From 83248a9783a91b8982026fc067082d31a24cf375 Mon Sep 17 00:00:00 2001 From: zhouhaibing089 Date: Sat, 19 Mar 2016 14:08:15 +0800 Subject: [PATCH] move keystone package to password since it is a password authenticator --- pkg/apiserver/authenticator/authn.go | 2 +- .../authenticator/{request => password}/keystone/doc.go | 6 +++--- .../{request => password}/keystone/keystone.go | 5 +++-- 3 files changed, 7 insertions(+), 6 deletions(-) rename plugin/pkg/auth/authenticator/{request => password}/keystone/doc.go (73%) rename plugin/pkg/auth/authenticator/{request => password}/keystone/keystone.go (85%) diff --git a/pkg/apiserver/authenticator/authn.go b/pkg/apiserver/authenticator/authn.go index b95767ad938..44c1eb93aa6 100644 --- a/pkg/apiserver/authenticator/authn.go +++ b/pkg/apiserver/authenticator/authn.go @@ -23,9 +23,9 @@ import ( "k8s.io/kubernetes/pkg/auth/authenticator/bearertoken" "k8s.io/kubernetes/pkg/serviceaccount" "k8s.io/kubernetes/pkg/util/crypto" + "k8s.io/kubernetes/plugin/pkg/auth/authenticator/password/keystone" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/password/passwordfile" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/basicauth" - "k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/keystone" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/union" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/oidc" diff --git a/plugin/pkg/auth/authenticator/request/keystone/doc.go b/plugin/pkg/auth/authenticator/password/keystone/doc.go similarity index 73% rename from plugin/pkg/auth/authenticator/request/keystone/doc.go rename to plugin/pkg/auth/authenticator/password/keystone/doc.go index 68861495ab8..d4b0f43cbbf 100644 --- a/plugin/pkg/auth/authenticator/request/keystone/doc.go +++ b/plugin/pkg/auth/authenticator/password/keystone/doc.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -//Package keystone provide authentication via keystone. -// For details //about keystone and how to use the plugin, refer to -// https://github.com/kubernetes/kubernetes/blob/oidc/docs/admin/authentication.md +// Package keystone provides authentication via keystone. +// For details about keystone and how to use the plugin, refer to +// https://github.com/kubernetes/kubernetes.github.io/blob/master/docs/admin/authentication.md package keystone diff --git a/plugin/pkg/auth/authenticator/request/keystone/keystone.go b/plugin/pkg/auth/authenticator/password/keystone/keystone.go similarity index 85% rename from plugin/pkg/auth/authenticator/request/keystone/keystone.go rename to plugin/pkg/auth/authenticator/password/keystone/keystone.go index cf0335ac02a..6a7c8c8014c 100644 --- a/plugin/pkg/auth/authenticator/request/keystone/keystone.go +++ b/plugin/pkg/auth/authenticator/password/keystone/keystone.go @@ -26,12 +26,13 @@ import ( "k8s.io/kubernetes/pkg/auth/user" ) -// Keystone authenticator contacts openstack keystone to validate user's credentials passed in the request. +// KeystoneAuthenticator contacts openstack keystone to validate user's credentials passed in the request. // The keystone endpoint is passed during apiserver startup type KeystoneAuthenticator struct { authURL string } +// AuthenticatePassword checks the username, password via keystone call func (keystoneAuthenticator *KeystoneAuthenticator) AuthenticatePassword(username string, password string) (user.Info, bool, error) { opts := gophercloud.AuthOptions{ IdentityEndpoint: keystoneAuthenticator.authURL, @@ -48,7 +49,7 @@ func (keystoneAuthenticator *KeystoneAuthenticator) AuthenticatePassword(usernam return &user.DefaultInfo{Name: username}, true, nil } -// New returns a request authenticator that validates credentials using openstack keystone +// NewKeystoneAuthenticator returns a password authenticator that validates credentials using openstack keystone func NewKeystoneAuthenticator(authURL string) (*KeystoneAuthenticator, error) { if !strings.HasPrefix(authURL, "https") { return nil, errors.New("Auth URL should be secure and start with https")