- Sort Score
- Result 10 results
- Languages All
Results 91 - 99 of 99 for Aud (0.11 sec)
-
pkg/kube/inject/testdata/inputs/default.template.gen.yaml
projected: sources: - serviceAccountToken: path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 75.9K bytes - Viewed (0) -
pilot/pkg/security/authz/model/generator.go
if forTCP { return nil, fmt.Errorf("%q is HTTP only", key) } return principalMetadata(MetadataListValueMatcherForJWTClaims([]string{"aud"}, matcher.StringOrMatcher(values))), nil } type requestPresenterGenerator struct{} func (requestPresenterGenerator) permission(key, value string, forTCP bool) (*rbacpb.Permission, error) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 03 18:02:42 UTC 2024 - 14.1K bytes - Viewed (0) -
internal/rest/client.go
func (c *Client) Close() { atomic.StoreInt32(&c.connected, closed) } // NewClient - returns new REST client. func NewClient(uu *url.URL, tr http.RoundTripper, newAuthToken func(aud string) string) *Client { connected := int32(online) urlStr := uu.String() u, err := url.Parse(urlStr) if err != nil { // Mark offline, with no reconnection attempts. connected = int32(offline)
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 14.4K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/injection-template.yaml
- name: istio-token projected: sources: - serviceAccountToken: path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if eq .Values.global.pilotCertProvider "kubernetes" }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 10 21:01:52 UTC 2024 - 23.8K bytes - Viewed (0) -
manifests/charts/istiod-remote/files/injection-template.yaml
- name: istio-token projected: sources: - serviceAccountToken: path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if eq .Values.global.pilotCertProvider "kubernetes" }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 10 21:01:52 UTC 2024 - 23.8K bytes - Viewed (0) -
cmd/sts-handlers.go
customTokenIdentity = "AssumeRoleWithCustomToken" assumeRole = "AssumeRole" stsRequestBodyLimit = 10 * (1 << 20) // 10 MiB // JWT claim keys expClaim = "exp" subClaim = "sub" audClaim = "aud" issClaim = "iss" // JWT claim to check the parent user parentClaim = "parent" // LDAP claim keys ldapUser = "ldapUser" // this is a key name for a normalized DN value
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue Jun 11 03:13:30 UTC 2024 - 33.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/plugin/pkg/authenticator/token/oidc/oidc.go
ctx context.Context // claim is the distributed claim that may be resolved. claim string // audiences is the set of acceptable audiences the JWT must be issued to. // At least one of the entries must match the "aud" claim in presented JWTs. audiences sets.Set[string] // client is the to use for resolving distributed claims client *http.Client // config is the OIDC configuration used for resolving distributed claims.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Mar 09 19:29:33 UTC 2024 - 37.9K bytes - Viewed (0) -
operator/cmd/mesh/testdata/manifest-generate/data-snapshot.tar.gz
and "istiod". # As some platforms may not have kubernetes signing APIs, # Istiod is the default pilotCertProvider: istiod sds: # The JWT token for SDS and the aud field of such JWT. See RFC 7519, section 4.1.3. # When a CSR is sent from Citadel Agent to the CA (e.g. Citadel), this aud is to make sure the # JWT is intended for the CA. token: aud: istio-ca sts: # The service port used by Security Token Service (STS) server to handle token exchange requests. # Setting this port to a non-zero value enables...
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 10 05:10:03 UTC 2024 - 198.1K bytes - Viewed (0) -
operator/cmd/mesh/testdata/manifest-generate/output/all_on.golden-show-in-gh-pull-request.yaml
projected: sources: - serviceAccountToken: path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- end }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 10 05:10:03 UTC 2024 - 506.8K bytes - Viewed (0)