- Sort Score
- Result 10 results
- Languages All
Results 81 - 90 of 457 for audiences (0.41 sec)
-
pkg/security/security.go
"Reject k8s default tokens, without audience. If false, default K8S token will be accepted") // TokenAudiences specifies a list of audiences for SDS trustworthy JWT. This is to make sure that the CSR requests // contain the JWTs intended for Citadel. TokenAudiences = strings.Split(env.Register("TOKEN_AUDIENCES", "istio-ca", "A list of comma separated audiences to check in the JWT token before issuing a certificate. "+
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go
func (in *Issuer) DeepCopyInto(out *Issuer) { *out = *in if in.DiscoveryURL != nil { in, out := &in.DiscoveryURL, &out.DiscoveryURL *out = new(string) **out = **in } if in.Audiences != nil { in, out := &in.Audiences, &out.Audiences *out = make([]string, len(*in)) copy(*out, *in) } return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 00:57:24 UTC 2024 - 16.2K bytes - Viewed (0) -
pkg/controlplane/apiserver/options/validation.go
} if enableAttempted && !enableSucceeded { errs = append(errs, errors.New("--service-account-signing-key-file, --service-account-issuer, and --api-audiences should be specified together")) } return errs } func validateAPIPriorityAndFairness(options *Options) []error { if options.Features.EnablePriorityAndFairness {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Oct 31 12:46:24 UTC 2023 - 4.4K bytes - Viewed (0) -
security/pkg/server/ca/authenticate/kubeauth/kube_jwt_test.go
ctx = metadata.NewIncomingContext(ctx, tc.metadata) } tokenReview := &k8sauth.TokenReview{ Spec: k8sauth.TokenReviewSpec{ Token: tc.token, }, } tokenReview.Status.Audiences = []string{} if tc.token != invlidToken { tokenReview.Status.Authenticated = true } tokenReview.Status.User = k8sauth.UserInfo{ Username: "system:serviceaccount:default:example-pod-sa",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 6.1K bytes - Viewed (0) -
pkg/test/framework/components/istio/ca.go
} // Otherwise, its expired, load a new one } rt, err := c.CoreV1().ServiceAccounts(ns).CreateToken(context.Background(), sa, &authenticationv1.TokenRequest{ Spec: authenticationv1.TokenRequestSpec{ Audiences: []string{aud}, ExpirationSeconds: &saTokenExpiration, }, }, metav1.CreateOptions{}) if err != nil { return "", err } exp := rt.Status.ExpirationTimestamp.Time
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 27 16:59:05 UTC 2024 - 4.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/zz_generated.conversion.go
out.URL = in.URL if err := v1.Convert_Pointer_string_To_string(&in.DiscoveryURL, &out.DiscoveryURL, s); err != nil { return err } out.CertificateAuthority = in.CertificateAuthority out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) out.AudienceMatchPolicy = apiserver.AudienceMatchPolicyType(in.AudienceMatchPolicy) return nil } // Convert_v1beta1_Issuer_To_apiserver_Issuer is an autogenerated conversion function.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 05 17:10:34 UTC 2024 - 45.4K bytes - Viewed (0) -
security/tools/jwt/samples/gen-jwt.py
help="iss claim. Default is `******@****.***`") parser.add_argument("-aud", "--aud", help="aud claim. This is comma-separated-list of audiences") parser.add_argument("-sub", "--sub", help="sub claim. If not provided, it is set to the same as iss claim.") parser.add_argument("-claims", "--claims",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 11 16:38:57 UTC 2023 - 4.7K bytes - Viewed (0) -
pkg/registry/core/rest/storage_core_generic.go
EventTTL time.Duration ServiceAccountIssuer serviceaccount.TokenGenerator ServiceAccountMaxExpiration time.Duration ExtendExpiration bool APIAudiences authenticator.Audiences LoopbackClientConfig *restclient.Config Informers informers.SharedInformerFactory }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Oct 30 21:15:10 UTC 2023 - 6K bytes - Viewed (0) -
internal/config/identity/openid/jwt.go
// REQUIRED. Audience(s) that this ID Token is intended for. // It MUST contain the OAuth 2.0 client_id of the Relying Party // as an audience value. It MAY also contain identifiers for // other audiences. In the general case, the aud value is an // array of case sensitive strings. In the common special case // when there is one audience, the aud value MAY be a single // case sensitive
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu May 30 18:10:41 UTC 2024 - 8.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
out.URL = in.URL if err := v1.Convert_Pointer_string_To_string(&in.DiscoveryURL, &out.DiscoveryURL, s); err != nil { return err } out.CertificateAuthority = in.CertificateAuthority out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences)) out.AudienceMatchPolicy = apiserver.AudienceMatchPolicyType(in.AudienceMatchPolicy) return nil } // Convert_v1alpha1_Issuer_To_apiserver_Issuer is an autogenerated conversion function.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Mar 04 00:57:24 UTC 2024 - 50K bytes - Viewed (0)