Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New

func New(nameHeaders, groupHeaders, extraHeaderPrefixes []string) (authenticator.Request, error)

func NewDynamic

func NewDynamic(nameHeaders, groupHeaders, extraHeaderPrefixes StringSliceProvider) authenticator.Request

func NewDynamicVerifyOptionsSecure

func NewDynamicVerifyOptionsSecure(verifyOptionFn x509request.VerifyOptionFunc, proxyClientNames, nameHeaders, groupHeaders, extraHeaderPrefixes StringSliceProvider) authenticator.Request

func NewSecure

func NewSecure(clientCA string, proxyClientNames []string, nameHeaders []string, groupHeaders []string, extraHeaderPrefixes []string) (authenticator.Request, error)

Types

type RequestHeaderAuthRequestController

type RequestHeaderAuthRequestController struct {
	// contains filtered or unexported fields
}

RequestHeaderAuthRequestController a controller that exposes a set of methods for dynamically filling parts of RequestHeaderConfig struct. The methods are sourced from the config map which is being monitored by this controller. The controller is primed from the server at the construction time for components that don't want to dynamically react to changes in the config map.

func NewRequestHeaderAuthRequestController

func NewRequestHeaderAuthRequestController(
	cmName string,
	cmNamespace string,
	client kubernetes.Interface,
	usernameHeadersKey, groupHeadersKey, extraHeaderPrefixesKey, allowedClientNamesKey string) *RequestHeaderAuthRequestController

NewRequestHeaderAuthRequestController creates a new controller that implements RequestHeaderAuthRequestController

func (*RequestHeaderAuthRequestController) AllowedClientNames

func (c *RequestHeaderAuthRequestController) AllowedClientNames() []string

func (*RequestHeaderAuthRequestController) ExtraHeaderPrefixes

func (c *RequestHeaderAuthRequestController) ExtraHeaderPrefixes() []string

func (*RequestHeaderAuthRequestController) GroupHeaders

func (c *RequestHeaderAuthRequestController) GroupHeaders() []string

func (*RequestHeaderAuthRequestController) Run

func (c *RequestHeaderAuthRequestController) Run(workers int, stopCh <-chan struct{})

Run starts RequestHeaderAuthRequestController controller and blocks until stopCh is closed.

func (*RequestHeaderAuthRequestController) RunOnce

func (c *RequestHeaderAuthRequestController) RunOnce() error

// RunOnce runs a single sync loop

func (*RequestHeaderAuthRequestController) UsernameHeaders

func (c *RequestHeaderAuthRequestController) UsernameHeaders() []string

type RequestHeaderAuthRequestProvider

type RequestHeaderAuthRequestProvider interface {
	UsernameHeaders() []string
	GroupHeaders() []string
	ExtraHeaderPrefixes() []string
	AllowedClientNames() []string
}

RequestHeaderAuthRequestProvider a provider that knows how to dynamically fill parts of RequestHeaderConfig struct

type StaticStringSlice

type StaticStringSlice []string

StaticStringSlice a StringSliceProvider that returns a fixed value

func (StaticStringSlice) Value

func (s StaticStringSlice) Value() []string

Value returns the current string slice. Callers should never mutate the returned value.

type StringSliceProvider

type StringSliceProvider interface {
	// Value returns the current string slice.  Callers should never mutate the returned value.
	Value() []string
}

StringSliceProvider is a way to get a string slice value. It is heavily used for authentication headers among other places.

type StringSliceProviderFunc

type StringSliceProviderFunc func() []string

StringSliceProviderFunc is a function that matches the StringSliceProvider interface

func (StringSliceProviderFunc) Value

func (d StringSliceProviderFunc) Value() []string

Value returns the current string slice. Callers should never mutate the returned value.