claim

package

v1.1.0 Latest Latest Go to latest Published: Mar 17, 2026 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/NVIDIA/ncx-infra-controller-rest

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type KeycloakClaims
type NgcAccessClaim
type NgcKasClaims
- func (nc *NgcKasClaims) ValidateOrg(orgName string) bool
type RealmAccess
type SsaClaims
- func (sc *SsaClaims) ValidateScope(scope string) bool

Constants ¶

View Source

const (
	// NgcOrgClaimTypePrefix is the prefix for access claim that contains NGC organization name
	// e.g. Staging: "group/ngc-stg", Production: "group/ngc"
	NgcOrgClaimTypePrefix = "group/ngc"
	// NgcAudience describes the audience value present in NGC tokens
	NgcAudience = "ngc"

	// SsaScopeKas is the scope required to access KAS
	SsaScopeKas = "kas"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type KeycloakClaims ¶

type KeycloakClaims struct {
	Email       string      `json:"email"`
	FirstName   string      `json:"given_name"`
	LastName    string      `json:"family_name"`
	RealmAccess RealmAccess `json:"realm_access"`
	ClientId    string      `json:"client_id"`
	Oidc_Id     string      `json:"oidc_id"`
	jwt.RegisteredClaims
}

KeycloakClaims represents the structure of Keycloak JWT claims

func (*KeycloakClaims) GetClientId ¶

func (k *KeycloakClaims) GetClientId() string

GetClientId returns the client_id from KeycloakClaims

func (*KeycloakClaims) GetEmail ¶

func (k *KeycloakClaims) GetEmail() string

GetEmail returns the email from KeycloakClaims

func (*KeycloakClaims) GetOidcId ¶

func (k *KeycloakClaims) GetOidcId() string

GetOidcId returns the oidc_id from KeycloakClaims

func (*KeycloakClaims) GetRealmRoles ¶

func (k *KeycloakClaims) GetRealmRoles() []string

GetRealmRoles returns the realm roles from KeycloakClaims

func (*KeycloakClaims) ToOrgData ¶

func (k *KeycloakClaims) ToOrgData() cdbm.OrgData

ToOrgData parses realm roles and returns a map of organizations to their roles Roles are deduplicated and empty org names or roles are skipped

type NgcAccessClaim ¶

type NgcAccessClaim struct {
	Type    string   `json:"type"`
	Name    string   `json:"name"`
	Actions []string `json:"actions"`
}

NgcAccessClaim represent the custom NGC KAS access claims

type NgcKasClaims ¶

type NgcKasClaims struct {
	Access []NgcAccessClaim `json:"access"`
	jwt.RegisteredClaims
}

NgcKasLegacyClaims represent the custom JWT claims used by NGC KAS

func (*NgcKasClaims) ValidateOrg ¶

func (nc *NgcKasClaims) ValidateOrg(orgName string) bool

ValidateOrg checks whether a specified org name is included in claims

type RealmAccess ¶

type RealmAccess struct {
	Roles []string `json:"roles"`
}

RealmAccess represents the realm_access structure in Keycloak JWT

type SsaClaims ¶

type SsaClaims struct {
	Scopes []string `json:"scopes"`
	jwt.RegisteredClaims
}

SsaClaims represent the custom JWT claims used by SSA

func (*SsaClaims) ValidateScope ¶

func (sc *SsaClaims) ValidateScope(scope string) bool

ValidateScope checks whether a specified scope is included in claims

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL