kubernetes/vendor/go.etcd.io/etcd/server/v3/auth/store.go

var enableFlagKey

var authEnabled

var authDisabled

var revisionKey

var ErrRootUserNotExist

var ErrRootRoleNotExist

var ErrUserAlreadyExist

var ErrUserEmpty

var ErrUserNotFound

var ErrRoleAlreadyExist

var ErrRoleNotFound

var ErrRoleEmpty

var ErrPermissionNotGiven

var ErrAuthFailed

var ErrNoPasswordUser

var ErrPermissionDenied

var ErrRoleNotGranted

var ErrPermissionNotGranted

var ErrAuthNotEnabled

var ErrAuthOldRevision

var ErrInvalidAuthToken

var ErrInvalidAuthOpts

var ErrInvalidAuthMgmt

var ErrInvalidAuthMethod

var ErrMissingKey

var ErrKeyMismatch

var ErrVerifyOnly

const rootUser

const rootRole

const tokenTypeSimple

const tokenTypeJWT

const revBytesLen

type AuthInfo

type AuthenticateParamIndex

type AuthenticateParamSimpleTokenPrefix

type AuthStore

type TokenProvider

type authStore

func (as *authStore) AuthEnable() error {}

func (as *authStore) AuthDisable() {}

func (as *authStore) Close() error {}

func (as *authStore) Authenticate(ctx context.Context, username, password string) (*pb.AuthenticateResponse, error) {}

func (as *authStore) CheckPassword(username, password string) (uint64, error) {}

func (as *authStore) Recover(be backend.Backend) {}

func (as *authStore) selectPassword(password string, hashedPassword string) ([]byte, error) {}

func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {}

func (as *authStore) UserDelete(r *pb.AuthUserDeleteRequest) (*pb.AuthUserDeleteResponse, error) {}

func (as *authStore) UserChangePassword(r *pb.AuthUserChangePasswordRequest) (*pb.AuthUserChangePasswordResponse, error) {}

func (as *authStore) UserGrantRole(r *pb.AuthUserGrantRoleRequest) (*pb.AuthUserGrantRoleResponse, error) {}

func (as *authStore) UserGet(r *pb.AuthUserGetRequest) (*pb.AuthUserGetResponse, error) {}

func (as *authStore) UserList(r *pb.AuthUserListRequest) (*pb.AuthUserListResponse, error) {}

func (as *authStore) UserRevokeRole(r *pb.AuthUserRevokeRoleRequest) (*pb.AuthUserRevokeRoleResponse, error) {}

func (as *authStore) RoleGet(r *pb.AuthRoleGetRequest) (*pb.AuthRoleGetResponse, error) {}

func (as *authStore) RoleList(r *pb.AuthRoleListRequest) (*pb.AuthRoleListResponse, error) {}

func (as *authStore) RoleRevokePermission(r *pb.AuthRoleRevokePermissionRequest) (*pb.AuthRoleRevokePermissionResponse, error) {}

func (as *authStore) RoleDelete(r *pb.AuthRoleDeleteRequest) (*pb.AuthRoleDeleteResponse, error) {}

func (as *authStore) RoleAdd(r *pb.AuthRoleAddRequest) (*pb.AuthRoleAddResponse, error) {}

func (as *authStore) authInfoFromToken(ctx context.Context, token string) (*AuthInfo, bool) {}

type permSlice

func (perms permSlice) Len() int {}

func (perms permSlice) Less(i, j int) bool {}

func (perms permSlice) Swap(i, j int) {}

func (as *authStore) RoleGrantPermission(r *pb.AuthRoleGrantPermissionRequest) (*pb.AuthRoleGrantPermissionResponse, error) {}

func (as *authStore) isOpPermitted(userName string, revision uint64, key, rangeEnd []byte, permTyp authpb.Permission_Type) error {}

func (as *authStore) IsPutPermitted(authInfo *AuthInfo, key []byte) error {}

func (as *authStore) IsRangePermitted(authInfo *AuthInfo, key, rangeEnd []byte) error {}

func (as *authStore) IsDeleteRangePermitted(authInfo *AuthInfo, key, rangeEnd []byte) error {}

func (as *authStore) IsAdminPermitted(authInfo *AuthInfo) error {}

func getUser(lg *zap.Logger, tx backend.ReadTx, username string) *authpb.User {}

func getAllUsers(lg *zap.Logger, tx backend.ReadTx) []*authpb.User {}

func putUser(lg *zap.Logger, tx backend.BatchTx, user *authpb.User) {}

func delUser(tx backend.BatchTx, username string) {}

func getRole(lg *zap.Logger, tx backend.ReadTx, rolename string) *authpb.Role {}

func getAllRoles(lg *zap.Logger, tx backend.ReadTx) []*authpb.Role {}

func putRole(lg *zap.Logger, tx backend.BatchTx, role *authpb.Role) {}

func delRole(tx backend.BatchTx, rolename string) {}

func (as *authStore) IsAuthEnabled() bool {}

// NewAuthStore creates a new AuthStore.
func NewAuthStore(lg *zap.Logger, be backend.Backend, tp TokenProvider, bcryptCost int) *authStore {}

func hasRootRole(u *authpb.User) bool {}

func (as *authStore) commitRevision(tx backend.BatchTx) {}

func getRevision(tx backend.ReadTx) uint64 {}

func (as *authStore) setRevision(rev uint64) {}

func (as *authStore) Revision() uint64 {}

func (as *authStore) AuthInfoFromTLS(ctx context.Context) (ai *AuthInfo) {}

func (as *authStore) AuthInfoFromCtx(ctx context.Context) (*AuthInfo, error) {}

func (as *authStore) GenTokenPrefix() (string, error) {}

func decomposeOpts(lg *zap.Logger, optstr string) (string, map[string]string, error) {}

// NewTokenProvider creates a new token provider.
func NewTokenProvider(
	lg *zap.Logger,
	tokenOpts string,
	indexWaiter func(uint64) <-chan struct{}

func (as *authStore) WithRoot(ctx context.Context) context.Context {}

func (as *authStore) HasRole(user, role string) bool {}

func (as *authStore) BcryptCost() int {}

func (as *authStore) setupMetricsReporter() {}