- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 165 for Authenticators (0.4 sec)
-
security/pkg/server/ca/server_test.go
testCases := map[string]struct { authenticators []security.Authenticator ca CertificateAuthority certChain []string code codes.Code }{ "No authenticator": { authenticators: nil, code: codes.Unauthenticated, ca: &mockca.FakeCA{}, }, "Unauthenticated request": { authenticators: []security.Authenticator{&mockAuthenticator{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Feb 28 16:41:38 UTC 2024 - 15.8K bytes - Viewed (0) -
pkg/kubeapiserver/authenticator/config.go
) authenticators = append(authenticators, authenticator.WrapAudienceAgnosticRequest(config.APIAudiences, requestHeaderAuthenticator)) } // X509 methods if config.ClientCAContentProvider != nil { certAuth := x509.NewDynamic(config.ClientCAContentProvider.VerifyOptions, x509.CommonNameUserConversion) authenticators = append(authenticators, certAuth) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 15.4K bytes - Viewed (0) -
pkg/security/authentication.go
// Authenticate authenticates the ADS request using the configured authenticators. // Returns the validated principals or an error. // If no authenticators are configured, or if the request is on a non-secure // stream ( 15010 ) - returns amn empty caller and no errors. func Authenticate(ctx context.Context, authenticators []Authenticator) (*Caller, error) { if !features.XDSAuth { return nil, nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 21 10:09:10 UTC 2023 - 2.2K bytes - Viewed (0) -
security/pkg/server/ca/server.go
func New( ca CertificateAuthority, ttl time.Duration, authenticators []security.Authenticator, controller multicluster.ComponentBuilder, ) (*Server, error) { certBundle := ca.GetCAKeyCertBundle() if len(certBundle.GetRootCertPem()) != 0 { recordCertsExpiry(certBundle) } server := &Server{ Authenticators: authenticators, serverCertTTL: ttl, ca: ca,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
pilot/pkg/xds/auth.go
// authenticate authenticates the ADS request using the configured authenticators. // Returns the validated principals or an error. // If no authenticators are configured, or if the request is on a non-secure // stream ( 15010 ) - returns an empty list of principals and no errors. func (s *DiscoveryServer) authenticate(ctx context.Context) ([]string, error) { c, err := security.Authenticate(ctx, s.Authenticators) if c != nil { return c.Identities, nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 00:26:45 UTC 2024 - 2.4K bytes - Viewed (0) -
security/pkg/nodeagent/test/mock/caserver.go
response := &pb.IstioCertificateResponse{ CertChain: []string{}, } return response, nil } id := []string{"client-identity"} if len(s.Authenticators) > 0 { caller, err := security.Authenticate(ctx, s.Authenticators) if caller == nil || err != nil { return nil, status.Error(codes.Unauthenticated, "request authenticate failure") } id = caller.Identities }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.9K bytes - Viewed (0) -
security/pkg/server/ca/fuzz_test.go
ca := fuzz.Struct[mockca.FakeCA](fg) ca.SignErr = caerror.NewError(caerror.CSRError, fmt.Errorf("cannot sign")) server := &Server{ ca: &ca, Authenticators: []security.Authenticator{&mockAuthenticator{}}, monitoring: newMonitoringMetrics(), } _, _ = server.CreateCertificate(context.Background(), &csr) })
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Sep 15 21:32:54 UTC 2022 - 1.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/server.go
} if len(features.TrustedGatewayCIDR) > 0 { authenticators = append(authenticators, &authenticate.XfccAuthenticator{}) } if features.XDSAuth { s.XDSServer.Authenticators = authenticators } caOpts.Authenticators = authenticators // Start CA or RA server. This should be called after CA and Istiod certs have been created. s.startCA(caOpts)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 46.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go
// other authenticators may run before or after the JWT authenticators. // The specific position of JWT authenticators in relation to other // authenticators is neither defined nor stable across releases. Since // each JWT authenticator must have a unique issuer URL, at most one // JWT authenticator will attempt to cryptographically validate the token. //
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 17:59:05 UTC 2024 - 26.6K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/types.go
// other authenticators may run before or after the JWT authenticators. // The specific position of JWT authenticators in relation to other // authenticators is neither defined nor stable across releases. Since // each JWT authenticator must have a unique issuer URL, at most one // JWT authenticator will attempt to cryptographically validate the token. //
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 17:59:05 UTC 2024 - 25.5K bytes - Viewed (0)