Mike Danese
|
43eaeb8c6c
|
svcacct: pass pod information in user.Info.Extra() when available
Fixes https://github.com/kubernetes/kubernetes/issues/59670
|
2018-08-31 11:54:50 -07:00 |
|
Mike Danese
|
e68f14a249
|
jwt: support opaque signer and push errors to token generator creation
|
2018-08-23 12:21:56 -07:00 |
|
Chao Wang
|
39a4730db6
|
remove duplicated import
|
2018-08-01 13:27:42 +08:00 |
|
WanLinghao
|
f16470c3f1
|
This patch adds limit to the TokenRequest expiration time. It constrains a TokenRequest's expiration time to avoid extreme value which could harm the cluster.
|
2018-06-14 09:31:50 +08:00 |
|
Mike Danese
|
dc9e3f1b3e
|
svcacct: validate min and max expiration seconds on TokenRequest
|
2018-05-30 17:32:49 -07:00 |
|
WanLinghao
|
198b9e482c
|
fix a error in serviceaccount validate.
This error is a human-writing error.
Small as it is, it could cause recreate Object validate
through bug.
This patch fix it.
|
2018-04-24 14:48:37 +08:00 |
|
Mike Danese
|
024f57affe
|
implement token authenticator for new id tokens
|
2018-02-27 17:20:46 -08:00 |
|
Mike Danese
|
b2ceeedd67
|
tokenrequest: tokens bound to pods running as other svcaccts
|
2018-02-24 22:18:24 -08:00 |
|
Mike Danese
|
32bf28daed
|
integration: refactor, cleanup, and add more tests for TokenRequest
|
2018-02-23 14:59:35 -08:00 |
|
Mike Danese
|
8ad1c6655b
|
add support for /token subresource in serviceaccount registry
|
2018-02-21 13:16:51 -08:00 |
|