Documentation
¶
Index ¶
- Constants
- func SafeDNS1123Name(fullOriginalName string) (string, bool, string)
- type Credentials
- type DexAuthenticator
- type DexAuthenticatorSecret
- type DexCA
- type DexClient
- type DexClientSecret
- type DexGroup
- type DexGroupMember
- type DexGroupSpec
- type DexGroupStatus
- type DexProvider
- type DexUser
- type DexUserExpire
- type DexUserInternalValues
- type DexUserLock
- type DexUserLockReason
- type DexUserSpec
- type DexUserStatus
- type KubernetesSecret
- type KubernetesServicePort
- type OfflineSessionSnapshot
- type Password
- type PublishAPICert
- type RefreshTokenSnapshot
- type UserOperation
- type UserOperationLockSpec
- type UserOperationResetPasswordSpec
- type UserOperationSpec
- type UserOperationSpecType
- type UserOperationStatus
- type UserOperationStatusPhase
Constants ¶
View Source
const ( PasswordPolicyLockout = DexUserLockReason("PasswordPolicyLockout") LockedByAdministrator = DexUserLockReason("LockedByAdministrator") )
View Source
const ( UserOperationTypeResetPass = UserOperationSpecType("ResetPassword") UserOperationTypeReset2FA = UserOperationSpecType("Reset2FA") UserOperationTypeLock = UserOperationSpecType("Lock") UserOperationTypeUnlock = UserOperationSpecType("Unlock") )
View Source
const ( UserOperationStatusPhaseSucceeded = UserOperationStatusPhase("Succeeded") UserOperationStatusPhaseFailed = UserOperationStatusPhase("Failed") )
View Source
const (
PasswordAnnotationLockedByAdministrator = "deckhouse.io/locked-by-administrator"
)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Credentials ¶
type DexAuthenticator ¶
type DexAuthenticator struct {
ID string `json:"uuid"`
EncodedName string `json:"encodedName"`
Name string `json:"name"`
Namespace string `json:"namespace"`
Spec map[string]interface{} `json:"spec"`
AllowAccessToKubernetes bool `json:"allowAccessToKubernetes"`
Credentials Credentials `json:"credentials"`
}
type DexAuthenticatorSecret ¶
type DexAuthenticatorSecret struct {
ID string `json:"uuid"`
Name string `json:"name"`
Namespace string `json:"namespace"`
Credentials Credentials `json:"credentials"`
}
type DexClient ¶
type DexClient struct {
ID string `json:"id"`
EncodedID string `json:"encodedID"`
Name string `json:"name"`
Namespace string `json:"namespace"`
Spec map[string]interface{} `json:"spec"`
Secret string `json:"clientSecret"`
// LegacyID and LegacyEncodedID is formatted with a colons delimiter which is impossible to use as a
// basic auth credentials part
LegacyID string `json:"legacyID"`
LegacyEncodedID string `json:"legacyEncodedID"`
Labels map[string]string `json:"labels"`
Annotations map[string]string `json:"annotations"`
AllowAccessToKubernetes bool `json:"allowAccessToKubernetes"`
}
type DexClientSecret ¶
type DexGroup ¶ added in v1.48.0
type DexGroup struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec DexGroupSpec `json:"spec"`
Status DexGroupStatus `json:"status,omitempty"`
}
type DexGroupMember ¶ added in v1.48.0
type DexGroupSpec ¶ added in v1.48.0
type DexGroupSpec struct {
Name string `json:"name"`
Members []DexGroupMember `json:"members" yaml:"members"`
}
type DexGroupStatus ¶ added in v1.48.0
type DexProvider ¶
type DexProvider map[string]interface{}
type DexUser ¶
type DexUser struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec DexUserSpec `json:"spec"`
Status DexUserStatus `json:"status,omitempty"`
}
type DexUserExpire ¶
type DexUserInternalValues ¶ added in v1.48.0
type DexUserInternalValues struct {
Name string `json:"name"`
EncodedName string `json:"encodedName"`
Spec DexUserSpec `json:"spec"`
Status DexUserStatus `json:"status,omitempty"`
