github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 20:24:09 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #29361 from kubernetes/revert-28788-wire-authentication

Browse Source 
Revert "add tokenreviews endpoint to implement webhook"
This commit is contained in:
Wojciech Tyczynski 2016-07-21 09:45:32 +02:00 committed by GitHub
commit 68687013e8
58 changed files with 1577 additions and 5371 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
api/swagger-spec/authentication.k8s.io.json
View File

@ -1,110 +0,0 @@
{
"swaggerVersion": "1.2",
"apiVersion": "",
"basePath": "https://10.10.10.10:6443",
"resourcePath": "/apis/authentication.k8s.io",
"apis": [
{
"path": "/apis/authentication.k8s.io",
"description": "get information of a group",
"operations": [
{
"type": "unversioned.APIGroup",
"method": "GET",
"summary": "get information of a group",
"nickname": "getAPIGroup",
"parameters": [],
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"consumes": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
]
}
]
}
],
"models": {
"unversioned.APIGroup": {
"id": "unversioned.APIGroup",
"description": "APIGroup contains the name, the supported versions, and the preferred version of a group.",
"required": [
"name",
"versions",
"serverAddressByClientCIDRs"
],
"properties": {
"kind": {
"type": "string",
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds"
},
"apiVersion": {
"type": "string",
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources"
},
"name": {
"type": "string",
"description": "name is the name of the group."
},
"versions": {
"type": "array",
"items": {
"$ref": "unversioned.GroupVersionForDiscovery"
},
"description": "versions are the versions supported in this group."
},
"preferredVersion": {
"$ref": "unversioned.GroupVersionForDiscovery",
"description": "preferredVersion is the version preferred by the API server, which probably is the storage version."
},
"serverAddressByClientCIDRs": {
"type": "array",
"items": {
"$ref": "unversioned.ServerAddressByClientCIDR"
},
"description": "a map of client CIDR to server address that is serving this group. This is to help clients reach servers in the most network-efficient way possible. Clients can use the appropriate server address as per the CIDR that they match. In case of multiple matches, clients should use the longest matching CIDR. The server returns only those CIDRs that it thinks that the client can match. For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP. Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP."
}
}
},
"unversioned.GroupVersionForDiscovery": {
"id": "unversioned.GroupVersionForDiscovery",
"description": "GroupVersion contains the \"group/version\" and \"version\" string of a version. It is made a struct to keep extensibility.",
"required": [
"groupVersion",
"version"
],
"properties": {
"groupVersion": {
"type": "string",
"description": "groupVersion specifies the API group and version in the form \"group/version\""
},
"version": {
"type": "string",
"description": "version specifies the version in the form of \"version\". This is to save the clients the trouble of splitting the GroupVersion."
}
}
},
"unversioned.ServerAddressByClientCIDR": {
"id": "unversioned.ServerAddressByClientCIDR",
"description": "ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.",
"required": [
"clientCIDR",
"serverAddress"
],
"properties": {
"clientCIDR": {
"type": "string",
"description": "The CIDR with which clients can match their IP to figure out the server address that they should use."
},
"serverAddress": {
"type": "string",
"description": "Address of this server, suitable for a client that matches the above CIDR. This can be a hostname, hostname:port, IP or IP:port."
}
}
}
}
}

1
api/swagger-spec/authentication.k8s.io_v1.json
View File

@ -1 +0,0 @@

315
api/swagger-spec/authentication.k8s.io_v1beta1.json
View File

@ -1,315 +0,0 @@
{
"swaggerVersion": "1.2",
"apiVersion": "authentication.k8s.io/v1beta1",
"basePath": "https://10.10.10.10:6443",
"resourcePath": "/apis/authentication.k8s.io/v1beta1",
"apis": [
{
"path": "/apis/authentication.k8s.io/v1beta1/tokenreviews",
"description": "API at /apis/authentication.k8s.io/v1beta1",
"operations": [
{
"type": "v1beta1.TokenReview",
"method": "POST",
"summary": "create a TokenReview",
"nickname": "createTokenReview",
"parameters": [
{
"type": "string",
"paramType": "query",
"name": "pretty",
"description": "If 'true', then the output is pretty printed.",
"required": false,
"allowMultiple": false
},
{
"type": "v1beta1.TokenReview",
"paramType": "body",
"name": "body",
"description": "",
"required": true,
"allowMultiple": false
}
],
"responseMessages": [
{
"code": 200,
"message": "OK",
"responseModel": "v1beta1.TokenReview"
}
],
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"consumes": [
"*/*"
]
}
]
},
{
"path": "/apis/authentication.k8s.io/v1beta1",
"description": "API at /apis/authentication.k8s.io/v1beta1",
"operations": [
{
"type": "unversioned.APIResourceList",
"method": "GET",
"summary": "get available resources",
"nickname": "getAPIResources",
"parameters": [],
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"consumes": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
]
}
]
}
],
"models": {
"v1beta1.TokenReview": {
"id": "v1beta1.TokenReview",
"description": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.",
"required": [
"spec"
],
"properties": {
"kind": {
"type": "string",
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds"
},
"apiVersion": {
"type": "string",
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources"
},
"metadata": {
"$ref": "v1.ObjectMeta"
},
"spec": {
"$ref": "v1beta1.TokenReviewSpec",
"description": "Spec holds information about the request being evaluated"
},
"status": {
"$ref": "v1beta1.TokenReviewStatus",
"description": "Status is filled in by the server and indicates whether the request can be authenticated."
}
}
},
"v1.ObjectMeta": {
"id": "v1.ObjectMeta",
"description": "ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.",
"properties": {
"name": {
"type": "string",
"description": "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://releases.k8s.io/HEAD/docs/user-guide/identifiers.md#names"
},
"generateName": {
"type": "string",
"description": "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.\n\nIf this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).\n\nApplied only if Name is not specified. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#idempotency"
},
"namespace": {
"type": "string",
"description": "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://releases.k8s.io/HEAD/docs/user-guide/namespaces.md"
},
"selfLink": {
"type": "string",
"description": "SelfLink is a URL representing this object. Populated by the system. Read-only."
},
"uid": {
"type": "string",
"description": "UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.\n\nPopulated by the system. Read-only. More info: http://releases.k8s.io/HEAD/docs/user-guide/identifiers.md#uids"
},
"resourceVersion": {
"type": "string",
"description": "An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.\n\nPopulated by the system. Read-only. Value must be treated as opaque by clients and . More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#concurrency-control-and-consistency"
},
"generation": {
"type": "integer",
"format": "int64",
"description": "A sequence number representing a specific generation of the desired state. Populated by the system. Read-only."
},
"creationTimestamp": {
"type": "string",
"format": "date-time",
"description": "CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.\n\nPopulated by the system. Read-only. Null for lists. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata"
},
"deletionTimestamp": {
"type": "string",
"format": "date-time",
"description": "DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested.\n\nPopulated by the system when a graceful deletion is requested. Read-only. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata"
},
"deletionGracePeriodSeconds": {
"type": "integer",
"format": "int64",
"description": "Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only."
},
"labels": {
"type": "object",
"description": "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://releases.k8s.io/HEAD/docs/user-guide/labels.md"
},
"annotations": {
"type": "object",
"description": "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://releases.k8s.io/HEAD/docs/user-guide/annotations.md"
},
"ownerReferences": {
"type": "array",
"items": {
"$ref": "v1.OwnerReference"
},
"description": "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller."
},
"finalizers": {
"type": "array",
"items": {
"type": "string"
},
"description": "Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed."
}
}
},
"v1.OwnerReference": {
"id": "v1.OwnerReference",
"description": "OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field.",
"required": [
"apiVersion",
"kind",
"name",
"uid"
],
"properties": {
"apiVersion": {
"type": "string",
"description": "API version of the referent."
},
"kind": {
"type": "string",
"description": "Kind of the referent. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds"
},
"name": {
"type": "string",
"description": "Name of the referent. More info: http://releases.k8s.io/HEAD/docs/user-guide/identifiers.md#names"
},
"uid": {
"type": "string",
"description": "UID of the referent. More info: http://releases.k8s.io/HEAD/docs/user-guide/identifiers.md#uids"
},
"controller": {
"type": "boolean",
"description": "If true, this reference points to the managing controller."
}
}
},
"v1beta1.TokenReviewSpec": {
"id": "v1beta1.TokenReviewSpec",
"description": "TokenReviewSpec is a description of the token authentication request.",
"properties": {
"token": {
"type": "string",
"description": "Token is the opaque bearer token."
}
}
},
"v1beta1.TokenReviewStatus": {
"id": "v1beta1.TokenReviewStatus",
"description": "TokenReviewStatus is the result of the token authentication request.",
"properties": {
"authenticated": {
"type": "boolean",
"description": "Authenticated indicates that the token was associated with a known user."
},
"user": {
"$ref": "v1beta1.UserInfo",
"description": "User is the UserInfo associated with the provided token."
},
"error": {
"type": "string",
"description": "Error indicates that the token couldn't be checked"
}
}
},
"v1beta1.UserInfo": {
"id": "v1beta1.UserInfo",
"description": "UserInfo holds the information about the user needed to implement the user.Info interface.",
"properties": {
"username": {
"type": "string",
"description": "The name that uniquely identifies this user among all active users."
},
"uid": {
"type": "string",
"description": "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs."
},
"groups": {
"type": "array",
"items": {
"type": "string"
},
"description": "The names of groups this user is a part of."
},
"extra": {
"type": "object",
"description": "Any additional information provided by the authenticator."
}
}
},
"unversioned.APIResourceList": {
"id": "unversioned.APIResourceList",
"description": "APIResourceList is a list of APIResource, it is used to expose the name of the resources supported in a specific group and version, and if the resource is namespaced.",
"required": [
"groupVersion",
"resources"
],
"properties": {
"kind": {
"type": "string",
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds"
},
"apiVersion": {
"type": "string",
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources"
},
"groupVersion": {
"type": "string",
"description": "groupVersion is the group and version this APIResourceList is for."
},
"resources": {
"type": "array",
"items": {
"$ref": "unversioned.APIResource"
},
"description": "resources contains the name of the resources and if they are namespaced."
}
}
},
"unversioned.APIResource": {
"id": "unversioned.APIResource",
"description": "APIResource specifies the name of a resource and whether it is namespaced.",
"required": [
"name",
"namespaced",
"kind"
],
"properties": {
"name": {
"type": "string",
"description": "name is the name of the resource."
},
"namespaced": {
"type": "boolean",
"description": "namespaced indicates if a resource is namespaced or not."
},
"kind": {
"type": "string",
"description": "kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')"
}
}
}
}
}

8
api/swagger-spec/resourceListing.json
View File

@ -61,14 +61,6 @@
"path": "/apis/apps",
"description": "get information of a group"
},
{
"path": "/apis/authentication.k8s.io/v1beta1",
"description": "API at /apis/authentication.k8s.io/v1beta1"
},
{
"path": "/apis/authentication.k8s.io",
"description": "get information of a group"
},
{
"path": "/apis/certificates/v1alpha1",
"description": "API at /apis/certificates/v1alpha1"

2
cmd/libs/go2idl/client-gen/main.go
View File

@ -33,7 +33,7 @@ import (
var (
test = flag.BoolP("test", "t", false, "set this flag to generate the client code for the testdata")
inputVersions = flag.StringSlice("input", []string{"api/", "extensions/", "autoscaling/", "authentication/", "batch/", "rbac/", "certificates/"}, "group/versions that client-gen will generate clients for. At most one version per group is allowed. Specified in the format \"group1/version1,group2/version2...\". Default to \"api/,extensions/,autoscaling/,batch/,rbac/\"")
inputVersions = flag.StringSlice("input", []string{"api/", "extensions/", "autoscaling/", "batch/", "rbac/", "certificates/"}, "group/versions that client-gen will generate clients for. At most one version per group is allowed. Specified in the format \"group1/version1,group2/version2...\". Default to \"api/,extensions/,autoscaling/,batch/,rbac/\"")
includedTypesOverrides = flag.StringSlice("included-types-overrides", []string{}, "list of group/version/type for which client should be generated. By default, client is generated for all types which have genclient=true in types.go. This overrides that. For each groupVersion in this list, only the types mentioned here will be included. The default check of genclient=true will be used for other group versions.")
basePath = flag.String("input-base", "k8s.io/kubernetes/pkg/apis", "base path to look for the api group. Default to \"k8s.io/kubernetes/pkg/apis\"")
clientsetName = flag.StringP("clientset-name", "n", "internalclientset", "the name of the generated clientset package.")

