kubernetes/pkg/kubeapiserver/options/authentication.go

const oidcIssuerURLFlag

const oidcClientIDFlag

const oidcCAFileFlag

const oidcUsernameClaimFlag

const oidcUsernamePrefixFlag

const oidcGroupsClaimFlag

const oidcGroupsPrefixFlag

const oidcSigningAlgsFlag

const oidcRequiredClaimFlag

var UpdateAuthenticationConfigTimeout

type BuiltInAuthenticationOptions

type AnonymousAuthenticationOptions

type BootstrapTokenAuthenticationOptions

type OIDCAuthenticationOptions

type ServiceAccountAuthenticationOptions

type TokenFileAuthenticationOptions

type WebHookAuthenticationOptions

// NewBuiltInAuthenticationOptions create a new BuiltInAuthenticationOptions, just set default token cache TTL
func NewBuiltInAuthenticationOptions() *BuiltInAuthenticationOptions {}

// WithAll set default value for every build-in authentication option
func (o *BuiltInAuthenticationOptions) WithAll() *BuiltInAuthenticationOptions {}

// WithAnonymous set default value for anonymous authentication
func (o *BuiltInAuthenticationOptions) WithAnonymous() *BuiltInAuthenticationOptions {}

// WithBootstrapToken set default value for bootstrap token authentication
func (o *BuiltInAuthenticationOptions) WithBootstrapToken() *BuiltInAuthenticationOptions {}

// WithClientCert set default value for client cert
func (o *BuiltInAuthenticationOptions) WithClientCert() *BuiltInAuthenticationOptions {}

// WithOIDC set default value for OIDC authentication
func (o *BuiltInAuthenticationOptions) WithOIDC() *BuiltInAuthenticationOptions {}

// WithRequestHeader set default value for request header authentication
func (o *BuiltInAuthenticationOptions) WithRequestHeader() *BuiltInAuthenticationOptions {}

// WithServiceAccounts set default value for service account authentication
func (o *BuiltInAuthenticationOptions) WithServiceAccounts() *BuiltInAuthenticationOptions {}

// WithTokenFile set default value for token file authentication
func (o *BuiltInAuthenticationOptions) WithTokenFile() *BuiltInAuthenticationOptions {}

// WithWebHook set default value for web hook authentication
func (o *BuiltInAuthenticationOptions) WithWebHook() *BuiltInAuthenticationOptions {}

// Validate checks invalid config combination
func (o *BuiltInAuthenticationOptions) Validate() []error {}

// AddFlags returns flags of authentication for a API Server
func (o *BuiltInAuthenticationOptions) AddFlags(fs *pflag.FlagSet) {}

// ToAuthenticationConfig convert BuiltInAuthenticationOptions to kubeauthenticator.Config. Returns
// an empty config if o is nil.
func (o *BuiltInAuthenticationOptions) ToAuthenticationConfig() (kubeauthenticator.Config, error) {}

// ApplyTo requires already applied OpenAPIConfig and EgressSelector if present.
// The input context controls the lifecycle of background goroutines started to reload the authentication config file.
func (o *BuiltInAuthenticationOptions) ApplyTo(
	ctx context.Context,
	authInfo *genericapiserver.AuthenticationInfo,
	secureServing *genericapiserver.SecureServingInfo,
	egressSelector *egressselector.EgressSelector,
	openAPIConfig *openapicommon.Config,
	openAPIV3Config *openapicommon.OpenAPIV3Config,
	extclient kubernetes.Interface,
	versionedInformer informers.SharedInformerFactory,
	apiServerID string) error {}

// ApplyAuthorization will conditionally modify the authentication options based on the authorization options
func (o *BuiltInAuthenticationOptions) ApplyAuthorization(authorization *BuiltInAuthorizationOptions) {}

func (o *BuiltInAuthenticationOptions) validateOIDCOptions() []error {}

var cfgScheme

var codecs

func init() {}

// loadAuthenticationConfig parses the authentication configuration from the given file and returns it and the file's contents.
func loadAuthenticationConfig(configFilePath string) (*apiserver.AuthenticationConfiguration, string, error) {}

func loadAuthenticationConfigFromData(data []byte) (*apiserver.AuthenticationConfiguration, error) {}