Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
f02c8058
Commit
f02c8058
authored
Oct 15, 2015
by
Rohith
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[plugin/auth/tokenfile]
- allowing for variable length groups to be added to the static token file [docs/admin/authentication] - updating the documentation for token file
parent
bd1c26c1
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
20 additions
and
1 deletion
+20
-1
authentication.md
docs/admin/authentication.md
+2
-1
tokenfile.go
plugin/pkg/auth/authenticator/token/tokenfile/tokenfile.go
+5
-0
tokenfile_test.go
.../pkg/auth/authenticator/token/tokenfile/tokenfile_test.go
+13
-0
No files found.
docs/admin/authentication.md
View file @
f02c8058
...
...
@@ -46,7 +46,8 @@ to apiserver. Currently, tokens last indefinitely, and the token list cannot
be changed without restarting apiserver.
The token file format is implemented in
`plugin/pkg/auth/authenticator/token/tokenfile/...`
and is a csv file with 3 columns: token, user name, user uid.
and is a csv file with a minimum of 3 columns: token, user name, user uid, followed by
optional group names.
When using token authentication from an http client the apiserver expects an
`Authorization`
header with a value of
`Bearer SOMETOKEN`
.
...
...
plugin/pkg/auth/authenticator/token/tokenfile/tokenfile.go
View file @
f02c8058
...
...
@@ -40,6 +40,7 @@ func NewCSV(path string) (*TokenAuthenticator, error) {
tokens
:=
make
(
map
[
string
]
*
user
.
DefaultInfo
)
reader
:=
csv
.
NewReader
(
file
)
reader
.
FieldsPerRecord
=
-
1
for
{
record
,
err
:=
reader
.
Read
()
if
err
==
io
.
EOF
{
...
...
@@ -56,6 +57,10 @@ func NewCSV(path string) (*TokenAuthenticator, error) {
UID
:
record
[
2
],
}
tokens
[
record
[
0
]]
=
obj
if
len
(
record
)
>
3
{
obj
.
Groups
=
record
[
3
:
]
}
}
return
&
TokenAuthenticator
{
...
...
plugin/pkg/auth/authenticator/token/tokenfile/tokenfile_test.go
View file @
f02c8058
...
...
@@ -29,6 +29,8 @@ func TestTokenFile(t *testing.T) {
auth
,
err
:=
newWithContents
(
t
,
`
token1,user1,uid1
token2,user2,uid2
token3,user3,uid3,group1,group2
token4,user4,uid4,group2
`
)
if
err
!=
nil
{
t
.
Fatalf
(
"unable to read tokenfile: %v"
,
err
)
...
...
@@ -52,9 +54,19 @@ token2,user2,uid2
},
{
Token
:
"token3"
,
User
:
&
user
.
DefaultInfo
{
Name
:
"user3"
,
UID
:
"uid3"
,
Groups
:
[]
string
{
"group1"
,
"group2"
}},
Ok
:
true
,
},
{
Token
:
"token4"
,
User
:
&
user
.
DefaultInfo
{
Name
:
"user4"
,
UID
:
"uid4"
,
Groups
:
[]
string
{
"group2"
}},
Ok
:
true
,
},
{
Token
:
"token5"
,
},
{
Token
:
"token6"
,
},
}
for
i
,
testCase
:=
range
testCases
{
...
...
@@ -66,6 +78,7 @@ token2,user2,uid2
}
else
if
!
reflect
.
DeepEqual
(
testCase
.
User
,
user
)
{
t
.
Errorf
(
"%d: expected user %#v, got %#v"
,
i
,
testCase
.
User
,
user
)
}
if
testCase
.
Ok
!=
ok
{
t
.
Errorf
(
"%d: expected auth %v, got %v"
,
i
,
testCase
.
Ok
,
ok
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment