github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

move keystone package to password since it is a password authenticator

pull/6/head
zhouhaibing089 2016-03-19 14:08:15 +08:00 committed by haibzhou
parent e2f4141bb3
commit 83248a9783
3 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/apiserver/authenticator/authn.go
View File

@ -23,9 +23,9 @@ import (
"k8s.io/kubernetes/pkg/auth/authenticator/bearertoken"
"k8s.io/kubernetes/pkg/serviceaccount"
"k8s.io/kubernetes/pkg/util/crypto"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/password/keystone"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/password/passwordfile"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/basicauth"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/keystone"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/union"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509"
"k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/oidc"

6
plugin/pkg/auth/authenticator/request/keystone/doc.go → plugin/pkg/auth/authenticator/password/keystone/doc.go
View File

@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
//Package keystone provide authentication via keystone.
// For details //about keystone and how to use the plugin, refer to
// https://github.com/kubernetes/kubernetes/blob/oidc/docs/admin/authentication.md
// Package keystone provides authentication via keystone.
// For details about keystone and how to use the plugin, refer to
// https://github.com/kubernetes/kubernetes.github.io/blob/master/docs/admin/authentication.md
package keystone

5
plugin/pkg/auth/authenticator/request/keystone/keystone.go → plugin/pkg/auth/authenticator/password/keystone/keystone.go
View File

@ -26,12 +26,13 @@ import (
"k8s.io/kubernetes/pkg/auth/user"
)
// Keystone authenticator contacts openstack keystone to validate user's credentials passed in the request.
// KeystoneAuthenticator contacts openstack keystone to validate user's credentials passed in the request.
// The keystone endpoint is passed during apiserver startup
type KeystoneAuthenticator struct {
authURL string
}
// AuthenticatePassword checks the username, password via keystone call
func (keystoneAuthenticator *KeystoneAuthenticator) AuthenticatePassword(username string, password string) (user.Info, bool, error) {
opts := gophercloud.AuthOptions{
IdentityEndpoint: keystoneAuthenticator.authURL,
@ -48,7 +49,7 @@ func (keystoneAuthenticator *KeystoneAuthenticator) AuthenticatePassword(usernam
return &user.DefaultInfo{Name: username}, true, nil
}
// New returns a request authenticator that validates credentials using openstack keystone
// NewKeystoneAuthenticator returns a password authenticator that validates credentials using openstack keystone
func NewKeystoneAuthenticator(authURL string) (*KeystoneAuthenticator, error) {
if !strings.HasPrefix(authURL, "https") {
return nil, errors.New("Auth URL should be secure and start with https")