- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 165 for Authenticators (0.26 sec)
-
staging/src/k8s.io/apiserver/pkg/apis/apiserver/validation/validation.go
root := field.NewPath("jwt") var allErrs field.ErrorList // We allow 0 authenticators in the authentication configuration. // This allows us to support scenarios where the API server is initially set up without // any authenticators and then authenticators are added later via dynamic config. if len(c.JWT) > 64 { allErrs = append(allErrs, field.TooMany(root, len(c.JWT), 64))
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri May 10 22:07:40 UTC 2024 - 31.3K bytes - Viewed (0) -
pkg/apis/authentication/types.go
// Token is the opaque bearer token. Token string `datapolicy:"token"` // Audiences is a list of the identifiers that the resource server presented // with the token identifies as. Audience-aware token authenticators will // verify that the token was intended for at least one of the audiences in // this list. If no audiences are provided, the audience will default to the // audience of the Kubernetes apiserver. Audiences []string
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 10 05:33:37 UTC 2023 - 7.2K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1/types_swagger_doc_generated.go
"token": "Token is the opaque bearer token.", "audiences": "Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.", }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 02 12:50:40 UTC 2023 - 7.6K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1/generated.proto
// +optional optional string token = 1; // Audiences is a list of the identifiers that the resource server presented // with the token identifies as. Audience-aware token authenticators will // verify that the token was intended for at least one of the audiences in // this list. If no audiences are provided, the audience will default to the // audience of the Kubernetes apiserver. // +optional
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 28 15:34:11 UTC 2024 - 7.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/dynamic_cafile_content.go
func (c *DynamicFileCAContent) CurrentCABundleContent() (cabundle []byte) { return c.caBundle.Load().(*caBundleAndVerifier).caBundle } // VerifyOptions provides verifyoptions compatible with authenticators func (c *DynamicFileCAContent) VerifyOptions() (x509.VerifyOptions, bool) { uncastObj := c.caBundle.Load() if uncastObj == nil { return x509.VerifyOptions{}, false }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 04 18:33:12 UTC 2024 - 8.4K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/configmap_cafile_content.go
} return c.caBundle.Load().(*caBundleAndVerifier).caBundle } // VerifyOptions provides verifyoptions compatible with authenticators func (c *ConfigMapCAController) VerifyOptions() (x509.VerifyOptions, bool) { uncastObj := c.caBundle.Load() if uncastObj == nil { // This can happen if we've been unable load data from the apiserver for some reason.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat May 04 18:33:12 UTC 2024 - 8.9K bytes - Viewed (0) -
pkg/istio-agent/agent_test.go
testutil.ReadFile(t, filepath.Join(env.IstioSrc, "./tests/testdata/certs/pilot/ca-cert.pem")), opt) if err != nil { t.Fatal(err) } t.Cleanup(s.GRPCServer.Stop) s.Authenticators = []security.Authenticator{auth} return s } func tlsOptions(t *testing.T, extraRoots ...[]byte) grpc.ServerOption { t.Helper() cert, err := tls.LoadX509KeyPair(
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 33.4K bytes - Viewed (0) -
staging/src/k8s.io/api/authentication/v1/types.go
// +optional Token string `json:"token,omitempty" protobuf:"bytes,1,opt,name=token"` // Audiences is a list of the identifiers that the resource server presented // with the token identifies as. Audience-aware token authenticators will // verify that the token was intended for at least one of the audiences in // this list. If no audiences are provided, the audience will default to the // audience of the Kubernetes apiserver. // +optional
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 23 17:42:49 UTC 2024 - 10K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/secure_serving.go
} } } } if s.ClientCA != nil { // Populate PeerCertificates in requests, but don't reject connections without certificates // This allows certificates to be validated by authenticators, while still allowing other auth types tlsConfig.ClientAuth = tls.RequestClientCert } if s.ClientCA != nil || s.Cert != nil || len(s.SNICerts) > 0 {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Oct 12 20:54:07 UTC 2023 - 10.3K bytes - Viewed (0) -
pkg/kube/util.go
func sanitizeKubeConfig(config api.Config, allowlist sets.String) error { for k, auths := range config.AuthInfos { if ap := auths.AuthProvider; ap != nil { // We currently are importing 5 authenticators: gcp, azure, exec, and openstack switch ap.Name { case "oidc": // OIDC is safe as it doesn't read files or execute code.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 06 05:10:23 UTC 2024 - 18.6K bytes - Viewed (0)