78 lines
2.4 KiB
Go
78 lines
2.4 KiB
Go
|
/*
|
||
|
Copyright 2018 The Kubernetes Authors.
|
||
|
|
||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
you may not use this file except in compliance with the License.
|
||
|
You may obtain a copy of the License at
|
||
|
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||
|
|
||
|
Unless required by applicable law or agreed to in writing, software
|
||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
See the License for the specific language governing permissions and
|
||
|
limitations under the License.
|
||
|
*/
|
||
|
|
||
|
package clientauthentication
|
||
|
|
||
|
import (
|
||
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||
|
)
|
||
|
|
||
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||
|
|
||
|
// ExecCredentials is used by exec-based plugins to communicate credentials to
|
||
|
// HTTP transports.
|
||
|
type ExecCredential struct {
|
||
|
metav1.TypeMeta
|
||
|
|
||
|
// Spec holds information passed to the plugin by the transport. This contains
|
||
|
// request and runtime specific information, such as if the session is interactive.
|
||
|
Spec ExecCredentialSpec
|
||
|
|
||
|
// Status is filled in by the plugin and holds the credentials that the transport
|
||
|
// should use to contact the API.
|
||
|
// +optional
|
||
|
Status *ExecCredentialStatus
|
||
|
}
|
||
|
|
||
|
// ExecCredenitalSpec holds request and runtime specific information provided by
|
||
|
// the transport.
|
||
|
type ExecCredentialSpec struct {
|
||
|
// Response is populated when the transport encounters HTTP status codes, such as 401,
|
||
|
// suggesting previous credentials were invalid.
|
||
|
// +optional
|
||
|
Response *Response
|
||
|
|
||
|
// Interactive is true when the transport detects the command is being called from an
|
||
|
// interactive prompt.
|
||
|
// +optional
|
||
|
Interactive bool
|
||
|
}
|
||
|
|
||
|
// ExecCredentialStatus holds credentials for the transport to use.
|
||
|
type ExecCredentialStatus struct {
|
||
|
// ExpirationTimestamp indicates a time when the provided credentials expire.
|
||
|
// +optional
|
||
|
ExpirationTimestamp *metav1.Time
|
||
|
// Token is a bearer token used by the client for request authentication.
|
||
|
// +optional
|
||
|
Token string
|
||
|
// PEM-encoded client TLS certificate.
|
||
|
// +optional
|
||
|
ClientCertificateData string
|
||
|
// PEM-encoded client TLS private key.
|
||
|
// +optional
|
||
|
ClientKeyData string
|
||
|
}
|
||
|
|
||
|
// Response defines metadata about a failed request, including HTTP status code and
|
||
|
// response headers.
|
||
|
type Response struct {
|
||
|
// Headers holds HTTP headers returned by the server.
|
||
|
Header map[string][]string
|
||
|
// Code is the HTTP status code returned by the server.
|
||
|
Code int32
|
||
|
}
|