- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 11 for AuthenticateToken (0.33 sec)
-
staging/src/k8s.io/apiserver/pkg/authentication/token/cache/cached_token_authenticator_test.go
a.AuthenticateToken(context.Background(), "bad1") a.AuthenticateToken(context.Background(), "bad2") a.AuthenticateToken(context.Background(), "bad3") fakeClock.Step(2 * time.Microsecond) a.AuthenticateToken(context.Background(), "bad1") a.AuthenticateToken(context.Background(), "bad2") a.AuthenticateToken(context.Background(), "bad3") fakeClock.Step(2 * time.Microsecond)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jul 03 16:16:51 UTC 2023 - 20.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/metrics.go
delegate AuthenticatorTokenWithHealthCheck clock clock.PassiveClock } func (a *instrumentedAuthenticator) AuthenticateToken(ctx context.Context, token string) (*authenticator.Response, bool, error) { start := a.clock.Now() response, ok, err := a.delegate.AuthenticateToken(ctx, token) // this only happens when issuer doesn't match the authenticator // we don't want to record metrics for this case
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 3.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authentication/token/cache/cached_token_authenticator.go
hashPool: &sync.Pool{ New: func() interface{} { return hmac.New(sha256.New, randomCacheKey) }, }, } } // AuthenticateToken implements authenticator.Token func (a *cachedTokenAuthenticator) AuthenticateToken(ctx context.Context, token string) (*authenticator.Response, bool, error) { record := a.doAuthenticateToken(ctx, token) if !record.ok || record.err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jul 03 16:16:51 UTC 2023 - 9.8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/metrics_test.go
t.Run(tt.name, func(t *testing.T) { jwtAuthenticatorLatencyMetric.Reset() RegisterMetrics() a := newInstrumentedAuthenticatorWithClock(testIssuer, tt.authenticator, dummyClock{}) _, _, _ = a.AuthenticateToken(context.Background(), "token") if err := testutil.GatherAndCompare(legacyregistry.DefaultGatherer, strings.NewReader(tt.expectedValue), "apiserver_authentication_jwt_authenticator_latency_seconds"); err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 8.8K bytes - Viewed (0) -
plugin/pkg/auth/authenticator/token/bootstrap/bootstrap.go
func tokenErrorf(s *corev1.Secret, format string, i ...interface{}) { format = fmt.Sprintf("Bootstrap secret %s/%s matching bearer token ", s.Namespace, s.Name) + format klog.V(3).Infof(format, i...) } // AuthenticateToken tries to match the provided token to a bootstrap token secret // in a given namespace. If found, it authenticates the token in the // "system:bootstrappers" group and with the "system:bootstrap:(token-id)" username. //
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 30 20:38:15 UTC 2023 - 5.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authentication/request/websocket/protocol.go
if len(token) > 0 && len(filteredProtocols) == 0 { return nil, false, errors.New("missing additional subprotocol") } if len(token) == 0 { return nil, false, nil } resp, ok, err := a.auth.AuthenticateToken(req.Context(), token) // on success, remove the protocol with the token if ok { // https://tools.ietf.org/html/rfc6455#section-11.3.4 indicates the Sec-WebSocket-Protocol header may appear multiple times
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jun 07 18:21:43 UTC 2023 - 3.4K bytes - Viewed (0) -
pkg/serviceaccount/jwt_test.go
ctx := authenticator.WithAudiences(context.Background(), auds) if _, ok, err := authn.AuthenticateToken(ctx, "invalid token"); err != nil || ok { t.Errorf("%s: Expected err=nil, ok=false for non-JWT token", k) continue } resp, ok, err := authn.AuthenticateToken(ctx, tc.Token) if (err != nil) != tc.ExpectedErr { t.Errorf("%s: Expected error=%v, got %v", k, tc.ExpectedErr, err)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Feb 27 22:16:08 UTC 2024 - 17K bytes - Viewed (0) -
pkg/serviceaccount/jwt.go
// call. This struct should contain fields for any private claims that the // Validator requires to validate the JWT. NewPrivateClaims() interface{} } func (j *jwtTokenAuthenticator) AuthenticateToken(ctx context.Context, tokenData string) (*authenticator.Response, bool, error) { if !j.hasCorrectIssuer(tokenData) { return nil, false, nil } tok, err := jwt.ParseSigned(tokenData) if err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Feb 27 22:16:08 UTC 2024 - 10.7K bytes - Viewed (0) -
pkg/kubeapiserver/authenticator/config.go
tokenAuthenticators = append(tokenAuthenticators, authenticator.TokenFunc(func(ctx context.Context, token string) (*authenticator.Response, bool, error) { return jwtAuthenticatorPtr.Load().jwtAuthenticator.AuthenticateToken(ctx, token) }), ) } if len(config.WebhookTokenAuthnConfigFile) > 0 { webhookTokenAuth, err := newWebhookTokenAuthenticator(config) if err != nil { return nil, nil, nil, nil, err
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 15.4K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go
} if v.audiences.HasAny(t.Audience...) { return nil } return fmt.Errorf("oidc: expected audience in %q got %q", sets.List(v.audiences), t.Audience) } func (a *jwtAuthenticator) AuthenticateToken(ctx context.Context, token string) (*authenticator.Response, bool, error) { if !hasCorrectIssuer(a.jwtAuthenticator.Issuer.URL, token) { return nil, false, nil } verifier, ok := a.idTokenVerifier()
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 37.9K bytes - Viewed (0)