- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 47 for audiences (0.27 sec)
-
security/pkg/util/jwtutil.go
return listAud, nil } return nil, err } type jwtPayload struct { // Aud is JWT token audience - used to identify 3p tokens. // It is empty for the default K8S tokens. Aud []string `json:"aud"` } // ExtractJwtAud extracts the audiences from a JWT token. If aud cannot be parse, the bool will be set // to false. This distinguishes aud=[] from not parsed.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 31 16:07:11 UTC 2024 - 3.2K bytes - Viewed (0) -
security/pkg/util/jwtutil_test.go
testCases := map[string]struct { jwt string aud []string }{ "no audience": { jwt: firstPartyJwt, }, "one audience string": { jwt: oneAudString, aud: []string{"abc"}, }, "one audience list": { jwt: thirdPartyJwt, aud: []string{"yonggangl-istio-4.svc.id.goog"}, }, "two audiences list": { jwt: twoAudList, aud: []string{"abc", "xyz"}, }, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 31 16:07:11 UTC 2024 - 6K bytes - Viewed (0) -
security/pkg/server/ca/authenticate/kubeauth/kube_jwt_test.go
ctx = metadata.NewIncomingContext(ctx, tc.metadata) } tokenReview := &k8sauth.TokenReview{ Spec: k8sauth.TokenReviewSpec{ Token: tc.token, }, } tokenReview.Status.Audiences = []string{} if tc.token != invlidToken { tokenReview.Status.Authenticated = true } tokenReview.Status.User = k8sauth.UserInfo{ Username: "system:serviceaccount:default:example-pod-sa",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 6.1K bytes - Viewed (0) -
internal/config/identity/openid/jwt.go
// REQUIRED. Audience(s) that this ID Token is intended for. // It MUST contain the OAuth 2.0 client_id of the Relying Party // as an audience value. It MAY also contain identifiers for // other audiences. In the general case, the aud value is an // array of case sensitive strings. In the common special case // when there is one audience, the aud value MAY be a single // case sensitive
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu May 30 18:10:41 UTC 2024 - 8.3K bytes - Viewed (0) -
pkg/config/security/security_test.go
}, { key: "source.principal", values: []string{"value"}, }, { key: "request.auth.principal", values: []string{"value"}, }, { key: "request.auth.audiences", values: []string{"value"}, }, { key: "request.auth.presenter", values: []string{"value"}, }, { key: "request.auth.claims[id]", values: []string{"123"}, },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Apr 20 01:58:53 UTC 2024 - 8.3K bytes - Viewed (0) -
pkg/config/security/security.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 07 04:43:34 UTC 2024 - 9.4K bytes - Viewed (0) -
cmd/jwt.go
func newCachedAuthToken() func(audience string) string { fn := func(accessKey, secretKey, audience string) (s string, err error) { k := cacheKey{accessKey: accessKey, secretKey: secretKey, audience: audience} var ok bool s, ok = cacheLRU.Get(k) if !ok { s, err = authenticateNode(accessKey, secretKey, audience) if err != nil { return "", err } cacheLRU.Add(k, s)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 5.4K bytes - Viewed (0) -
security/pkg/credentialfetcher/plugin/gce.go
tokenMutex sync.RWMutex } // CreateGCEPlugin creates a Google credential fetcher plugin. Return the pointer to the created plugin. func CreateGCEPlugin(audience, jwtPath, identityProvider string) *GCEPlugin { p := &GCEPlugin{ aud: audience, jwtPath: jwtPath, identityProvider: identityProvider, closing: make(chan bool), } if rotateToken { go p.startTokenRotationJob() }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 30 13:56:46 UTC 2024 - 4.7K bytes - Viewed (0) -
releasenotes/notes/jwt-aud.yaml
apiVersion: release-notes/v2 kind: feature area: security issue: - 49913 releaseNotes: - |
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 03 18:02:42 UTC 2024 - 159 bytes - Viewed (0) -
staging/src/k8s.io/api/testdata/v1.30.0/storage.k8s.io.v1.CSIDriver.yaml
uid: uidValue spec: attachRequired: true fsGroupPolicy: fsGroupPolicyValue podInfoOnMount: true requiresRepublish: true seLinuxMount: true storageCapacity: true tokenRequests: - audience: audienceValue expirationSeconds: 2 volumeLifecycleModes:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Apr 18 08:52:25 UTC 2024 - 1.1K bytes - Viewed (0)