github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/pkg/kubeapiserver
History
Mike Danese 057b7af798 serviceaccount: check token is issued by correct iss before verifying 
Right now if a JWT for an unknown issuer, for any subject hits the
serviceaccount token authenticator, we return a errors as if the token
was meant for us but we couldn't find a key to verify it. We should
instead return nil, false, nil.

This change helps us support multiple service account token
authenticators with different issuers.
 		2018-01-24 20:21:59 -08:00
..
admission Autogenerate BUILD files 2017-12-23 13:12:11 -08:00
authenticator serviceaccount: check token is issued by correct iss before verifying 2018-01-24 20:21:59 -08:00
authorizer Add get volumeattachments support to Node authorizer 2018-01-17 00:00:18 -05:00
options Merge pull request #58595 from CaoShuFeng/LimitPodHardAntiAffinityTopology 2018-01-23 09:18:30 -08:00
server pass listener to genericapiserver 2017-11-21 11:00:15 +08:00
BUILD run update bazel and staging-godep 2018-01-22 19:10:28 +08:00
OWNERS add liggitt to kubeapiserver owners 2017-04-03 10:14:34 -04:00
default_storage_factory_builder.go pass APIEnablement through apiserver chain 2018-01-22 19:10:26 +08:00
doc.go