kubernetes/staging/src/k8s.io/client-go/plugin/pkg/client/auth/oidc/oidc.go

const cfgIssuerURL

const cfgClientID

const cfgClientSecret

const cfgCertificateAuthority

const cfgCertificateAuthorityData

const cfgIDToken

const cfgRefreshToken

const cfgExtraScopes

func init() {}

const expiryDelta

var cache

type clientCache

func newClientCache() *clientCache {}

type cacheKey

func (c *clientCache) getClient(clusterAddress, issuer, clientID string) (*oidcAuthProvider, bool) {}

// setClient attempts to put the client in the cache but may return any clients
// with the same keys set before. This is so there's only ever one client for a provider.
func (c *clientCache) setClient(clusterAddress, issuer, clientID string, client *oidcAuthProvider) *oidcAuthProvider {}

func newOIDCAuthProvider(clusterAddress string, cfg map[string]string, persister restclient.AuthProviderConfigPersister) (restclient.AuthProvider, error) {}

type oidcAuthProvider

func (p *oidcAuthProvider) WrapTransport(rt http.RoundTripper) http.RoundTripper {}

func (p *oidcAuthProvider) Login() error {}

type roundTripper

var _

func (r *roundTripper) RoundTrip(req *http.Request) (*http.Response, error) {}

func (r *roundTripper) WrappedRoundTripper() http.RoundTripper {}

func (p *oidcAuthProvider) idToken() (string, error) {}

// tokenEndpoint uses OpenID Connect discovery to determine the OAuth2 token
// endpoint for the provider, the endpoint the client will use the refresh
// token against.
func tokenEndpoint(client *http.Client, issuer string) (string, error) {}

func idTokenExpired(now func() time.Time, idToken string) (bool, error) {}

type jsonTime

func (j *jsonTime) UnmarshalJSON(b []byte) error {}

func (j jsonTime) MarshalJSON() ([]byte, error) {}