1
cmd/libs/go2idl/go-to-protobuf/protobuf/cmd.go
View File

@ -72,7 +72,6 @@ func New() *Generator {
`k8s.io/kubernetes/pkg/apis/batch/v1`,
`k8s.io/kubernetes/pkg/apis/batch/v2alpha1`,
`k8s.io/kubernetes/pkg/apis/apps/v1alpha1`,
`k8s.io/kubernetes/pkg/apis/authentication/v1beta1`,
`k8s.io/kubernetes/pkg/apis/rbac/v1alpha1`,
`k8s.io/kubernetes/federation/apis/federation/v1beta1`,
`k8s.io/kubernetes/pkg/apis/certificates/v1alpha1`,

2
cmd/libs/go2idl/go-to-protobuf/protobuf/parser.go
View File

@ -132,7 +132,7 @@ func rewriteOptionalMethods(decl ast.Decl, isOptional OptionalFunc) {
switch t.Name.Name {
case "Unmarshal":
ast.Walk(&optionalItemsVisitor{}, t.Body)
case "MarshalTo", "Size", "String":
case "MarshalTo", "Size":
ast.Walk(&optionalItemsVisitor{}, t.Body)
fallthrough
case "Marshal":

4
hack/make-rules/test-cmd.sh
View File

@ -2298,10 +2298,6 @@ __EOF__
# Post-condition: node is schedulable
kube::test::get_object_assert "nodes 127.0.0.1" "{{.spec.unschedulable}}" '<no value>'
# check webhook token authentication endpoint, kubectl doesn't actually display the returned object so this isn't super useful
# but it proves that works
kubectl create -f test/fixtures/pkg/kubectl/cmd/create/tokenreview.json --validate=false
#####################
# Retrieve multiple #

2
hack/make-rules/test.sh
View File

@ -60,7 +60,7 @@ KUBE_GOVERALLS_BIN=${KUBE_GOVERALLS_BIN:-}
# "v1,compute/v1alpha1,experimental/v1alpha2;v1,compute/v2,experimental/v1alpha3"
# FIXME: due to current implementation of a test client (see: pkg/api/testapi/testapi.go)
# ONLY the last version is tested in each group.
KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,autoscaling/v1,authentication.k8s.io/v1beta1,batch/v1,batch/v2alpha1,extensions/v1beta1,apps/v1alpha1,federation/v1beta1,policy/v1alpha1,rbac.authorization.k8s.io/v1alpha1,certificates/v1alpha1"}
KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,autoscaling/v1,batch/v1,batch/v2alpha1,extensions/v1beta1,apps/v1alpha1,federation/v1beta1,policy/v1alpha1,rbac.authorization.k8s.io/v1alpha1,certificates/v1alpha1"}
# once we have multiple group supports
# Create a junit-style XML test report in this directory if set.
KUBE_JUNIT_REPORT_DIR=${KUBE_JUNIT_REPORT_DIR:-}

2
hack/update-generated-swagger-docs.sh
View File

@ -57,7 +57,7 @@ EOF
mv "$TMPFILE" "pkg/$(kube::util::group-version-to-pkg-path "${group_version}")/types_swagger_doc_generated.go"
}
GROUP_VERSIONS=(unversioned v1 authentication/v1beta1 authorization/v1beta1 autoscaling/v1 batch/v1 batch/v2alpha1 extensions/v1beta1 apps/v1alpha1 policy/v1alpha1 rbac/v1alpha1 certificates/v1alpha1)
GROUP_VERSIONS=(unversioned v1 authorization/v1beta1 autoscaling/v1 batch/v1 batch/v2alpha1 extensions/v1beta1 apps/v1alpha1 policy/v1alpha1 rbac/v1alpha1 certificates/v1alpha1)
# To avoid compile errors, remove the currently existing files.
for group_version in "${GROUP_VERSIONS[@]}"; do
rm -f "pkg/$(kube::util::group-version-to-pkg-path "${group_version}")/types_swagger_doc_generated.go"

2
hack/update-swagger-spec.sh
View File

@ -74,7 +74,7 @@ APISERVER_PID=$!
kube::util::wait_for_url "http://127.0.0.1:${API_PORT}/healthz" "apiserver: "
SWAGGER_API_PATH="http://127.0.0.1:${API_PORT}/swaggerapi/"
DEFAULT_GROUP_VERSIONS="v1 authentication.k8s.io/v1beta1 autoscaling/v1 batch/v1 batch/v2alpha1 extensions/v1beta1 apps/v1alpha1 policy/v1alpha1 rbac.authorization.k8s.io/v1alpha1 certificates/v1alpha1"
DEFAULT_GROUP_VERSIONS="v1 autoscaling/v1 batch/v1 batch/v2alpha1 extensions/v1beta1 apps/v1alpha1 policy/v1alpha1 rbac.authorization.k8s.io/v1alpha1 certificates/v1alpha1"
VERSIONS=${VERSIONS:-$DEFAULT_GROUP_VERSIONS}
kube::log::status "Updating " ${SWAGGER_ROOT_DIR}

1
pkg/api/testapi/testapi.go
View File

@ -42,7 +42,6 @@ import (
_ "k8s.io/kubernetes/federation/apis/federation/install"
_ "k8s.io/kubernetes/pkg/api/install"
_ "k8s.io/kubernetes/pkg/apis/apps/install"
_ "k8s.io/kubernetes/pkg/apis/authentication/install"
_ "k8s.io/kubernetes/pkg/apis/autoscaling/install"
_ "k8s.io/kubernetes/pkg/apis/batch/install"
_ "k8s.io/kubernetes/pkg/apis/certificates/install"

4
pkg/apis/authentication/doc.go → pkg/apis/authentication.k8s.io/doc.go
View File

@ -15,5 +15,5 @@ limitations under the License.
*/
// +k8s:deepcopy-gen=package,register
// +groupName=authentication.k8s.io
package authentication // import "k8s.io/kubernetes/pkg/apis/authentication"
package authentication // import "k8s.io/kubernetes/pkg/apis/authentication.k8s.io"

6
pkg/apis/authentication/install/install.go → pkg/apis/authentication.k8s.io/install/install.go
View File

@ -28,13 +28,13 @@ import (
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/apimachinery"
"k8s.io/kubernetes/pkg/apimachinery/registered"
"k8s.io/kubernetes/pkg/apis/authentication"
"k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
"k8s.io/kubernetes/pkg/apis/authentication.k8s.io"
"k8s.io/kubernetes/pkg/apis/authentication.k8s.io/v1beta1"
"k8s.io/kubernetes/pkg/runtime"
"k8s.io/kubernetes/pkg/util/sets"
)
const importPrefix = "k8s.io/kubernetes/pkg/apis/authentication"
const importPrefix = "k8s.io/kubernetes/pkg/apis/authentication.k8s.io"
var accessor = meta.NewAccessor()

7
pkg/apis/authentication/register.go → pkg/apis/authentication.k8s.io/register.go
View File

@ -17,7 +17,6 @@ limitations under the License.
package authentication
import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/runtime"
)
@ -44,10 +43,8 @@ func AddToScheme(scheme *runtime.Scheme) {
func addKnownTypes(scheme *runtime.Scheme) {
scheme.AddKnownTypes(SchemeGroupVersion,
&api.ListOptions{},
&api.DeleteOptions{},
&api.ExportOptions{},
&TokenReview{},
)
}
func (obj *TokenReview) GetObjectKind() unversioned.ObjectKind { return &obj.TypeMeta }

1265
pkg/apis/authentication.k8s.io/types.generated.go Normal file
View File

File diff suppressed because it is too large Load Diff

16
pkg/apis/authentication/types.go → pkg/apis/authentication.k8s.io/types.go
View File

@ -17,20 +17,12 @@ limitations under the License.
package authentication
import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/unversioned"
)
// +genclient=true
// +nonNamespaced=true
// +noMethods=true
// TokenReview attempts to authenticate a token to a known user.
type TokenReview struct {
unversioned.TypeMeta
// ObjectMeta fulfills the meta.ObjectMetaAccessor interface so that the stock
// REST handler paths work
api.ObjectMeta
// Spec holds information about the request being evaluated
Spec TokenReviewSpec
@ -46,14 +38,11 @@ type TokenReviewSpec struct {
}
// TokenReviewStatus is the result of the token authentication request.
// This type mirrors the authentication.Token interface
type TokenReviewStatus struct {
// Authenticated indicates that the token was associated with a known user.
Authenticated bool
// User is the UserInfo associated with the provided token.
User UserInfo
// Error indicates that the token couldn't be checked
Error string
}
// UserInfo holds the information about the user needed to implement the
@ -68,8 +57,5 @@ type UserInfo struct {
// The names of groups this user is a part of.
Groups []string
// Any additional information provided by the authenticator.
Extra map[string]ExtraValue
Extra map[string][]string
}
// ExtraValue masks the value so protobuf can generate
type ExtraValue []string

0
pkg/apis/authentication/v1beta1/conversion.go → pkg/apis/authentication.k8s.io/v1beta1/conversion.go
View File

0
pkg/apis/authentication/v1beta1/defaults.go → pkg/apis/authentication.k8s.io/v1beta1/defaults.go
View File

6
pkg/apis/authentication/v1beta1/doc.go → pkg/apis/authentication.k8s.io/v1beta1/doc.go
View File

@ -15,6 +15,6 @@ limitations under the License.
*/
// +k8s:deepcopy-gen=package,register
// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/authentication
// +groupName=authentication.k8s.io
package v1beta1 // import "k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
// +k8s:conversion-gen=k8s.io/kubernetes/pkg/apis/authentication.k8s.io
package v1beta1 // import "k8s.io/kubernetes/pkg/apis/authentication.k8s.io/v1beta1"

7
pkg/apis/authentication/v1beta1/register.go → pkg/apis/authentication.k8s.io/v1beta1/register.go
View File

@ -18,7 +18,6 @@ package v1beta1
import (
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/api/v1"
"k8s.io/kubernetes/pkg/runtime"
)
@ -38,10 +37,8 @@ func AddToScheme(scheme *runtime.Scheme) {
// Adds the list of known types to api.Scheme.
func addKnownTypes(scheme *runtime.Scheme) {
scheme.AddKnownTypes(SchemeGroupVersion,
&v1.ListOptions{},
&v1.DeleteOptions{},
&v1.ExportOptions{},
&TokenReview{},
)
}
func (obj *TokenReview) GetObjectKind() unversioned.ObjectKind { return &obj.TypeMeta }

345
pkg/apis/authentication/v1beta1/types.generated.go → pkg/apis/authentication.k8s.io/v1beta1/types.generated.go
View File

