- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 17 for Aud (0.02 sec)
-
pkg/serviceaccount/claims_test.go
node *core.Node exp int64 warnafter int64 aud []string err string // desired sc *jwt.Claims pc *privateClaims featureJTI, featurePodNodeInfo, featureNodeBinding bool }{ { // pod and secret sa: sa, pod: pod, sec: sec, // really fast exp: 0, // nil audience aud: nil, err: "internal error, token can only be bound to one object type",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 24 18:25:29 UTC 2024 - 17.9K bytes - Viewed (0) -
tests/common/jwt/jwt_token.go
// Payload { // "aud": foo, // "exp": 4732994801, // "iat": 1579394801, // "iss": "******@****.***", // "sub": "sub-1" // } // Generated by: security/tools/jwt/samples/gen-jwt.py tests/common/jwt/key.pem -jwks=tests/common/jwt/jwks.json // --expire=3153600000 --iss=******@****.*** --sub=sub-1 --aud=foo // nolint: lll
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 12.1K bytes - Viewed (0) -
tests/integration/security/jwt_test.go
check.Status(http.StatusUnauthorized)) }, }, })) t.NewSubTest("aud").Run(newTest("testdata/requestauthn/aud.yaml.tmpl", []testCase{ { name: "invalid-aud", customizeCall: func(_ framework.TestContext, _ echo.Instance, opts *echo.CallOptions) { opts.HTTP.Path = "/valid-aud" opts.HTTP.Headers = headers.New().WithAuthz(jwt.TokenIssuer1).Build()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 25.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/istio_ca.go
iss := trustedIssuer.Get() aud := audience.Get() token, err := os.ReadFile(securityModel.ThirdPartyJwtPath) if err == nil { tok, err := detectAuthEnv(string(token)) if err != nil { log.Warnf("Starting with invalid K8S JWT token: %v", err) } else { if iss == "" { iss = tok.Iss } if len(tok.Aud) > 0 && len(aud) == 0 { aud = tok.Aud[0] } } }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 20.6K bytes - Viewed (0) -
internal/grid/manager.go
if debugPrint { fmt.Printf("handler: Got Connect Req %+v\n", cReq) } writeErr(remote.handleIncoming(ctx, conn, cReq)) } } // AuthFn should provide an authentication string for the given aud. type AuthFn func(aud string) string // Connection will return the connection for the specified host. // If the host does not exist nil will be returned. func (m *Manager) Connection(host string) *Connection {
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Mon Jun 10 17:40:33 UTC 2024 - 9.8K bytes - Viewed (0) -
manifests/charts/istiod-remote/values.yaml
# Istiod is the default pilotCertProvider: istiod sds: # The JWT token for SDS and the aud field of such JWT. See RFC 7519, section 4.1.3. # When a CSR is sent from Istio Agent to the CA (e.g. Istiod), this aud is to make sure the # JWT is intended for the CA. token: aud: istio-ca sts: # The service port used by Security Token Service (STS) server to handle token exchange requests.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 21K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/values.yaml
# Istiod is the default pilotCertProvider: istiod sds: # The JWT token for SDS and the aud field of such JWT. See RFC 7519, section 4.1.3. # When a CSR is sent from Istio Agent to the CA (e.g. Istiod), this aud is to make sure the # JWT is intended for the CA. token: aud: istio-ca sts:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 21.1K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/testdata/http/extended-allow-full-rule-out.yaml
regex: .+ - metadata: filter: envoy.filters.http.jwt_authn path: - key: payload - key: aud value: orMatch: valueMatchers: - listMatch: oneOf: orMatch:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 03 18:02:42 UTC 2024 - 39K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/kube-gateway.yaml
projected: sources: - serviceAccountToken: path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if .Values.global.imagePullSecrets }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 11.7K bytes - Viewed (0) -
manifests/charts/gateways/istio-ingress/templates/deployment.yaml
projected: sources: - serviceAccountToken: path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - name: istio-certs secret:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 18:16:49 UTC 2024 - 12.1K bytes - Viewed (0)