kubernetes/test/integration/apiserver/oidc/oidc_test.go

const defaultNamespace

const defaultOIDCClientID

const defaultOIDCClaimedUsername

const defaultOIDCUsernamePrefix

const defaultRBACRoleName

const defaultRBACRoleBindingName

const defaultStubRefreshToken

const defaultStubAccessToken

const rsaKeyBitSize

var defaultRole

var defaultRoleBinding

type authenticationConfigFunc

type apiServerOIDCConfig

func TestOIDC(t *testing.T) {}

func TestStructuredAuthenticationConfig(t *testing.T) {}

func runTests(t *testing.T, useAuthenticationConfig bool) {}

type singleTest

func singleTestRunner[K utilsoidc.JosePrivateKey, L utilsoidc.JosePublicKey](
	useAuthenticationConfig bool,
	keyFunc func(t *testing.T) (K, L),
	tt singleTest[K, L],
) func(t *testing.T) {}

func TestUpdatingRefreshTokenInCaseOfExpiredIDToken(t *testing.T) {}

func TestStructuredAuthenticationConfigCEL(t *testing.T) {}

func TestStructuredAuthenticationConfigReload(t *testing.T) {}

func configureBasicTestInfrastructureWithRandomKeyType(t *testing.T, fn authenticationConfigFunc) (
	oidcServer *utilsoidc.TestServer,
	apiServer *kubeapiserverapptesting.TestServer,
	caCertContent []byte,
	caFilePath string,
) {}

func configureBasicTestInfrastructure[K utilsoidc.JosePrivateKey, L utilsoidc.JosePublicKey](t *testing.T, fn authenticationConfigFunc, keyFunc func(t *testing.T) (K, L)) (
	oidcServer *utilsoidc.TestServer,
	apiServer *kubeapiserverapptesting.TestServer,
	caCertContent []byte,
	caFilePath string,
) {}

// TestStructuredAuthenticationDiscoveryURL tests that the discovery URL configured in jwt.issuer.discoveryURL is used to
// fetch the discovery document and the issuer in jwt.issuer.url is used to validate the ID token.
func TestStructuredAuthenticationDiscoveryURL(t *testing.T) {}

func TestMultipleJWTAuthenticators(t *testing.T) {}

func rsaGenerateKey(t *testing.T) (*rsa.PrivateKey, *rsa.PublicKey) {}

func ecdsaGenerateKey(t *testing.T) (*ecdsa.PrivateKey, *ecdsa.PublicKey) {}

func configureTestInfrastructure[K utilsoidc.JosePrivateKey, L utilsoidc.JosePublicKey](t *testing.T, fn authenticationConfigFunc, keyFunc func(t *testing.T) (K, L)) (
	oidcServer *utilsoidc.TestServer,
	apiServer *kubeapiserverapptesting.TestServer,
	signingPrivateKey K,
	caCertContent []byte,
	caFilePath string,
) {}

func configureClientFetchingOIDCCredentials(t *testing.T, restCfg *rest.Config, caCert []byte, certPath, oidcServerURL, oidcServerTokenURL string) kubernetes.Interface {}

func configureClientWithEmptyIDToken(t *testing.T, restCfg *rest.Config, _ []byte, certPath, oidcServerURL, _ string) kubernetes.Interface {}

func configureRBAC(t *testing.T, clientset kubernetes.Interface, role *rbacv1.Role, binding *rbacv1.RoleBinding) {}

func configureClientConfigForOIDC(t *testing.T, config *rest.Config, clientID, caFilePath, idToken, refreshToken, oidcServerURL string) *rest.Config {}

func startTestAPIServerForOIDC[L utilsoidc.JosePublicKey](t *testing.T, c apiServerOIDCConfig, publicKey L) *kubeapiserverapptesting.TestServer {}

func maybeSetSigningAlgs[K utilsoidc.JoseKey](key K) []string {}

func randomBool() bool {}

func fetchOIDCCredentials(t *testing.T, oidcTokenURL string, caCertContent []byte) (idToken, refreshToken string) {}

func fetchExpiredToken(t *testing.T, oidcServer *utilsoidc.TestServer, caCertContent []byte, signingPrivateKey *rsa.PrivateKey) (expiredToken, stubRefreshToken string) {}

func configureOIDCServerToReturnExpiredIDToken(t *testing.T, returningExpiredTokenTimes int, oidcServer *utilsoidc.TestServer, signingPrivateKey *rsa.PrivateKey) {}

func configureOIDCServerToReturnExpiredRefreshTokenErrorOnTryingToUpdateIDToken(oidcServer *utilsoidc.TestServer) {}

func generateCert(t *testing.T) (cert, key []byte, certFilePath, keyFilePath string) {}

func writeTempFile(t *testing.T, content string) string {}

// indentCertificateAuthority indents the certificate authority to match
// the format of the generated authentication config.
func indentCertificateAuthority(caCert string) string {}

func testContext(t *testing.T) context.Context {}