@ -26,11 +26,8 @@ import (
"fmt"
codec1978 "github.com/ugorji/go/codec"
pkg1_unversioned "k8s.io/kubernetes/pkg/api/unversioned"
pkg2_v1 "k8s.io/kubernetes/pkg/api/v1"
pkg3_types "k8s.io/kubernetes/pkg/types"
"reflect"
"runtime"
time "time"
)
const (
@ -64,10 +61,7 @@ func init() {
}
if false { // reference the types, but skip this branch at build/run time
var v0 pkg1_unversioned.TypeMeta
var v1 pkg2_v1.ObjectMeta
var v2 pkg3_types.UID
var v3 time.Time
_, _, _, _ = v0, v1, v2, v3
_ = v0
}
}
@ -85,16 +79,15 @@ func (x *TokenReview) CodecEncodeSelf(e *codec1978.Encoder) {
} else {
yysep2 := !z.EncBinary()
yy2arr2 := z.EncBasicHandle().StructToArray
var yyq2 [5]bool
var yyq2 [4]bool
_, _, _ = yysep2, yyq2, yy2arr2
const yyr2 bool = false
yyq2[0] = true
yyq2[2] = true
yyq2[3] = x.Kind != ""
yyq2[4] = x.APIVersion != ""
yyq2[1] = true
yyq2[2] = x.Kind != ""
yyq2[3] = x.APIVersion != ""
var yynn2 int
if yyr2 || yy2arr2 {
r.EncodeArrayStart(5)
r.EncodeArrayStart(4)
} else {
yynn2 = 1
for _, b := range yyq2 {
@ -107,54 +100,37 @@ func (x *TokenReview) CodecEncodeSelf(e *codec1978.Encoder) {
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[0] {
yy4 := &x.ObjectMeta
yy4.CodecEncodeSelf(e)
} else {
r.EncodeNil()
}
} else {
if yyq2[0] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("metadata"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yy6 := &x.ObjectMeta
yy6.CodecEncodeSelf(e)
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
yy9 := &x.Spec
yy9.CodecEncodeSelf(e)
yy4 := &x.Spec
yy4.CodecEncodeSelf(e)
} else {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("spec"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yy11 := &x.Spec
yy11.CodecEncodeSelf(e)
yy6 := &x.Spec
yy6.CodecEncodeSelf(e)
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[2] {
yy14 := &x.Status
yy14.CodecEncodeSelf(e)
if yyq2[1] {
yy9 := &x.Status
yy9.CodecEncodeSelf(e)
} else {
r.EncodeNil()
}
} else {
if yyq2[2] {
if yyq2[1] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("status"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yy16 := &x.Status
yy16.CodecEncodeSelf(e)
yy11 := &x.Status
yy11.CodecEncodeSelf(e)
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[3] {
yym19 := z.EncBinary()
_ = yym19
if yyq2[2] {
yym14 := z.EncBinary()
_ = yym14
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.Kind))
@ -163,12 +139,12 @@ func (x *TokenReview) CodecEncodeSelf(e *codec1978.Encoder) {
r.EncodeString(codecSelferC_UTF81234, "")
}
} else {
if yyq2[3] {
if yyq2[2] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("kind"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yym20 := z.EncBinary()
_ = yym20
yym15 := z.EncBinary()
_ = yym15
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.Kind))
@ -177,9 +153,9 @@ func (x *TokenReview) CodecEncodeSelf(e *codec1978.Encoder) {
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[4] {
yym22 := z.EncBinary()
_ = yym22
if yyq2[3] {
yym17 := z.EncBinary()
_ = yym17
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.APIVersion))
@ -188,12 +164,12 @@ func (x *TokenReview) CodecEncodeSelf(e *codec1978.Encoder) {
r.EncodeString(codecSelferC_UTF81234, "")
}
} else {
if yyq2[4] {
if yyq2[3] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("apiVersion"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yym23 := z.EncBinary()
_ = yym23
yym18 := z.EncBinary()
_ = yym18
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.APIVersion))
@ -261,26 +237,19 @@ func (x *TokenReview) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) {
yys3 := string(yys3Slc)
z.DecSendContainerState(codecSelfer_containerMapValue1234)
switch yys3 {
case "metadata":
if r.TryDecodeAsNil() {
x.ObjectMeta = pkg2_v1.ObjectMeta{}
} else {
yyv4 := &x.ObjectMeta
yyv4.CodecDecodeSelf(d)
}
case "spec":
if r.TryDecodeAsNil() {
x.Spec = TokenReviewSpec{}
} else {
yyv5 := &x.Spec
yyv5.CodecDecodeSelf(d)
yyv4 := &x.Spec
yyv4.CodecDecodeSelf(d)
}
case "status":
if r.TryDecodeAsNil() {
x.Status = TokenReviewStatus{}
} else {
yyv6 := &x.Status
yyv6.CodecDecodeSelf(d)
yyv5 := &x.Status
yyv5.CodecDecodeSelf(d)
}
case "kind":
if r.TryDecodeAsNil() {
@ -305,33 +274,16 @@ func (x *TokenReview) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
var yyj9 int
var yyb9 bool
var yyhl9 bool = l >= 0
yyj9++
if yyhl9 {
yyb9 = yyj9 > l
var yyj8 int
var yyb8 bool
var yyhl8 bool = l >= 0
yyj8++
if yyhl8 {
yyb8 = yyj8 > l
} else {
yyb9 = r.CheckBreak()
yyb8 = r.CheckBreak()
}
if yyb9 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
if r.TryDecodeAsNil() {
x.ObjectMeta = pkg2_v1.ObjectMeta{}
} else {
yyv10 := &x.ObjectMeta
yyv10.CodecDecodeSelf(d)
}
yyj9++
if yyhl9 {
yyb9 = yyj9 > l
} else {
yyb9 = r.CheckBreak()
}
if yyb9 {
if yyb8 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -339,16 +291,16 @@ func (x *TokenReview) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
if r.TryDecodeAsNil() {
x.Spec = TokenReviewSpec{}
} else {
yyv11 := &x.Spec
yyv11.CodecDecodeSelf(d)
yyv9 := &x.Spec
yyv9.CodecDecodeSelf(d)
}
yyj9++
if yyhl9 {
yyb9 = yyj9 > l
yyj8++
if yyhl8 {
yyb8 = yyj8 > l
} else {
yyb9 = r.CheckBreak()
yyb8 = r.CheckBreak()
}
if yyb9 {
if yyb8 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -356,16 +308,16 @@ func (x *TokenReview) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
if r.TryDecodeAsNil() {
x.Status = TokenReviewStatus{}
} else {
yyv12 := &x.Status
yyv12.CodecDecodeSelf(d)
yyv10 := &x.Status
yyv10.CodecDecodeSelf(d)
}
yyj9++
if yyhl9 {
yyb9 = yyj9 > l
yyj8++
if yyhl8 {
yyb8 = yyj8 > l
} else {
yyb9 = r.CheckBreak()
yyb8 = r.CheckBreak()
}
if yyb9 {
if yyb8 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -375,13 +327,13 @@ func (x *TokenReview) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
} else {
x.Kind = string(r.DecodeString())
}
yyj9++
if yyhl9 {
yyb9 = yyj9 > l
yyj8++
if yyhl8 {
yyb8 = yyj8 > l
} else {
yyb9 = r.CheckBreak()
yyb8 = r.CheckBreak()
}
if yyb9 {
if yyb8 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -392,17 +344,17 @@ func (x *TokenReview) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
x.APIVersion = string(r.DecodeString())
}
for {
yyj9++
if yyhl9 {
yyb9 = yyj9 > l
yyj8++
if yyhl8 {
yyb8 = yyj8 > l
} else {
yyb9 = r.CheckBreak()
yyb8 = r.CheckBreak()
}
if yyb9 {
if yyb8 {
break
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
z.DecStructFieldNotFound(yyj9-1, "")
z.DecStructFieldNotFound(yyj8-1, "")
}
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
}
@ -590,15 +542,14 @@ func (x *TokenReviewStatus) CodecEncodeSelf(e *codec1978.Encoder) {
} else {
yysep2 := !z.EncBinary()
yy2arr2 := z.EncBasicHandle().StructToArray
var yyq2 [3]bool
var yyq2 [2]bool
_, _, _ = yysep2, yyq2, yy2arr2
const yyr2 bool = false
yyq2[0] = x.Authenticated != false
yyq2[1] = true
yyq2[2] = x.Error != ""
var yynn2 int
if yyr2 || yy2arr2 {
r.EncodeArrayStart(3)
r.EncodeArrayStart(2)
} else {
yynn2 = 0
for _, b := range yyq2 {
@ -651,31 +602,6 @@ func (x *TokenReviewStatus) CodecEncodeSelf(e *codec1978.Encoder) {
yy9.CodecEncodeSelf(e)
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayElem1234)
if yyq2[2] {
yym12 := z.EncBinary()
_ = yym12
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.Error))
}
} else {
r.EncodeString(codecSelferC_UTF81234, "")
}
} else {
if yyq2[2] {
z.EncSendContainerState(codecSelfer_containerMapKey1234)
r.EncodeString(codecSelferC_UTF81234, string("error"))
z.EncSendContainerState(codecSelfer_containerMapValue1234)
yym13 := z.EncBinary()
_ = yym13
if false {
} else {
r.EncodeString(codecSelferC_UTF81234, string(x.Error))
}
}
}
if yyr2 || yy2arr2 {
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
} else {
@ -750,12 +676,6 @@ func (x *TokenReviewStatus) codecDecodeSelfFromMap(l int, d *codec1978.Decoder)
yyv5 := &x.User
yyv5.CodecDecodeSelf(d)
}
case "error":
if r.TryDecodeAsNil() {
x.Error = ""
} else {
x.Error = string(r.DecodeString())
}
default:
z.DecStructFieldNotFound(-1, yys3)
} // end switch yys3
@ -767,16 +687,16 @@ func (x *TokenReviewStatus) codecDecodeSelfFromArray(l int, d *codec1978.Decoder
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
var yyj7 int
var yyb7 bool
var yyhl7 bool = l >= 0
yyj7++
if yyhl7 {
yyb7 = yyj7 > l
var yyj6 int
var yyb6 bool
var yyhl6 bool = l >= 0
yyj6++
if yyhl6 {
yyb6 = yyj6 > l
} else {
yyb7 = r.CheckBreak()
yyb6 = r.CheckBreak()
}
if yyb7 {
if yyb6 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -786,13 +706,13 @@ func (x *TokenReviewStatus) codecDecodeSelfFromArray(l int, d *codec1978.Decoder
} else {
x.Authenticated = bool(r.DecodeBool())
}
yyj7++
if yyhl7 {
yyb7 = yyj7 > l
yyj6++
if yyhl6 {
yyb6 = yyj6 > l
} else {
yyb7 = r.CheckBreak()
yyb6 = r.CheckBreak()
}
if yyb7 {
if yyb6 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
@ -800,37 +720,21 @@ func (x *TokenReviewStatus) codecDecodeSelfFromArray(l int, d *codec1978.Decoder
if r.TryDecodeAsNil() {
x.User = UserInfo{}
} else {
yyv9 := &x.User
yyv9.CodecDecodeSelf(d)
}
yyj7++
if yyhl7 {
yyb7 = yyj7 > l
} else {
yyb7 = r.CheckBreak()
}
if yyb7 {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
return
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
if r.TryDecodeAsNil() {
x.Error = ""
} else {
x.Error = string(r.DecodeString())
yyv8 := &x.User
yyv8.CodecDecodeSelf(d)
}
for {
yyj7++
if yyhl7 {
yyb7 = yyj7 > l
yyj6++
if yyhl6 {
yyb6 = yyj6 > l
} else {
yyb7 = r.CheckBreak()
yyb6 = r.CheckBreak()
}
if yyb7 {
if yyb6 {
break
}
z.DecSendContainerState(codecSelfer_containerArrayElem1234)
z.DecStructFieldNotFound(yyj7-1, "")
z.DecStructFieldNotFound(yyj6-1, "")
}
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
}
@ -962,7 +866,7 @@ func (x *UserInfo) CodecEncodeSelf(e *codec1978.Encoder) {
_ = yym13
if false {
} else {
h.encMapstringExtraValue((map[string]ExtraValue)(x.Extra), e)
h.encMapstringSlicestring((map[string][]string)(x.Extra), e)
}
}
} else {
@ -980,7 +884,7 @@ func (x *UserInfo) CodecEncodeSelf(e *codec1978.Encoder) {
_ = yym14
if false {
} else {
h.encMapstringExtraValue((map[string]ExtraValue)(x.Extra), e)
h.encMapstringSlicestring((map[string][]string)(x.Extra), e)
}
}
}
@ -1079,7 +983,7 @@ func (x *UserInfo) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) {
_ = yym9
if false {
} else {
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv8), d)
h.decMapstringSlicestring((*map[string][]string)(yyv8), d)
}
}
default:
@ -1169,7 +1073,7 @@ func (x *UserInfo) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
_ = yym16
if false {
} else {
h.decMapstringExtraValue((*map[string]ExtraValue)(yyv15), d)
h.decMapstringSlicestring((*map[string][]string)(yyv15), d)
}
}
for {
@ -1188,37 +1092,7 @@ func (x *UserInfo) codecDecodeSelfFromArray(l int, d *codec1978.Decoder) {
z.DecSendContainerState(codecSelfer_containerArrayEnd1234)
}
func (x ExtraValue) CodecEncodeSelf(e *codec1978.Encoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperEncoder(e)
_, _, _ = h, z, r
if x == nil {
r.EncodeNil()
} else {
yym1 := z.EncBinary()
_ = yym1
if false {
} else if z.HasExtensions() && z.EncExt(x) {
} else {
h.encExtraValue((ExtraValue)(x), e)
}
}
}
func (x *ExtraValue) CodecDecodeSelf(d *codec1978.Decoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
yym1 := z.DecBinary()
_ = yym1
if false {
} else if z.HasExtensions() && z.DecExt(x) {
} else {
h.decExtraValue((*ExtraValue)(x), d)
}
}
func (x codecSelfer1234) encMapstringExtraValue(v map[string]ExtraValue, e *codec1978.Encoder) {
func (x codecSelfer1234) encMapstringSlicestring(v map[string][]string, e *codec1978.Encoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperEncoder(e)
_, _, _ = h, z, r
@ -1235,13 +1109,18 @@ func (x codecSelfer1234) encMapstringExtraValue(v map[string]ExtraValue, e *code
if yyv1 == nil {
r.EncodeNil()
} else {
yyv1.CodecEncodeSelf(e)
yym3 := z.EncBinary()
_ = yym3
if false {
} else {
z.F.EncSliceStringV(yyv1, false, e)
}
}
}
z.EncSendContainerState(codecSelfer_containerMapEnd1234)
}
func (x codecSelfer1234) decMapstringExtraValue(v *map[string]ExtraValue, d *codec1978.Decoder) {
func (x codecSelfer1234) decMapstringSlicestring(v *map[string][]string, d *codec1978.Decoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r
@ -1251,11 +1130,11 @@ func (x codecSelfer1234) decMapstringExtraValue(v *map[string]ExtraValue, d *cod
yybh1 := z.DecBasicHandle()
if yyv1 == nil {
yyrl1, _ := z.DecInferLen(yyl1, yybh1.MaxInitLen, 40)
yyv1 = make(map[string]ExtraValue, yyrl1)
yyv1 = make(map[string][]string, yyrl1)
*v = yyv1
}
var yymk1 string
var yymv1 ExtraValue
var yymv1 []string
var yymg1 bool
if yybh1.MapValueReset {
yymg1 = true
@ -1279,7 +1158,12 @@ func (x codecSelfer1234) decMapstringExtraValue(v *map[string]ExtraValue, d *cod
yymv1 = nil
} else {
yyv3 := &yymv1
yyv3.CodecDecodeSelf(d)
yym4 := z.DecBinary()
_ = yym4
if false {
} else {
z.F.DecSliceStringX(yyv3, false, d)
}
}
if yyv1 != nil {
@ -1304,8 +1188,13 @@ func (x codecSelfer1234) decMapstringExtraValue(v *map[string]ExtraValue, d *cod
if r.TryDecodeAsNil() {
yymv1 = nil
} else {
yyv5 := &yymv1
yyv5.CodecDecodeSelf(d)
yyv6 := &yymv1
yym7 := z.DecBinary()
_ = yym7
if false {
} else {
z.F.DecSliceStringX(yyv6, false, d)
}
}
if yyv1 != nil {
@ -1316,7 +1205,7 @@ func (x codecSelfer1234) decMapstringExtraValue(v *map[string]ExtraValue, d *cod
z.DecSendContainerState(codecSelfer_containerMapEnd1234)
}
func (x codecSelfer1234) encExtraValue(v ExtraValue, e *codec1978.Encoder) {
func (x codecSelfer1234) encSlicestring(v []string, e *codec1978.Encoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperEncoder(e)
_, _, _ = h, z, r
@ -1333,7 +1222,7 @@ func (x codecSelfer1234) encExtraValue(v ExtraValue, e *codec1978.Encoder) {
z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
}
func (x codecSelfer1234) decExtraValue(v *ExtraValue, d *codec1978.Decoder) {
func (x codecSelfer1234) decSlicestring(v *[]string, d *codec1978.Decoder) {
var h codecSelfer1234
z, r := codec1978.GenHelperDecoder(d)
_, _, _ = h, z, r

37
pkg/apis/authentication/v1beta1/types.go → pkg/apis/authentication.k8s.io/v1beta1/types.go
View File

@ -17,66 +17,47 @@ limitations under the License.
package v1beta1
import (
"fmt"
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/api/v1"
)
// +genclient=true
// +nonNamespaced=true
// +noMethods=true
// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator
// plugin in the kube-apiserver.
type TokenReview struct {
unversioned.TypeMeta `json:",inline"`
v1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// Spec holds information about the request being evaluated
Spec TokenReviewSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
Spec TokenReviewSpec `json:"spec"`
// Status is filled in by the server and indicates whether the request can be authenticated.
Status TokenReviewStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
Status TokenReviewStatus `json:"status,omitempty"`
}
// TokenReviewSpec is a description of the token authentication request.
type TokenReviewSpec struct {
// Token is the opaque bearer token.
Token string `json:"token,omitempty" protobuf:"bytes,1,opt,name=token"`
Token string `json:"token,omitempty"`
}
// TokenReviewStatus is the result of the token authentication request.
type TokenReviewStatus struct {
// Authenticated indicates that the token was associated with a known user.
Authenticated bool `json:"authenticated,omitempty" protobuf:"varint,1,opt,name=authenticated"`
Authenticated bool `json:"authenticated,omitempty"`
// User is the UserInfo associated with the provided token.
User UserInfo `json:"user,omitempty" protobuf:"bytes,2,opt,name=user"`
// Error indicates that the token couldn't be checked
Error string `json:"error,omitempty" protobuf:"bytes,3,opt,name=error"`
User UserInfo `json:"user,omitempty"`
}
// UserInfo holds the information about the user needed to implement the
// user.Info interface.
type UserInfo struct {
// The name that uniquely identifies this user among all active users.
Username string `json:"username,omitempty" protobuf:"bytes,1,opt,name=username"`
Username string `json:"username,omitempty"`
// A unique value that identifies this user across time. If this user is
// deleted and another user by the same name is added, they will have
// different UIDs.
UID string `json:"uid,omitempty" protobuf:"bytes,2,opt,name=uid"`
UID string `json:"uid,omitempty"`
// The names of groups this user is a part of.
Groups []string `json:"groups,omitempty" protobuf:"bytes,3,rep,name=groups"`
Groups []string `json:"groups,omitempty"`
// Any additional information provided by the authenticator.
Extra map[string]ExtraValue `json:"extra,omitempty" protobuf:"bytes,4,rep,name=extra"`
}
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
type ExtraValue []string
func (t ExtraValue) String() string {
return fmt.Sprintf("%v", []string(t))
Extra map[string][]string `json:"extra,omitempty"`
}

143
pkg/apis/authentication.k8s.io/v1beta1/zz_generated.conversion.go Normal file
View File

@ -0,0 +1,143 @@
// +build !ignore_autogenerated
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by conversion-gen. Do not edit it manually!
package v1beta1
import (
api "k8s.io/kubernetes/pkg/api"
authentication_k8s_io "k8s.io/kubernetes/pkg/apis/authentication.k8s.io"
conversion "k8s.io/kubernetes/pkg/conversion"
)
func init() {
if err := api.Scheme.AddGeneratedConversionFuncs(
Convert_v1beta1_TokenReview_To_authenticationk8sio_TokenReview,
Convert_authenticationk8sio_TokenReview_To_v1beta1_TokenReview,
Convert_v1beta1_TokenReviewSpec_To_authenticationk8sio_TokenReviewSpec,
Convert_authenticationk8sio_TokenReviewSpec_To_v1beta1_TokenReviewSpec,
Convert_v1beta1_TokenReviewStatus_To_authenticationk8sio_TokenReviewStatus,
Convert_authenticationk8sio_TokenReviewStatus_To_v1beta1_TokenReviewStatus,
Convert_v1beta1_UserInfo_To_authenticationk8sio_UserInfo,
Convert_authenticationk8sio_UserInfo_To_v1beta1_UserInfo,
); err != nil {
// if one of the conversion functions is malformed, detect it immediately.
panic(err)
}
}
func autoConvert_v1beta1_TokenReview_To_authenticationk8sio_TokenReview(in *TokenReview, out *authentication_k8s_io.TokenReview, s conversion.Scope) error {
if err := api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
return err
}
if err := Convert_v1beta1_TokenReviewSpec_To_authenticationk8sio_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {
return err
}
if err := Convert_v1beta1_TokenReviewStatus_To_authenticationk8sio_TokenReviewStatus(&in.Status, &out.Status, s); err != nil {
return err
}
return nil
}
func Convert_v1beta1_TokenReview_To_authenticationk8sio_TokenReview(in *TokenReview, out *authentication_k8s_io.TokenReview, s conversion.Scope) error {
return autoConvert_v1beta1_TokenReview_To_authenticationk8sio_TokenReview(in, out, s)
}
func autoConvert_authenticationk8sio_TokenReview_To_v1beta1_TokenReview(in *authentication_k8s_io.TokenReview, out *TokenReview, s conversion.Scope) error {
if err := api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
return err
}
if err := Convert_authenticationk8sio_TokenReviewSpec_To_v1beta1_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {
return err
}
if err := Convert_authenticationk8sio_TokenReviewStatus_To_v1beta1_TokenReviewStatus(&in.Status, &out.Status, s); err != nil {
return err
}
return nil
}
func Convert_authenticationk8sio_TokenReview_To_v1beta1_TokenReview(in *authentication_k8s_io.TokenReview, out *TokenReview, s conversion.Scope) error {
return autoConvert_authenticationk8sio_TokenReview_To_v1beta1_TokenReview(in, out, s)
}
func autoConvert_v1beta1_TokenReviewSpec_To_authenticationk8sio_TokenReviewSpec(in *TokenReviewSpec, out *authentication_k8s_io.TokenReviewSpec, s conversion.Scope) error {
out.Token = in.Token
return nil
}
func Convert_v1beta1_TokenReviewSpec_To_authenticationk8sio_TokenReviewSpec(in *TokenReviewSpec, out *authentication_k8s_io.TokenReviewSpec, s conversion.Scope) error {
return autoConvert_v1beta1_TokenReviewSpec_To_authenticationk8sio_TokenReviewSpec(in, out, s)
}
func autoConvert_authenticationk8sio_TokenReviewSpec_To_v1beta1_TokenReviewSpec(in *authentication_k8s_io.TokenReviewSpec, out *TokenReviewSpec, s conversion.Scope) error {
out.Token = in.Token
return nil
}
func Convert_authenticationk8sio_TokenReviewSpec_To_v1beta1_TokenReviewSpec(in *authentication_k8s_io.TokenReviewSpec, out *TokenReviewSpec, s conversion.Scope) error {
return autoConvert_authenticationk8sio_TokenReviewSpec_To_v1beta1_TokenReviewSpec(in, out, s)
}
func autoConvert_v1beta1_TokenReviewStatus_To_authenticationk8sio_TokenReviewStatus(in *TokenReviewStatus, out *authentication_k8s_io.TokenReviewStatus, s conversion.Scope) error {
out.Authenticated = in.Authenticated
if err := Convert_v1beta1_UserInfo_To_authenticationk8sio_UserInfo(&in.User, &out.User, s); err != nil {
return err
}
return nil
}
func Convert_v1beta1_TokenReviewStatus_To_authenticationk8sio_TokenReviewStatus(in *TokenReviewStatus, out *authentication_k8s_io.TokenReviewStatus, s conversion.Scope) error {
return autoConvert_v1beta1_TokenReviewStatus_To_authenticationk8sio_TokenReviewStatus(in, out, s)
}
func autoConvert_authenticationk8sio_TokenReviewStatus_To_v1beta1_TokenReviewStatus(in *authentication_k8s_io.TokenReviewStatus, out *TokenReviewStatus, s conversion.Scope) error {
out.Authenticated = in.Authenticated
if err := Convert_authenticationk8sio_UserInfo_To_v1beta1_UserInfo(&in.User, &out.User, s); err != nil {
return err
}
return nil
}
func Convert_authenticationk8sio_TokenReviewStatus_To_v1beta1_TokenReviewStatus(in *authentication_k8s_io.TokenReviewStatus, out *TokenReviewStatus, s conversion.Scope) error {
return autoConvert_authenticationk8sio_TokenReviewStatus_To_v1beta1_TokenReviewStatus(in, out, s)
}
func autoConvert_v1beta1_UserInfo_To_authenticationk8sio_UserInfo(in *UserInfo, out *authentication_k8s_io.UserInfo, s conversion.Scope) error {
out.Username = in.Username
out.UID = in.UID
out.Groups = in.Groups
out.Extra = in.Extra
return nil
}
func Convert_v1beta1_UserInfo_To_authenticationk8sio_UserInfo(in *UserInfo, out *authentication_k8s_io.UserInfo, s conversion.Scope) error {
return autoConvert_v1beta1_UserInfo_To_authenticationk8sio_UserInfo(in, out, s)
}
func autoConvert_authenticationk8sio_UserInfo_To_v1beta1_UserInfo(in *authentication_k8s_io.UserInfo, out *UserInfo, s conversion.Scope) error {
out.Username = in.Username
out.UID = in.UID
out.Groups = in.Groups
out.Extra = in.Extra
return nil
}
func Convert_authenticationk8sio_UserInfo_To_v1beta1_UserInfo(in *authentication_k8s_io.UserInfo, out *UserInfo, s conversion.Scope) error {
return autoConvert_authenticationk8sio_UserInfo_To_v1beta1_UserInfo(in, out, s)
}

9
pkg/apis/authentication/v1beta1/zz_generated.deepcopy.go → pkg/apis/authentication.k8s.io/v1beta1/zz_generated.deepcopy.go
View File

@ -22,7 +22,6 @@ package v1beta1
import (
api "k8s.io/kubernetes/pkg/api"
v1 "k8s.io/kubernetes/pkg/api/v1"
conversion "k8s.io/kubernetes/pkg/conversion"
reflect "reflect"
)
@ -44,9 +43,6 @@ func DeepCopy_v1beta1_TokenReview(in interface{}, out interface{}, c *conversion
in := in.(*TokenReview)
out := out.(*TokenReview)
out.TypeMeta = in.TypeMeta
if err := v1.DeepCopy_v1_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, c); err != nil {
return err
}
out.Spec = in.Spec
if err := DeepCopy_v1beta1_TokenReviewStatus(&in.Status, &out.Status, c); err != nil {
return err
@ -72,7 +68,6 @@ func DeepCopy_v1beta1_TokenReviewStatus(in interface{}, out interface{}, c *conv
if err := DeepCopy_v1beta1_UserInfo(&in.User, &out.User, c); err != nil {
return err
}
out.Error = in.Error
return nil
}
}
@ -92,12 +87,12 @@ func DeepCopy_v1beta1_UserInfo(in interface{}, out interface{}, c *conversion.Cl
}
if in.Extra != nil {
in, out := &in.Extra, &out.Extra
*out = make(map[string]ExtraValue)
*out = make(map[string][]string)
for key, val := range *in {
if newVal, err := c.DeepCopy(&val); err != nil {
return err
} else {
(*out)[key] = *newVal.(*ExtraValue)
(*out)[key] = *newVal.(*[]string)
}
}
} else {

28
pkg/apis/authentication/zz_generated.deepcopy.go → pkg/apis/authentication.k8s.io/zz_generated.deepcopy.go
View File

@ -28,33 +28,30 @@ import (
func init() {
if err := api.Scheme.AddGeneratedDeepCopyFuncs(
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authentication_TokenReview, InType: reflect.TypeOf(func() *TokenReview { var x *TokenReview; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authentication_TokenReviewSpec, InType: reflect.TypeOf(func() *TokenReviewSpec { var x *TokenReviewSpec; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authentication_TokenReviewStatus, InType: reflect.TypeOf(func() *TokenReviewStatus { var x *TokenReviewStatus; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authentication_UserInfo, InType: reflect.TypeOf(func() *UserInfo { var x *UserInfo; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authenticationk8sio_TokenReview, InType: reflect.TypeOf(func() *TokenReview { var x *TokenReview; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authenticationk8sio_TokenReviewSpec, InType: reflect.TypeOf(func() *TokenReviewSpec { var x *TokenReviewSpec; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authenticationk8sio_TokenReviewStatus, InType: reflect.TypeOf(func() *TokenReviewStatus { var x *TokenReviewStatus; return x }())},
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_authenticationk8sio_UserInfo, InType: reflect.TypeOf(func() *UserInfo { var x *UserInfo; return x }())},
); err != nil {
// if one of the deep copy functions is malformed, detect it immediately.
panic(err)
}
}
func DeepCopy_authentication_TokenReview(in interface{}, out interface{}, c *conversion.Cloner) error {
func DeepCopy_authenticationk8sio_TokenReview(in interface{}, out interface{}, c *conversion.Cloner) error {
{
in := in.(*TokenReview)
out := out.(*TokenReview)
out.TypeMeta = in.TypeMeta
if err := api.DeepCopy_api_ObjectMeta(&in.ObjectMeta, &out.ObjectMeta, c); err != nil {
return err
}
out.Spec = in.Spec
if err := DeepCopy_authentication_TokenReviewStatus(&in.Status, &out.Status, c); err != nil {
if err := DeepCopy_authenticationk8sio_TokenReviewStatus(&in.Status, &out.Status, c); err != nil {
return err
}
return nil
}
}
func DeepCopy_authentication_TokenReviewSpec(in interface{}, out interface{}, c *conversion.Cloner) error {
func DeepCopy_authenticationk8sio_TokenReviewSpec(in interface{}, out interface{}, c *conversion.Cloner) error {
{
in := in.(*TokenReviewSpec)
out := out.(*TokenReviewSpec)
@ -63,20 +60,19 @@ func DeepCopy_authentication_TokenReviewSpec(in interface{}, out interface{}, c
}
}
func DeepCopy_authentication_TokenReviewStatus(in interface{}, out interface{}, c *conversion.Cloner) error {
func DeepCopy_authenticationk8sio_TokenReviewStatus(in interface{}, out interface{}, c *conversion.Cloner) error {
{
in := in.(*TokenReviewStatus)
out := out.(*TokenReviewStatus)
out.Authenticated = in.Authenticated
if err := DeepCopy_authentication_UserInfo(&in.User, &out.User, c); err != nil {
if err := DeepCopy_authenticationk8sio_UserInfo(&in.User, &out.User, c); err != nil {
return err
}
out.Error = in.Error
return nil
}
}
func DeepCopy_authentication_UserInfo(in interface{}, out interface{}, c *conversion.Cloner) error {
func DeepCopy_authenticationk8sio_UserInfo(in interface{}, out interface{}, c *conversion.Cloner) error {
{
in := in.(*UserInfo)
out := out.(*UserInfo)
@ -91,12 +87,12 @@ func DeepCopy_authentication_UserInfo(in interface{}, out interface{}, c *conver
}
if in.Extra != nil {
in, out := &in.Extra, &out.Extra
*out = make(map[string]ExtraValue)
*out = make(map[string][]string)
for key, val := range *in {
if newVal, err := c.DeepCopy(&val); err != nil {
return err
} else {
(*out)[key] = *newVal.(*ExtraValue)
(*out)[key] = *newVal.(*[]string)
}
}
} else {

2352
pkg/apis/authentication/types.generated.go
View File

File diff suppressed because it is too large Load Diff

1227
pkg/apis/authentication/v1beta1/generated.pb.go
View File

File diff suppressed because it is too large Load Diff

90
pkg/apis/authentication/v1beta1/generated.proto
View File

@ -1,90 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
syntax = 'proto2';
package k8s.io.kubernetes.pkg.apis.authentication.v1beta1;
import "k8s.io/kubernetes/pkg/api/resource/generated.proto";
import "k8s.io/kubernetes/pkg/api/unversioned/generated.proto";
import "k8s.io/kubernetes/pkg/api/v1/generated.proto";
import "k8s.io/kubernetes/pkg/runtime/generated.proto";
import "k8s.io/kubernetes/pkg/util/intstr/generated.proto";
// Package-wide variables from generator "generated".
option go_package = "v1beta1";
// ExtraValue masks the value so protobuf can generate
// +protobuf.nullable=true
// +protobuf.options.(gogoproto.goproto_stringer)=false
message ExtraValue {
// items, if empty, will result in an empty slice
repeated string items = 1;
}
// TokenReview attempts to authenticate a token to a known user.
// Note: TokenReview requests may be cached by the webhook token authenticator
// plugin in the kube-apiserver.
message TokenReview {
optional k8s.io.kubernetes.pkg.api.v1.ObjectMeta metadata = 1;
// Spec holds information about the request being evaluated
optional TokenReviewSpec spec = 2;
// Status is filled in by the server and indicates whether the request can be authenticated.
optional TokenReviewStatus status = 3;
}
// TokenReviewSpec is a description of the token authentication request.
message TokenReviewSpec {
// Token is the opaque bearer token.
optional string token = 1;
}
// TokenReviewStatus is the result of the token authentication request.
message TokenReviewStatus {
// Authenticated indicates that the token was associated with a known user.
optional bool authenticated = 1;
// User is the UserInfo associated with the provided token.
optional UserInfo user = 2;
// Error indicates that the token couldn't be checked
optional string error = 3;
}
// UserInfo holds the information about the user needed to implement the
// user.Info interface.
message UserInfo {
// The name that uniquely identifies this user among all active users.
optional string username = 1;
// A unique value that identifies this user across time. If this user is
// deleted and another user by the same name is added, they will have
// different UIDs.
optional string uid = 2;
// The names of groups this user is a part of.
repeated string groups = 3;
// Any additional information provided by the authenticator.
map<string, ExtraValue> extra = 4;
}

72
pkg/apis/authentication/v1beta1/types_swagger_doc_generated.go
View File

@ -1,72 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1beta1
// This file contains a collection of methods that can be used from go-restful to
// generate Swagger API documentation for its models. Please read this PR for more
// information on the implementation: https://github.com/emicklei/go-restful/pull/215
//
// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if
// they are on one line! For multiple line or blocks that you want to ignore use ---.
// Any context after a --- is ignored.
//
// Those methods can be generated by using hack/update-generated-swagger-docs.sh
// AUTO-GENERATED FUNCTIONS START HERE
var map_TokenReview = map[string]string{
"": "TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.",
"spec": "Spec holds information about the request being evaluated",
"status": "Status is filled in by the server and indicates whether the request can be authenticated.",
}
func (TokenReview) SwaggerDoc() map[string]string {
return map_TokenReview
}
var map_TokenReviewSpec = map[string]string{
"": "TokenReviewSpec is a description of the token authentication request.",
"token": "Token is the opaque bearer token.",
}
func (TokenReviewSpec) SwaggerDoc() map[string]string {
return map_TokenReviewSpec
}
var map_TokenReviewStatus = map[string]string{
"": "TokenReviewStatus is the result of the token authentication request.",
"authenticated": "Authenticated indicates that the token was associated with a known user.",
"user": "User is the UserInfo associated with the provided token.",
"error": "Error indicates that the token couldn't be checked",
}
func (TokenReviewStatus) SwaggerDoc() map[string]string {
return map_TokenReviewStatus
}
var map_UserInfo = map[string]string{
"": "UserInfo holds the information about the user needed to implement the user.Info interface.",
"username": "The name that uniquely identifies this user among all active users.",
"uid": "A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.",
"groups": "The names of groups this user is a part of.",
"extra": "Any additional information provided by the authenticator.",
}
func (UserInfo) SwaggerDoc() map[string]string {
return map_UserInfo
}
// AUTO-GENERATED FUNCTIONS END HERE

