeStorage) DeleteOpenIDConnectSession(ctx context.Context, fullAuthcode string) error

func (KubeStorage) DeletePKCERequestSession ¶

func (k KubeStorage) DeletePKCERequestSession(ctx context.Context, signatureOfAuthcode string) error

func (KubeStorage) DeleteRefreshTokenSession ¶

func (k KubeStorage) DeleteRefreshTokenSession(ctx context.Context, signatureOfRefreshToken string) (err error)

func (KubeStorage) GetAccessTokenSession ¶

func (k KubeStorage) GetAccessTokenSession(ctx context.Context, signatureOfAccessToken string, session fosite.Session) (request fosite.Requester, err error)

func (KubeStorage) GetAuthorizeCodeSession ¶

func (k KubeStorage) GetAuthorizeCodeSession(ctx context.Context, signatureOfAuthcode string, s fosite.Session) (request fosite.Requester, err error)

func (KubeStorage) GetClient ¶

func (k KubeStorage) GetClient(ctx context.Context, id string) (fosite.Client, error)

func (KubeStorage) GetOpenIDConnectSession ¶

func (k KubeStorage) GetOpenIDConnectSession(ctx context.Context, fullAuthcode string, requester fosite.Requester) (fosite.Requester, error)

func (KubeStorage) GetPKCERequestSession ¶

func (k KubeStorage) GetPKCERequestSession(ctx context.Context, signatureOfAuthcode string, session fosite.Session) (fosite.Requester, error)

func (KubeStorage) GetRefreshTokenSession ¶

func (k KubeStorage) GetRefreshTokenSession(ctx context.Context, signatureOfRefreshToken string, session fosite.Session) (request fosite.Requester, err error)

func (KubeStorage) InvalidateAuthorizeCodeSession ¶

func (k KubeStorage) InvalidateAuthorizeCodeSession(ctx context.Context, signatureOfAuthcode string) (err error)

func (KubeStorage) RevokeAccessToken ¶

func (k KubeStorage) RevokeAccessToken(ctx context.Context, requestID string) error

func (KubeStorage) RevokeRefreshToken ¶

func (k KubeStorage) RevokeRefreshToken(ctx context.Context, requestID string) error

func (KubeStorage) RevokeRefreshTokenMaybeGracePeriod ¶

func (k KubeStorage) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) error

func (KubeStorage) SetClientAssertionJWT ¶

func (k KubeStorage) SetClientAssertionJWT(ctx context.Context, jti string, exp time.Time) error

type NullStorage ¶

type NullStorage struct {
	// The authorization endpoint uses NullStorage to avoid saving any data, but it still needs to perform client lookups.
	*clientregistry.ClientManager
}

func NewNullStorage ¶

func NewNullStorage(
	secrets corev1client.SecretInterface,
	oidcClientsClient v1alpha1.OIDCClientInterface,
	minBcryptCost int,
) *NullStorage

func (NullStorage) CreateAccessTokenSession ¶

func (NullStorage) CreateAccessTokenSession(_ context.Context, _ string, _ fosite.Requester) (err error)

func (NullStorage) CreateAuthorizeCodeSession ¶

func (NullStorage) CreateAuthorizeCodeSession(_ context.Context, _ string, _ fosite.Requester) (err error)

func (NullStorage) CreateOpenIDConnectSession ¶

func (NullStorage) CreateOpenIDConnectSession(_ context.Context, _ string, _ fosite.Requester) error

func (NullStorage) CreatePKCERequestSession ¶

func (NullStorage) CreatePKCERequestSession(_ context.Context, _ string, _ fosite.Requester) error

func (NullStorage) CreateRefreshTokenSession ¶

func (NullStorage) CreateRefreshTokenSession(_ context.Context, _ string, _ fosite.Requester) (err error)

func (NullStorage) DeleteAccessTokenSession ¶

func (NullStorage) DeleteAccessTokenSession(_ context.Context, _ string) (err error)

func (NullStorage) DeleteOpenIDConnectSession ¶

func (NullStorage) DeleteOpenIDConnectSession(_ context.Context, _ string) error

func (NullStorage) DeletePKCERequestSession ¶

func (NullStorage) DeletePKCERequestSession(_ context.Context, _ string) error

func (NullStorage) DeleteRefreshTokenSession ¶

func (NullStorage) DeleteRefreshTokenSession(_ context.Context, _ string) (err error)

func (NullStorage) GetAccessTokenSession ¶

func (NullStorage) GetAccessTokenSession(_ context.Context, _ string, _ fosite.Session) (request fosite.Requester, err error)

func (NullStorage) GetAuthorizeCodeSession ¶

func (NullStorage) GetAuthorizeCodeSession(_ context.Context, _ string, _ fosite.Session) (request fosite.Requester, err error)

func (NullStorage) GetOpenIDConnectSession ¶

func (NullStorage) GetOpenIDConnectSession(_ context.Context, _ string, _ fosite.Requester) (fosite.Requester, error)

func (NullStorage) GetPKCERequestSession ¶

func (NullStorage) GetPKCERequestSession(_ context.Context, _ string, _ fosite.Session) (fosite.Requester, error)

func (NullStorage) GetRefreshTokenSession ¶

func (NullStorage) GetRefreshTokenSession(_ context.Context, _ string, _ fosite.Session) (request fosite.Requester, err error)

func (NullStorage) InvalidateAuthorizeCodeSession ¶

func (NullStorage) InvalidateAuthorizeCodeSession(_ context.Context, _ string) (err error)

func (NullStorage) RevokeAccessToken ¶

func (NullStorage) RevokeAccessToken(_ context.Context, _ string) error

func (NullStorage) RevokeRefreshToken ¶

func (NullStorage) RevokeRefreshToken(_ context.Context, _ string) error

func (NullStorage) RevokeRefreshTokenMaybeGracePeriod ¶

func (NullStorage) RevokeRefreshTokenMaybeGracePeriod(_ context.Context, _ string, _ string) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL