github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
31,585 Commits
32 Branches
881 Tags
633 MiB
Commit Graph

13 Commits (ec6181d5d3cae2238d485ee75332ab9c09b619d9)

Author SHA1 Message Date
k8s-merge-robot 038ac428f4 Merge pull request #28036 from ericchiang/oidc-auth-plugin-dont-error-if-provider-is-unavailable 
Automatic merge from submit-queue

oidc auth plugin: don't hard fail if provider is unavailable

When using OpenID Connect authentication, don't cause the API
server to fail if the provider is unavailable. This allows
installations to run OpenID Connect providers after starting the
API server, a common case when the provider is running on the
cluster itself.

Errors are now deferred to the authenticate method.

cc @sym3tri @erictune @aaronlevy @kubernetes/sig-auth
 2016-06-30 13:02:16 -07:00
Eric Chiang 2f6db37ff5 oidc auth plugin: don't hard fail if provider is unavailable 
When using OpenID Connect authentication, don't cause the API
server to fail if the provider is unavailable. This allows
installations to run OpenID Connect providers after starting the
API server, a common case when the provider is running on the
cluster itself.

Errors are now deferred to the authenticate method.
 2016-06-29 23:20:26 -07:00
David McMahon ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
CJ Cullen 57f96a932f Add expiration LRU cache for webhook token authenticator. 2016-05-18 11:58:11 -07:00
k8s-merge-robot 0ef4c6407b Merge pull request #24902 from cjcullen/webhookAuthn 
Automatic merge from submit-queue

Webhook Token Authenticator

Add a webhook token authenticator plugin to allow a remote service to make authentication decisions.
 2016-05-11 22:08:58 -07:00
CJ Cullen eb3b0e78b4 Add a webhook token authenticator plugin. 2016-05-10 14:54:35 -07:00
Manjunath A Kumatagi 00be597618 Rename a function parameter name in authn.go 2016-05-06 02:48:10 -04:00
Joe Finney ae79677fd0
Remove global var for OIDC retry/backoff, and remove retries from unit tests. 2016-04-07 14:18:29 -07:00
zhouhaibing089 83248a9783 move keystone package to password since it is a password authenticator 2016-03-22 23:27:28 +08:00
Harry Zhang a4d04095d0 Refactor crlf & crypto 2016-03-21 20:20:05 +08:00
Eric Chiang 92d37d5cc5 plugin/pkg/auth/authenticator/token/oidc: get groups from custom claim 2016-02-12 09:58:18 -08:00
Clayton Coleman 9dad7e624c Split the serviceaccount package into two parts 
Public utility methods and JWT parsing, and controller specific logic.
Also remove the coupling between ServiceAccountTokenGetter and the
authenticator class.
 2015-12-26 21:28:12 -05:00
Clayton Coleman 3d5ed379b0 authn.go doesn't belong in pkg/apiserver 
apiserver does not need to know about specific authentication
mechanisms, and does not need to take dependencies on all the
authentication packages.
 2015-12-26 21:22:22 -05:00