179
pkg/apis/authentication/v1beta1/zz_generated.conversion.go
View File

@ -1,179 +0,0 @@
// +build !ignore_autogenerated
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This file was autogenerated by conversion-gen. Do not edit it manually!
package v1beta1
import (
api "k8s.io/kubernetes/pkg/api"
authentication "k8s.io/kubernetes/pkg/apis/authentication"
conversion "k8s.io/kubernetes/pkg/conversion"
)
func init() {
if err := api.Scheme.AddGeneratedConversionFuncs(
Convert_v1beta1_TokenReview_To_authentication_TokenReview,
Convert_authentication_TokenReview_To_v1beta1_TokenReview,
Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec,
Convert_authentication_TokenReviewSpec_To_v1beta1_TokenReviewSpec,
Convert_v1beta1_TokenReviewStatus_To_authentication_TokenReviewStatus,
Convert_authentication_TokenReviewStatus_To_v1beta1_TokenReviewStatus,
Convert_v1beta1_UserInfo_To_authentication_UserInfo,
Convert_authentication_UserInfo_To_v1beta1_UserInfo,
); err != nil {
// if one of the conversion functions is malformed, detect it immediately.
panic(err)
}
}
func autoConvert_v1beta1_TokenReview_To_authentication_TokenReview(in *TokenReview, out *authentication.TokenReview, s conversion.Scope) error {
if err := api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
return err
}
// TODO: Inefficient conversion - can we improve it?
if err := s.Convert(&in.ObjectMeta, &out.ObjectMeta, 0); err != nil {
return err
}
if err := Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {
return err
}
if err := Convert_v1beta1_TokenReviewStatus_To_authentication_TokenReviewStatus(&in.Status, &out.Status, s); err != nil {
return err
}
return nil
}
func Convert_v1beta1_TokenReview_To_authentication_TokenReview(in *TokenReview, out *authentication.TokenReview, s conversion.Scope) error {
return autoConvert_v1beta1_TokenReview_To_authentication_TokenReview(in, out, s)
}
func autoConvert_authentication_TokenReview_To_v1beta1_TokenReview(in *authentication.TokenReview, out *TokenReview, s conversion.Scope) error {
if err := api.Convert_unversioned_TypeMeta_To_unversioned_TypeMeta(&in.TypeMeta, &out.TypeMeta, s); err != nil {
return err
}
// TODO: Inefficient conversion - can we improve it?
if err := s.Convert(&in.ObjectMeta, &out.ObjectMeta, 0); err != nil {
return err
}
if err := Convert_authentication_TokenReviewSpec_To_v1beta1_TokenReviewSpec(&in.Spec, &out.Spec, s); err != nil {
return err
}
if err := Convert_authentication_TokenReviewStatus_To_v1beta1_TokenReviewStatus(&in.Status, &out.Status, s); err != nil {
return err
}
return nil
}
func Convert_authentication_TokenReview_To_v1beta1_TokenReview(in *authentication.TokenReview, out *TokenReview, s conversion.Scope) error {
return autoConvert_authentication_TokenReview_To_v1beta1_TokenReview(in, out, s)
}
func autoConvert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec(in *TokenReviewSpec, out *authentication.TokenReviewSpec, s conversion.Scope) error {
out.Token = in.Token
return nil
}
func Convert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec(in *TokenReviewSpec, out *authentication.TokenReviewSpec, s conversion.Scope) error {
return autoConvert_v1beta1_TokenReviewSpec_To_authentication_TokenReviewSpec(in, out, s)
}
func autoConvert_authentication_TokenReviewSpec_To_v1beta1_TokenReviewSpec(in *authentication.TokenReviewSpec, out *TokenReviewSpec, s conversion.Scope) error {
out.Token = in.Token
return nil
}
func Convert_authentication_TokenReviewSpec_To_v1beta1_TokenReviewSpec(in *authentication.TokenReviewSpec, out *TokenReviewSpec, s conversion.Scope) error {
return autoConvert_authentication_TokenReviewSpec_To_v1beta1_TokenReviewSpec(in, out, s)
}
func autoConvert_v1beta1_TokenReviewStatus_To_authentication_TokenReviewStatus(in *TokenReviewStatus, out *authentication.TokenReviewStatus, s conversion.Scope) error {
out.Authenticated = in.Authenticated
if err := Convert_v1beta1_UserInfo_To_authentication_UserInfo(&in.User, &out.User, s); err != nil {
return err
}
out.Error = in.Error
return nil
}
func Convert_v1beta1_TokenReviewStatus_To_authentication_TokenReviewStatus(in *TokenReviewStatus, out *authentication.TokenReviewStatus, s conversion.Scope) error {
return autoConvert_v1beta1_TokenReviewStatus_To_authentication_TokenReviewStatus(in, out, s)
}
func autoConvert_authentication_TokenReviewStatus_To_v1beta1_TokenReviewStatus(in *authentication.TokenReviewStatus, out *TokenReviewStatus, s conversion.Scope) error {
out.Authenticated = in.Authenticated
if err := Convert_authentication_UserInfo_To_v1beta1_UserInfo(&in.User, &out.User, s); err != nil {
return err
}
out.Error = in.Error
return nil
}
func Convert_authentication_TokenReviewStatus_To_v1beta1_TokenReviewStatus(in *authentication.TokenReviewStatus, out *TokenReviewStatus, s conversion.Scope) error {
return autoConvert_authentication_TokenReviewStatus_To_v1beta1_TokenReviewStatus(in, out, s)
}
func autoConvert_v1beta1_UserInfo_To_authentication_UserInfo(in *UserInfo, out *authentication.UserInfo, s conversion.Scope) error {
out.Username = in.Username
out.UID = in.UID
out.Groups = in.Groups
if in.Extra != nil {
in, out := &in.Extra, &out.Extra
*out = make(map[string]authentication.ExtraValue, len(*in))
for key, val := range *in {
newVal := new(authentication.ExtraValue)
// TODO: Inefficient conversion - can we improve it?
if err := s.Convert(&val, newVal, 0); err != nil {
return err
}
(*out)[key] = *newVal
}
} else {
out.Extra = nil
}
return nil
}
func Convert_v1beta1_UserInfo_To_authentication_UserInfo(in *UserInfo, out *authentication.UserInfo, s conversion.Scope) error {
return autoConvert_v1beta1_UserInfo_To_authentication_UserInfo(in, out, s)
}
func autoConvert_authentication_UserInfo_To_v1beta1_UserInfo(in *authentication.UserInfo, out *UserInfo, s conversion.Scope) error {
out.Username = in.Username
out.UID = in.UID
out.Groups = in.Groups
if in.Extra != nil {
in, out := &in.Extra, &out.Extra
*out = make(map[string]ExtraValue, len(*in))
for key, val := range *in {
newVal := new(ExtraValue)
// TODO: Inefficient conversion - can we improve it?
if err := s.Convert(&val, newVal, 0); err != nil {
return err
}
(*out)[key] = *newVal
}
} else {
out.Extra = nil
}
return nil
}
func Convert_authentication_UserInfo_To_v1beta1_UserInfo(in *authentication.UserInfo, out *UserInfo, s conversion.Scope) error {
return autoConvert_authentication_UserInfo_To_v1beta1_UserInfo(in, out, s)
}

17
pkg/client/clientset_generated/internalclientset/clientset.go
View File

@ -18,7 +18,6 @@ package internalclientset
import (
"github.com/golang/glog"
unversionedauthentication "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned"
unversionedautoscaling "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/unversioned"
unversionedbatch "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/unversioned"
unversionedcertificates "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/unversioned"
@ -35,7 +34,6 @@ type Interface interface {
Core() unversionedcore.CoreInterface
Extensions() unversionedextensions.ExtensionsInterface
Autoscaling() unversionedautoscaling.AutoscalingInterface
Authentication() unversionedauthentication.AuthenticationInterface
Batch() unversionedbatch.BatchInterface
Rbac() unversionedrbac.RbacInterface
Certificates() unversionedcertificates.CertificatesInterface
@ -48,7 +46,6 @@ type Clientset struct {
*unversionedcore.CoreClient
*unversionedextensions.ExtensionsClient
*unversionedautoscaling.AutoscalingClient
*unversionedauthentication.AuthenticationClient
*unversionedbatch.BatchClient
*unversionedrbac.RbacClient
*unversionedcertificates.CertificatesClient
@ -78,14 +75,6 @@ func (c *Clientset) Autoscaling() unversionedautoscaling.AutoscalingInterface {
return c.AutoscalingClient
}
// Authentication retrieves the AuthenticationClient
func (c *Clientset) Authentication() unversionedauthentication.AuthenticationInterface {
if c == nil {
return nil
}
return c.AuthenticationClient
}
// Batch retrieves the BatchClient
func (c *Clientset) Batch() unversionedbatch.BatchInterface {
if c == nil {
@ -135,10 +124,6 @@ func NewForConfig(c *restclient.Config) (*Clientset, error) {
if err != nil {
return nil, err
}
clientset.AuthenticationClient, err = unversionedauthentication.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
clientset.BatchClient, err = unversionedbatch.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
@ -167,7 +152,6 @@ func NewForConfigOrDie(c *restclient.Config) *Clientset {
clientset.CoreClient = unversionedcore.NewForConfigOrDie(c)
clientset.ExtensionsClient = unversionedextensions.NewForConfigOrDie(c)
clientset.AutoscalingClient = unversionedautoscaling.NewForConfigOrDie(c)
clientset.AuthenticationClient = unversionedauthentication.NewForConfigOrDie(c)
clientset.BatchClient = unversionedbatch.NewForConfigOrDie(c)
clientset.RbacClient = unversionedrbac.NewForConfigOrDie(c)
clientset.CertificatesClient = unversionedcertificates.NewForConfigOrDie(c)
@ -182,7 +166,6 @@ func New(c *restclient.RESTClient) *Clientset {
clientset.CoreClient = unversionedcore.New(c)
clientset.ExtensionsClient = unversionedextensions.New(c)
clientset.AutoscalingClient = unversionedautoscaling.New(c)
clientset.AuthenticationClient = unversionedauthentication.New(c)
clientset.BatchClient = unversionedbatch.New(c)
clientset.RbacClient = unversionedrbac.New(c)
clientset.CertificatesClient = unversionedcertificates.New(c)

7
pkg/client/clientset_generated/internalclientset/fake/clientset_generated.go
View File

@ -20,8 +20,6 @@ import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/apimachinery/registered"
clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
unversionedauthentication "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned"
fakeunversionedauthentication "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/fake"
unversionedautoscaling "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/unversioned"
fakeunversionedautoscaling "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/unversioned/fake"
unversionedbatch "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/unversioned"
@ -89,11 +87,6 @@ func (c *Clientset) Autoscaling() unversionedautoscaling.AutoscalingInterface {
return &fakeunversionedautoscaling.FakeAutoscaling{Fake: &c.Fake}
}
// Authentication retrieves the AuthenticationClient
func (c *Clientset) Authentication() unversionedauthentication.AuthenticationInterface {
return &fakeunversionedauthentication.FakeAuthentication{Fake: &c.Fake}
}
// Batch retrieves the BatchClient
func (c *Clientset) Batch() unversionedbatch.BatchInterface {
return &fakeunversionedbatch.FakeBatch{Fake: &c.Fake}

1
pkg/client/clientset_generated/internalclientset/import_known_versions.go
View File

@ -23,7 +23,6 @@ import (
_ "k8s.io/kubernetes/pkg/api/install"
"k8s.io/kubernetes/pkg/apimachinery/registered"
_ "k8s.io/kubernetes/pkg/apis/apps/install"
_ "k8s.io/kubernetes/pkg/apis/authentication/install"
_ "k8s.io/kubernetes/pkg/apis/authorization/install"
_ "k8s.io/kubernetes/pkg/apis/autoscaling/install"
_ "k8s.io/kubernetes/pkg/apis/batch/install"

101
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/authentication_client.go
View File

