Search Options

Results per page
Sort
Preferred Languages
Advance

Results 21 - 30 of 135 for audiences (1.41 sec)

  2. github.com/kubernetes/kubernetes

    api/openapi-spec/v3/apis__authentication.k8s.io__v1_openapi.json 

            "properties": {
          "audiences": {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Nov 27 20:06:25 UTC 2023
    - 41.5K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/volume/csi/csi_mounter.go 

    	for _, tokenRequest := range csiDriver.Spec.TokenRequests {
		audience := tokenRequest.Audience
		audiences := []string{audience}
		if audience == "" {
			audiences = []string{}
		}
		tr, err := c.plugin.serviceAccountTokenGetter(c.pod.Namespace, c.pod.Spec.ServiceAccountName, &authenticationv1.TokenRequest{
			Spec: authenticationv1.TokenRequestSpec{
				Audiences:         audiences,
				ExpirationSeconds: tokenRequest.ExpirationSeconds,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Jan 30 10:47:59 UTC 2024
    - 21K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/bootstrap/server_test.go 

    			jwtRule:   `{"issuer": "foo", "jwks_uri": "baz", "audiences": ["aud1", "aud2"]}`,
		},
		{
			name:      "invalid jwt rule",
			expectErr: true,
			jwtRule:   "invalid",
		},
		{
			name:      "jwt rule with invalid audiences",
			expectErr: true,
			// audiences must be a string array
			jwtRule: `{"issuer": "foo", "jwks_uri": "baz", "audiences": "aud1"}`,
		},
	}

	for _, tt := range tests {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 17:48:28 UTC 2024
    - 23.1K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pilot/pkg/security/authz/model/generator_test.go 

    		},
		{
			name:  "requestAudiencesGenerator",
			g:     requestAudiencesGenerator{},
			key:   "request.auth.audiences",
			value: "foo",
			want: yamlPrincipal(t, `
         metadata:
          filter: istio_authn
          path:
          - key: request.auth.audiences
          value:
            stringMatch:
              exact: foo`),
		},
		{
			name:  "requestPresenterGenerator",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Apr 20 01:58:53 UTC 2024
    - 13K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/zz_generated.deepcopy.go 

    func (in *Issuer) DeepCopyInto(out *Issuer) {
	*out = *in
	if in.DiscoveryURL != nil {
		in, out := &in.DiscoveryURL, &out.DiscoveryURL
		*out = new(string)
		**out = **in
	}
	if in.Audiences != nil {
		in, out := &in.Audiences, &out.Audiences
		*out = make([]string, len(*in))
		copy(*out, *in)
	}
	return
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Mar 05 17:10:34 UTC 2024
    - 14.6K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    pkg/kubeapiserver/options/authentication.go 

    	if o == nil {
		return
	}

	fs.StringSliceVar(&o.APIAudiences, "api-audiences", o.APIAudiences, ""+
		"Identifiers of the API. The service account token authenticator will validate that "+
		"tokens used against the API are bound to at least one of these audiences. If the "+
		"--service-account-issuer flag is configured and this flag is not, this field "+
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Sat Mar 09 22:40:22 UTC 2024
    - 32.4K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    pkg/apis/storage/validation/validation.go 

    		audience := tokenRequest.Audience
		if _, ok := audiences[audience]; ok {
			allErrs = append(allErrs, field.Duplicate(path.Child("audience"), audience))
			continue
		}
		audiences[audience] = true

		if tokenRequest.ExpirationSeconds == nil {
			continue
		}
		if *tokenRequest.ExpirationSeconds < int64(min.Seconds()) {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 28 00:47:13 UTC 2024
    - 25.5K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/security/security.go 

    		"Reject k8s default tokens, without audience. If false, default K8S token will be accepted")

	// TokenAudiences specifies a list of audiences for SDS trustworthy JWT. This is to make sure that the CSR requests
	// contain the JWTs intended for Citadel.
	TokenAudiences = strings.Split(env.Register("TOKEN_AUDIENCES", "istio-ca",
		"A list of comma separated audiences to check in the JWT token before issuing a certificate. "+
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 17:48:28 UTC 2024
    - 19.1K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go 

    func (in *Issuer) DeepCopyInto(out *Issuer) {
	*out = *in
	if in.DiscoveryURL != nil {
		in, out := &in.DiscoveryURL, &out.DiscoveryURL
		*out = new(string)
		**out = **in
	}
	if in.Audiences != nil {
		in, out := &in.Audiences, &out.Audiences
		*out = make([]string, len(*in))
		copy(*out, *in)
	}
	return
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Mar 04 00:57:24 UTC 2024
    - 16.2K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/zz_generated.conversion.go 

    	out.URL = in.URL
	if err := v1.Convert_Pointer_string_To_string(&in.DiscoveryURL, &out.DiscoveryURL, s); err != nil {
		return err
	}
	out.CertificateAuthority = in.CertificateAuthority
	out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
	out.AudienceMatchPolicy = apiserver.AudienceMatchPolicyType(in.AudienceMatchPolicy)
	return nil
}

// Convert_v1beta1_Issuer_To_apiserver_Issuer is an autogenerated conversion function.
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Mar 05 17:10:34 UTC 2024
    - 45.4K bytes
    - Viewed (0)
Back to top