- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 135 for audiences (1.41 sec)
-
api/openapi-spec/v3/apis__authentication.k8s.io__v1_openapi.json
"properties": { "audiences": {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Nov 27 20:06:25 UTC 2023 - 41.5K bytes - Viewed (0) -
pkg/volume/csi/csi_mounter.go
for _, tokenRequest := range csiDriver.Spec.TokenRequests { audience := tokenRequest.Audience audiences := []string{audience} if audience == "" { audiences = []string{} } tr, err := c.plugin.serviceAccountTokenGetter(c.pod.Namespace, c.pod.Spec.ServiceAccountName, &authenticationv1.TokenRequest{ Spec: authenticationv1.TokenRequestSpec{ Audiences: audiences, ExpirationSeconds: tokenRequest.ExpirationSeconds,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Jan 30 10:47:59 UTC 2024 - 21K bytes - Viewed (0) -
pilot/pkg/bootstrap/server_test.go
jwtRule: `{"issuer": "foo", "jwks_uri": "baz", "audiences": ["aud1", "aud2"]}`, }, { name: "invalid jwt rule", expectErr: true, jwtRule: "invalid", }, { name: "jwt rule with invalid audiences", expectErr: true, // audiences must be a string array jwtRule: `{"issuer": "foo", "jwks_uri": "baz", "audiences": "aud1"}`, }, } for _, tt := range tests {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 23.1K bytes - Viewed (0) -
pilot/pkg/security/authz/model/generator_test.go
}, { name: "requestAudiencesGenerator", g: requestAudiencesGenerator{}, key: "request.auth.audiences", value: "foo", want: yamlPrincipal(t, ` metadata: filter: istio_authn path: - key: request.auth.audiences value: stringMatch: exact: foo`), }, { name: "requestPresenterGenerator",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Apr 20 01:58:53 UTC 2024 - 13K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/zz_generated.deepcopy.go
func (in *Issuer) DeepCopyInto(out *Issuer) { *out = *in if in.DiscoveryURL != nil { in, out := &in.DiscoveryURL, &out.DiscoveryURL *out = new(string) **out = **in } if in.Audiences != nil { in, out := &in.Audiences, &out.Audiences *out = make([]string, len(*in)) copy(*out, *in) } return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 05 17:10:34 UTC 2024 - 14.6K bytes - Viewed (0) -
pkg/kubeapiserver/options/authentication.go
if o == nil { return } fs.StringSliceVar(&o.APIAudiences, "api-audiences", o.APIAudiences, ""+ "Identifiers of the API. The service account token authenticator will validate that "+ "tokens used against the API are bound to at least one of these audiences. If the "+ "--service-account-issuer flag is configured and this flag is not, this field "+
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 22:40:22 UTC 2024 - 32.4K bytes - Viewed (0) -
pkg/apis/storage/validation/validation.go
audience := tokenRequest.Audience if _, ok := audiences[audience]; ok { allErrs = append(allErrs, field.Duplicate(path.Child("audience"), audience)) continue } audiences[audience] = true if tokenRequest.ExpirationSeconds == nil { continue } if *tokenRequest.ExpirationSeconds < int64(min.Seconds()) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 28 00:47:13 UTC 2024 - 25.5K bytes - Viewed (0) -
pkg/security/security.go
"Reject k8s default tokens, without audience. If false, default K8S token will be accepted") // TokenAudiences specifies a list of audiences for SDS trustworthy JWT. This is to make sure that the CSR requests // contain the JWTs intended for Citadel. TokenAudiences = strings.Split(env.Register("TOKEN_AUDIENCES", "istio-ca", "A list of comma separated audiences to check in the JWT token before issuing a certificate. "+
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go
func (in *Issuer) DeepCopyInto(out *Issuer) { *out = *in if in.DiscoveryURL != nil { in, out := &in.DiscoveryURL, &out.DiscoveryURL *out = new(string) **out = **in } if in.Audiences != nil { in, out := &in.Audiences, &out.Audiences *out = make([]string, len(*in)) copy(*out, *in) } return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 00:57:24 UTC 2024 - 16.2K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/zz_generated.conversion.go
out.URL = in.URL if err := v1.Convert_Pointer_string_To_string(&in.DiscoveryURL, &out.DiscoveryURL, s); err != nil { return err } out.CertificateAuthority = in.CertificateAuthority out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) out.AudienceMatchPolicy = apiserver.AudienceMatchPolicyType(in.AudienceMatchPolicy) return nil } // Convert_v1beta1_Issuer_To_apiserver_Issuer is an autogenerated conversion function.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 05 17:10:34 UTC 2024 - 45.4K bytes - Viewed (0)