@ -1,101 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package unversioned
import (
api "k8s.io/kubernetes/pkg/api"
registered "k8s.io/kubernetes/pkg/apimachinery/registered"
restclient "k8s.io/kubernetes/pkg/client/restclient"
)
type AuthenticationInterface interface {
GetRESTClient() *restclient.RESTClient
TokenReviewsGetter
}
// AuthenticationClient is used to interact with features provided by the Authentication group.
type AuthenticationClient struct {
*restclient.RESTClient
}
func (c *AuthenticationClient) TokenReviews() TokenReviewInterface {
return newTokenReviews(c)
}
// NewForConfig creates a new AuthenticationClient for the given config.
func NewForConfig(c *restclient.Config) (*AuthenticationClient, error) {
config := *c
if err := setConfigDefaults(&config); err != nil {
return nil, err
}
client, err := restclient.RESTClientFor(&config)
if err != nil {
return nil, err
}
return &AuthenticationClient{client}, nil
}
// NewForConfigOrDie creates a new AuthenticationClient for the given config and
// panics if there is an error in the config.
func NewForConfigOrDie(c *restclient.Config) *AuthenticationClient {
client, err := NewForConfig(c)
if err != nil {
panic(err)
}
return client
}
// New creates a new AuthenticationClient for the given RESTClient.
func New(c *restclient.RESTClient) *AuthenticationClient {
return &AuthenticationClient{c}
}
func setConfigDefaults(config *restclient.Config) error {
// if authentication group is not registered, return an error
g, err := registered.Group("authentication.k8s.io")
if err != nil {
return err
}
config.APIPath = "/apis"
if config.UserAgent == "" {
config.UserAgent = restclient.DefaultKubernetesUserAgent()
}
// TODO: Unconditionally set the config.Version, until we fix the config.
//if config.Version == "" {
copyGroupVersion := g.GroupVersion
config.GroupVersion = &copyGroupVersion
//}
config.NegotiatedSerializer = api.Codecs
if config.QPS == 0 {
config.QPS = 5
}
if config.Burst == 0 {
config.Burst = 10
}
return nil
}
// GetRESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *AuthenticationClient) GetRESTClient() *restclient.RESTClient {
if c == nil {
return nil
}
return c.RESTClient
}

20
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/doc.go
View File

@ -1,20 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This package is generated by client-gen with the default arguments.
// This package has the automatically generated typed clients.
package unversioned

20
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/fake/doc.go
View File

@ -1,20 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// This package is generated by client-gen with the default arguments.
// Package fake has the automatically generated clients.
package fake

37
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/fake/fake_authentication_client.go
View File

@ -1,37 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package fake
import (
unversioned "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned"
restclient "k8s.io/kubernetes/pkg/client/restclient"
core "k8s.io/kubernetes/pkg/client/testing/core"
)
type FakeAuthentication struct {
*core.Fake
}
func (c *FakeAuthentication) TokenReviews() unversioned.TokenReviewInterface {
return &FakeTokenReviews{c}
}
// GetRESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *FakeAuthentication) GetRESTClient() *restclient.RESTClient {
return nil
}

28
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/fake/fake_generated_expansion.go
View File

@ -1,28 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package fake
import (
authenticationapi "k8s.io/kubernetes/pkg/apis/authentication"
"k8s.io/kubernetes/pkg/client/testing/core"
)
func (c *FakeTokenReviews) Create(tokenReview *authenticationapi.TokenReview) (result *authenticationapi.TokenReview, err error) {
obj, err := c.Fake.Invokes(core.NewRootCreateAction(authenticationapi.SchemeGroupVersion.WithResource("tokenreviews"), tokenReview), &authenticationapi.TokenReview{})
return obj.(*authenticationapi.TokenReview), err
}

22
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/fake/fake_tokenreview.go
View File

@ -1,22 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package fake
// FakeTokenReviews implements TokenReviewInterface
type FakeTokenReviews struct {
Fake *FakeAuthentication
}

35
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/generated_expansion.go
View File

@ -1,35 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package unversioned
import (
authenticationapi "k8s.io/kubernetes/pkg/apis/authentication"
)
type TokenReviewExpansion interface {
Create(tokenReview *authenticationapi.TokenReview) (result *authenticationapi.TokenReview, err error)
}
func (c *tokenReviews) Create(tokenReview *authenticationapi.TokenReview) (result *authenticationapi.TokenReview, err error) {
result = &authenticationapi.TokenReview{}
err = c.client.Post().
Resource("tokenreviews").
Body(tokenReview).
Do().
Into(result)
return
}

40
pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned/tokenreview.go
View File

@ -1,40 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package unversioned
// TokenReviewsGetter has a method to return a TokenReviewInterface.
// A group's client should implement this interface.
type TokenReviewsGetter interface {
TokenReviews() TokenReviewInterface
}
// TokenReviewInterface has methods to work with TokenReview resources.
type TokenReviewInterface interface {
TokenReviewExpansion
}
// tokenReviews implements TokenReviewInterface
type tokenReviews struct {
client *AuthenticationClient
}
// newTokenReviews returns a TokenReviews
func newTokenReviews(c *AuthenticationClient) *tokenReviews {
return &tokenReviews{
client: c,
}
}

6
pkg/client/unversioned/adapters/internalclientset/clientset_adaption.go
View File

@ -18,7 +18,6 @@ package internalclientset
import (
"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
unversionedauthentication "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/authentication/unversioned"
unversionedautoscaling "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/autoscaling/unversioned"
unversionedbatch "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/batch/unversioned"
unversionedcore "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/unversioned"
@ -52,11 +51,6 @@ func FromUnversionedClient(c *unversioned.Client) *internalclientset.Clientset {
} else {
clientset.AutoscalingClient = unversionedautoscaling.New(nil)
}
if c != nil && c.AuthenticationClient != nil {
clientset.AuthenticationClient = unversionedauthentication.New(c.AuthenticationClient.RESTClient)
} else {
clientset.AuthenticationClient = unversionedauthentication.New(nil)
}
if c != nil && c.DiscoveryClient != nil {
clientset.DiscoveryClient = discovery.NewDiscoveryClient(c.DiscoveryClient.RESTClient)
} else {

77
pkg/client/unversioned/authentication.go
View File

@ -1,77 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package unversioned
import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/apimachinery/registered"
"k8s.io/kubernetes/pkg/apis/authentication"
"k8s.io/kubernetes/pkg/client/restclient"
)
type AuthenticationInterface interface {
TokenReviewsInterface
}
// AuthenticationClient is used to interact with Kubernetes authentication features.
type AuthenticationClient struct {
*restclient.RESTClient
}
func (c *AuthenticationClient) TokenReviews() TokenReviewInterface {
return newTokenReviews(c)
}
func NewAuthentication(c *restclient.Config) (*AuthenticationClient, error) {
config := *c
if err := setAuthenticationDefaults(&config); err != nil {
return nil, err
}
client, err := restclient.RESTClientFor(&config)
if err != nil {
return nil, err
}
return &AuthenticationClient{client}, nil
}
func NewAuthenticationOrDie(c *restclient.Config) *AuthenticationClient {
client, err := NewAuthentication(c)
if err != nil {
panic(err)
}
return client
}
func setAuthenticationDefaults(config *restclient.Config) error {
// if authentication group is not registered, return an error
g, err := registered.Group(authentication.GroupName)
if err != nil {
return err
}
config.APIPath = defaultAPIPath
if config.UserAgent == "" {
config.UserAgent = restclient.DefaultKubernetesUserAgent()
}
// TODO: Unconditionally set the config.Version, until we fix the config.
//if config.Version == "" {
copyGroupVersion := g.GroupVersion
config.GroupVersion = &copyGroupVersion
//}
config.NegotiatedSerializer = api.Codecs
return nil
}

6
pkg/client/unversioned/client.go
View File

@ -45,7 +45,6 @@ type Interface interface {
ComponentStatusesInterface
ConfigMapsNamespacer
Autoscaling() AutoscalingInterface
Authentication() AuthenticationInterface
Batch() BatchInterface
Extensions() ExtensionsInterface
Rbac() RbacInterface
@ -120,7 +119,6 @@ func (c *Client) ConfigMaps(namespace string) ConfigMapsInterface {
type Client struct {
*restclient.RESTClient
*AutoscalingClient
*AuthenticationClient
*BatchClient
*ExtensionsClient
*AppsClient
@ -156,10 +154,6 @@ func (c *Client) Autoscaling() AutoscalingInterface {
return c.AutoscalingClient
}
func (c *Client) Authentication() AuthenticationInterface {
return c.AuthenticationClient
}
func (c *Client) Batch() BatchInterface {
return c.BatchClient
}

23
pkg/client/unversioned/helper.go
View File

@ -23,7 +23,6 @@ import (
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/apimachinery/registered"
"k8s.io/kubernetes/pkg/apis/apps"
"k8s.io/kubernetes/pkg/apis/authentication"
"k8s.io/kubernetes/pkg/apis/autoscaling"
"k8s.io/kubernetes/pkg/apis/batch"
"k8s.io/kubernetes/pkg/apis/certificates"
@ -72,15 +71,6 @@ func New(c *restclient.Config) (*Client, error) {
}
}
var authenticationClient *AuthenticationClient
if registered.IsRegistered(authentication.GroupName) {
authenticationConfig := *c
authenticationClient, err = NewAuthentication(&authenticationConfig)
if err != nil {
return nil, err
}
}
var batchClient *BatchClient
if registered.IsRegistered(batch.GroupName) {
batchConfig := *c
@ -133,18 +123,7 @@ func New(c *restclient.Config) (*Client, error) {
}
}
return &Client{
RESTClient: client,
AppsClient: appsClient,
AuthenticationClient: authenticationClient,
AutoscalingClient: autoscalingClient,
BatchClient: batchClient,
CertificatesClient: certsClient,
DiscoveryClient: discoveryClient,
ExtensionsClient: extensionsClient,
PolicyClient: policyClient,
RbacClient: rbacClient,
}, nil
return &Client{RESTClient: client, AutoscalingClient: autoscalingClient, BatchClient: batchClient, CertificatesClient: certsClient, ExtensionsClient: extensionsClient, DiscoveryClient: discoveryClient, AppsClient: appsClient, PolicyClient: policyClient, RbacClient: rbacClient}, nil
}
// MatchesServerVersion queries the server to compares the build version

2
pkg/client/unversioned/import_known_versions.go
View File

@ -23,7 +23,7 @@ import (
_ "k8s.io/kubernetes/pkg/api/install"
"k8s.io/kubernetes/pkg/apimachinery/registered"
_ "k8s.io/kubernetes/pkg/apis/apps/install"
_ "k8s.io/kubernetes/pkg/apis/authentication/install"
_ "k8s.io/kubernetes/pkg/apis/authentication.k8s.io/install"
_ "k8s.io/kubernetes/pkg/apis/authorization/install"
_ "k8s.io/kubernetes/pkg/apis/autoscaling/install"
_ "k8s.io/kubernetes/pkg/apis/batch/install"

35
pkg/client/unversioned/testclient/fake_tokenreviews.go
View File

@ -1,35 +0,0 @@
/*
Copyright 2015 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package testclient
import (
"k8s.io/kubernetes/pkg/apis/authentication"
)
// FakeTokenReviews implements ClusterRoleInterface
type FakeTokenReviews struct {
Fake *FakeAuthentication
}
func (c *FakeTokenReviews) Create(review *authentication.TokenReview) (*authentication.TokenReview, error) {
obj, err := c.Fake.Invokes(NewRootCreateAction("tokenreviews", review), review)
if obj == nil {
return nil, err
}
return obj.(*authentication.TokenReview), err
}

16
pkg/client/unversioned/testclient/testclient.go
View File

@ -309,10 +309,6 @@ func (c *Fake) Rbac() client.RbacInterface {
return &FakeRbac{Fake: c}
}
func (c *Fake) Authentication() client.AuthenticationInterface {
return &FakeAuthentication{Fake: c}
}
// SwaggerSchema returns an empty swagger.ApiDeclaration for testing
func (c *Fake) SwaggerSchema(version unversioned.GroupVersion) (*swagger.ApiDeclaration, error) {
action := ActionImpl{}
@ -340,18 +336,6 @@ func (c *FakeAutoscaling) HorizontalPodAutoscalers(namespace string) client.Hori
return &FakeHorizontalPodAutoscalers{Fake: c, Namespace: namespace}
}
func NewSimpleFakeAuthentication(objects ...runtime.Object) *FakeAuthentication {
return &FakeAuthentication{Fake: NewSimpleFake(objects...)}
}
type FakeAuthentication struct {
*Fake
}
func (c *FakeAuthentication) TokenReviews() client.TokenReviewInterface {
return &FakeTokenReviews{Fake: c}
}
// NewSimpleFakeBatch returns a client that will respond with the provided objects
func NewSimpleFakeBatch(objects ...runtime.Object) *FakeBatch {
return &FakeBatch{Fake: NewSimpleFake(objects...)}

