package oidc
import "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/oidc"
oidc implements the authenticator.Token interface using the OpenID Connect protocol.
Index ¶
- Constants
- type OIDCAuthenticator
- func New(opts OIDCOptions) (*OIDCAuthenticator, error)
- func (a *OIDCAuthenticator) AuthenticateToken(value string) (user.Info, bool, error)
- func (a *OIDCAuthenticator) Close()
- type OIDCOptions
Constants ¶
Types ¶
type OIDCAuthenticator ¶
type OIDCAuthenticator struct {
// contains filtered or unexported fields
}
func New ¶
func New(opts OIDCOptions) (*OIDCAuthenticator, error)
New creates a new OpenID Connect client with the given issuerURL and clientID. NOTE(yifan): For now we assume the server provides the "jwks_uri" so we don't need to manager the key sets by ourselves.
func (*OIDCAuthenticator) AuthenticateToken ¶
AuthenticateToken decodes and verifies a JWT using the OIDC client, if the verification succeeds, then it will extract the user info from the JWT claims.
func (*OIDCAuthenticator) Close ¶
func (a *OIDCAuthenticator) Close()
Close closes the OIDC authenticator, this will close the provider sync goroutine.
type OIDCOptions ¶
type OIDCOptions struct {
IssuerURL string
ClientID string
CAFile string
UsernameClaim string
GroupsClaim string
// 0 disables retry
MaxRetries int
RetryBackoff time.Duration
}
Source Files ¶
oidc.go
- Version
- v1.3.0-alpha.4
- Published
- May 17, 2016
- Platform
- darwin/amd64
- Imports
- 13 packages
- Last checked
- 2 hours ago –
Tools for package owners.