ExpireAt string `json:"-"`
}
type DexUserLock ¶ added in v1.72.1
type DexUserLock struct {
State bool `json:"state"`
Reason *DexUserLockReason `json:"reason,omitempty"`
Message *string `json:"message,omitempty"`
Until *string `json:"until,omitempty"`
}
type DexUserLockReason ¶ added in v1.72.1
type DexUserLockReason string
type DexUserSpec ¶ added in v1.48.0
type DexUserStatus ¶ added in v1.48.0
type DexUserStatus struct {
ExpireAt string `json:"expireAt,omitempty"`
Lock DexUserLock `json:"lock"`
}
type KubernetesSecret ¶
type KubernetesSecret []byte
type KubernetesServicePort ¶
type KubernetesServicePort intstr.IntOrString
type OfflineSessionSnapshot ¶ added in v1.75.0
type OfflineSessionSnapshot struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
UserID string `json:"userID"`
RefreshTokenIDs []string `json:"refreshTokenIDs,omitempty"`
}
OfflineSessionSnapshot is a minimal representation of Dex OfflineSessions object used by this hook. We intentionally keep it flexible: different Dex versions/storages may store user identity differently, and OfflineSessions may not have userID at all but contain refresh token references.
type Password ¶ added in v1.72.1
type Password struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Username string `json:"username"`
Email string `json:"email"`
Hash string `json:"hash"`
RequireResetHashOnNextSuccLogin bool `json:"requireResetHashOnNextSuccLogin"`
LockedUntil *time.Time `json:"lockedUntil"`
}
type PublishAPICert ¶
type RefreshTokenSnapshot ¶ added in v1.75.0
type RefreshTokenSnapshot struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
ClaimsUserID string `json:"claimsUserID,omitempty"`
ClaimsUsername string `json:"claimsUsername,omitempty"`
ClaimsPreferred string `json:"claimsPreferredUsername,omitempty"`
}
RefreshTokenSnapshot is a minimal representation of Dex RefreshToken object used by this hook.
type UserOperation ¶ added in v1.75.0
type UserOperation struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec UserOperationSpec `json:"spec"`
Status UserOperationStatus `json:"status"`
}
type UserOperationLockSpec ¶ added in v1.75.0
type UserOperationResetPasswordSpec ¶ added in v1.75.0
type UserOperationResetPasswordSpec struct {
NewPasswordHash string `json:"newPasswordHash"`
}
type UserOperationSpec ¶ added in v1.75.0
type UserOperationSpec struct {
User string `json:"user"`
Type UserOperationSpecType `json:"type"`
InitiatorType string `json:"initiatorType"`
ResetPassword *UserOperationResetPasswordSpec `json:"resetPassword,omitempty"`
Lock *UserOperationLockSpec `json:"lock,omitempty"`
}
type UserOperationSpecType ¶ added in v1.75.0
type UserOperationSpecType string
type UserOperationStatus ¶ added in v1.75.0
type UserOperationStatus struct {
Phase UserOperationStatusPhase `json:"phase"`
Message string `json:"message,omitempty"`
CompletedAt *metav1.Time `json:"completedAt"`
}
type UserOperationStatusPhase ¶ added in v1.75.0
type UserOperationStatusPhase string
Source Files
¶
- delete_crowd_basic_auth_proxy.go
- discover_apiserver_endpoints.go
- discover_dex_ca.go
- discover_dex_cluster_ip.go
- discover_publish_api_cert.go
- ensure_external_crds.go
- expire_dex_user_crds.go
- generate_basic_auth_proxy_cert.go
- generate_kubeconfig_encoded_names.go
- generate_kubernetes_dex_client_app_secret.go
- generate_selfsigned_ca.go
- get_dex_authenticator_crds.go
- get_dex_client_crds.go
- get_dex_providers_crds.go
- get_dex_user_crds.go
- get_dex_user_operation_crds.go
- order_dex_tls_certificate.go
Directories
Click to show internal directories.
Click to hide internal directories.