49
pkg/client/unversioned/tokenreviews.go
View File

@ -1,49 +0,0 @@
/*
Copyright 2016 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package unversioned
import (
"k8s.io/kubernetes/pkg/apis/authentication"
)
// TokenReviews has methods to work with TokenReview resources in a namespace
type TokenReviewsInterface interface {
TokenReviews() TokenReviewInterface
}
// TokenReviewInterface has methods to work with TokenReview resources.
type TokenReviewInterface interface {
Create(tokenReview *authentication.TokenReview) (*authentication.TokenReview, error)
}
// tokenReviews implements TokenReviewsNamespacer interface
type tokenReviews struct {
client *AuthenticationClient
}
// newTokenReviews returns a tokenReviews
func newTokenReviews(c *AuthenticationClient) *tokenReviews {
return &tokenReviews{
client: c,
}
}
func (c *tokenReviews) Create(obj *authentication.TokenReview) (result *authentication.TokenReview, err error) {
result = &authentication.TokenReview{}
err = c.client.Post().Resource("tokenreviews").Body(obj).Do().Into(result)
return
}

3
pkg/kubectl/cmd/util/factory.go
View File

@ -46,7 +46,6 @@ import (
"k8s.io/kubernetes/pkg/apimachinery"
"k8s.io/kubernetes/pkg/apimachinery/registered"
"k8s.io/kubernetes/pkg/apis/apps"
"k8s.io/kubernetes/pkg/apis/authentication"
"k8s.io/kubernetes/pkg/apis/autoscaling"
"k8s.io/kubernetes/pkg/apis/batch"
"k8s.io/kubernetes/pkg/apis/certificates"
@ -353,8 +352,6 @@ func NewFactory(optionalClientConfig clientcmd.ClientConfig) *Factory {
switch gvk.Group {
case api.GroupName:
return c.RESTClient, nil
case authentication.GroupName:
return c.AuthenticationClient.RESTClient, nil
case autoscaling.GroupName:
return c.AutoscalingClient.RESTClient, nil
case batch.GroupName:

1
pkg/master/import_known_versions.go
View File

@ -23,7 +23,6 @@ import (
_ "k8s.io/kubernetes/pkg/api/install"
"k8s.io/kubernetes/pkg/apimachinery/registered"
_ "k8s.io/kubernetes/pkg/apis/apps/install"
_ "k8s.io/kubernetes/pkg/apis/authentication/install"
_ "k8s.io/kubernetes/pkg/apis/authorization/install"
_ "k8s.io/kubernetes/pkg/apis/autoscaling/install"
_ "k8s.io/kubernetes/pkg/apis/batch/install"

47
pkg/master/master.go
View File

@ -35,7 +35,6 @@ import (
"k8s.io/kubernetes/pkg/apimachinery/registered"
"k8s.io/kubernetes/pkg/apis/apps"
appsapi "k8s.io/kubernetes/pkg/apis/apps/v1alpha1"
authenticationv1beta1 "k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
"k8s.io/kubernetes/pkg/apis/autoscaling"
autoscalingapiv1 "k8s.io/kubernetes/pkg/apis/autoscaling/v1"
"k8s.io/kubernetes/pkg/apis/batch"
@ -104,7 +103,6 @@ import (
thirdpartyresourceetcd "k8s.io/kubernetes/pkg/registry/thirdpartyresource/etcd"
"k8s.io/kubernetes/pkg/registry/thirdpartyresourcedata"
thirdpartyresourcedataetcd "k8s.io/kubernetes/pkg/registry/thirdpartyresourcedata/etcd"
"k8s.io/kubernetes/pkg/registry/tokenreview"
"k8s.io/kubernetes/pkg/runtime"
"k8s.io/kubernetes/pkg/storage"
etcdmetrics "k8s.io/kubernetes/pkg/storage/etcd/metrics"
@ -386,26 +384,6 @@ func (m *Master) InstallAPIs(c *Config) {
apiGroupsInfo = append(apiGroupsInfo, apiGroupInfo)
}
if c.APIResourceConfigSource.AnyResourcesForVersionEnabled(authenticationv1beta1.SchemeGroupVersion) {
resources := m.getAuthenticationResources(c)
groupMeta := registered.GroupOrDie(authenticationv1beta1.GroupName)
// Hard code preferred group version to authentication.k8s.io/v1beta1
groupMeta.GroupVersion = authenticationv1beta1.SchemeGroupVersion
apiGroupInfo := genericapiserver.APIGroupInfo{
GroupMeta: *groupMeta,
VersionedResourcesStorageMap: map[string]map[string]rest.Storage{
authenticationv1beta1.SchemeGroupVersion.Version: resources,
},
OptionsExternalVersion: &registered.GroupOrDie(api.GroupName).GroupVersion,
Scheme: api.Scheme,
ParameterCodec: api.ParameterCodec,
NegotiatedSerializer: api.Codecs,
}
apiGroupsInfo = append(apiGroupsInfo, apiGroupInfo)
}
if c.APIResourceConfigSource.AnyResourcesForVersionEnabled(certificatesapiv1alpha1.SchemeGroupVersion) {
certificateResources := m.getCertificateResources(c)
certificatesGroupMeta := registered.GroupOrDie(certificates.GroupName)
@ -984,19 +962,6 @@ func (m *Master) getAppsResources(c *Config) map[string]rest.Storage {
return storage
}
// getAuthenticationResources returns the resources for authentication api
func (m *Master) getAuthenticationResources(c *Config) map[string]rest.Storage {
// TODO update when we support more than one version of this group
version := authenticationv1beta1.SchemeGroupVersion
storage := map[string]rest.Storage{}
if c.APIResourceConfigSource.ResourceEnabled(version.WithResource("tokenreviews")) {
tokenReviewStorage := tokenreview.NewREST(c.Authenticator)
storage["tokenreviews"] = tokenReviewStorage
}
return storage
}
func (m *Master) getRBACResources(c *Config) map[string]rest.Storage {
version := rbacapi.SchemeGroupVersion
@ -1086,17 +1051,7 @@ func (m *Master) IsTunnelSyncHealthy(req *http.Request) error {
func DefaultAPIResourceConfigSource() *genericapiserver.ResourceConfig {
ret := genericapiserver.NewResourceConfig()
ret.EnableVersions(
apiv1.SchemeGroupVersion,
appsapi.SchemeGroupVersion,
authenticationv1beta1.SchemeGroupVersion,
autoscalingapiv1.SchemeGroupVersion,
batchapiv1.SchemeGroupVersion,
certificatesapiv1alpha1.SchemeGroupVersion,
extensionsapiv1beta1.SchemeGroupVersion,
policyapiv1alpha1.SchemeGroupVersion,
rbacapi.SchemeGroupVersion,
)
ret.EnableVersions(apiv1.SchemeGroupVersion, extensionsapiv1beta1.SchemeGroupVersion, batchapiv1.SchemeGroupVersion, autoscalingapiv1.SchemeGroupVersion, appsapi.SchemeGroupVersion, policyapiv1alpha1.SchemeGroupVersion, rbacapi.SchemeGroupVersion, certificatesapiv1alpha1.SchemeGroupVersion)
// all extensions resources except these are disabled by default
ret.EnableResources(

78
pkg/registry/tokenreview/storage.go
View File

@ -1,78 +0,0 @@
/*
Copyright 2015 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package tokenreview
import (
"fmt"
"net/http"
"k8s.io/kubernetes/pkg/api"
apierrors "k8s.io/kubernetes/pkg/api/errors"
"k8s.io/kubernetes/pkg/apis/authentication"
"k8s.io/kubernetes/pkg/auth/authenticator"
"k8s.io/kubernetes/pkg/runtime"
)
type REST struct {
tokenAuthenticator authenticator.Request
}
func NewREST(tokenAuthenticator authenticator.Request) *REST {
return &REST{tokenAuthenticator: tokenAuthenticator}
}
func (r *REST) New() runtime.Object {
return &authentication.TokenReview{}
}
func (r *REST) Create(ctx api.Context, obj runtime.Object) (runtime.Object, error) {
tokenReview, ok := obj.(*authentication.TokenReview)
if !ok {
return nil, apierrors.NewBadRequest(fmt.Sprintf("not a TokenReview: %#v", obj))
}
namespace := api.NamespaceValue(ctx)
if len(namespace) != 0 {
return nil, apierrors.NewBadRequest(fmt.Sprintf("namespace is not allowed on this type: %v", namespace))
}
if r.tokenAuthenticator == nil {
return tokenReview, nil
}
// create a header that contains nothing but the token
fakeReq := &http.Request{Header: http.Header{}}
fakeReq.Header.Add("Authorization", "Bearer "+tokenReview.Spec.Token)
tokenUser, ok, err := r.tokenAuthenticator.AuthenticateRequest(fakeReq)
tokenReview.Status.Authenticated = ok
if err != nil {
tokenReview.Status.Error = err.Error()
}
if tokenUser != nil {
tokenReview.Status.User = authentication.UserInfo{
Username: tokenUser.GetName(),
UID: tokenUser.GetUID(),
Groups: tokenUser.GetGroups(),
Extra: map[string]authentication.ExtraValue{},
}
for k, v := range tokenUser.GetExtra() {
tokenReview.Status.User.Extra[k] = authentication.ExtraValue(v)
}
}
return tokenReview, nil
}

4
plugin/pkg/auth/authenticator/token/webhook/webhook.go
View File

@ -22,14 +22,14 @@ import (
"time"
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
"k8s.io/kubernetes/pkg/apis/authentication.k8s.io/v1beta1"
"k8s.io/kubernetes/pkg/auth/authenticator"
"k8s.io/kubernetes/pkg/auth/user"
"k8s.io/kubernetes/pkg/client/restclient"
"k8s.io/kubernetes/pkg/util/cache"
"k8s.io/kubernetes/plugin/pkg/webhook"
_ "k8s.io/kubernetes/pkg/apis/authentication/install"
_ "k8s.io/kubernetes/pkg/apis/authentication.k8s.io/install"
)
var (

21
plugin/pkg/auth/authenticator/token/webhook/webhook_test.go
View File

@ -30,7 +30,7 @@ import (
"time"
"k8s.io/kubernetes/pkg/api/unversioned"
"k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
"k8s.io/kubernetes/pkg/apis/authentication.k8s.io/v1beta1"
"k8s.io/kubernetes/pkg/auth/user"
"k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api/v1"
)
@ -353,21 +353,10 @@ func TestWebhookTokenAuthenticator(t *testing.T) {
type authenticationUserInfo v1beta1.UserInfo
func (a *authenticationUserInfo) GetName() string { return a.Username }
func (a *authenticationUserInfo) GetUID() string { return a.UID }
func (a *authenticationUserInfo) GetGroups() []string { return a.Groups }
func (a *authenticationUserInfo) GetExtra() map[string][]string {
if a.Extra == nil {
return nil
}
ret := map[string][]string{}
for k, v := range a.Extra {
ret[k] = []string(v)
}
return ret
}
func (a *authenticationUserInfo) GetName() string { return a.Username }
func (a *authenticationUserInfo) GetUID() string { return a.UID }
func (a *authenticationUserInfo) GetGroups() []string { return a.Groups }
func (a *authenticationUserInfo) GetExtra() map[string][]string { return a.Extra }
// Ensure v1beta1.UserInfo contains the fields necessary to implement the
// user.Info interface.

7
test/fixtures/pkg/kubectl/cmd/create/tokenreview.json vendored
View File

@ -1,7 +0,0 @@
{
"apiVersion": "authentication.k8s.io/v1beta1",
"kind": "TokenReview",
"spec": {
"token": "test-token"
}
}

2
test/integration/auth/auth_test.go
View File

@ -38,7 +38,7 @@ import (
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/testapi"
authenticationv1beta1 "k8s.io/kubernetes/pkg/apis/authentication/v1beta1"
authenticationv1beta1 "k8s.io/kubernetes/pkg/apis/authentication.k8s.io/v1beta1"
"k8s.io/kubernetes/pkg/apis/autoscaling"
"k8s.io/kubernetes/pkg/apis/extensions"
"k8s.io/kubernetes/pkg/apiserver"