Type Members

1.  case class BoundObjectReference(apiVersion: Optional[String] = Optional.Absent, kind: Optional[String] = Optional.Absent, name: Optional[String] = Optional.Absent, uid: Optional[String] = Optional.Absent) extends Product with Serializable

   BoundObjectReference is a reference to an object that a token is bound to.

   BoundObjectReference is a reference to an object that a token is bound to.

   apiVersion

   API version of the referent.

   kind

   Kind of the referent. Valid kinds are 'Pod' and 'Secret'.

   name

   Name of the referent.

   uid

   UID of the referent.

2.  class BoundObjectReferenceFields extends AnyRef
3.  case class TokenRequest(metadata: Optional[ObjectMeta] = Optional.Absent, spec: TokenRequestSpec, status: Optional[TokenRequestStatus] = Optional.Absent) extends Product with Serializable

   TokenRequest requests a token for a given service account.

4.  class TokenRequestFields extends AnyRef
5.  case class TokenRequestSpec(audiences: Vector[String], boundObjectRef: Optional[BoundObjectReference] = Optional.Absent, expirationSeconds: Optional[Long] = Optional.Absent) extends Product with Serializable

   TokenRequestSpec contains client provided parameters of a token request.

   TokenRequestSpec contains client provided parameters of a token request.

   audiences

   Audiences are the intendend audiences of the token. A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.

   expirationSeconds

   ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.

6.  class TokenRequestSpecFields extends AnyRef
7.  case class TokenRequestStatus(expirationTimestamp: Time, token: String) extends Product with Serializable

   TokenRequestStatus is the result of a token request.

   TokenRequestStatus is the result of a token request.

   token

   Token is the opaque bearer token.

8.  class TokenRequestStatusFields extends AnyRef
9.  case class TokenReview(metadata: Optional[ObjectMeta] = Optional.Absent, spec: TokenReviewSpec, status: Optional[TokenReviewStatus] = Optional.Absent) extends Product with Serializable

   TokenReview attempts to authenticate a token to a known user.

   TokenReview attempts to authenticate a token to a known user. Note: TokenReview requests may be cached by the webhook token authenticator plugin in the kube-apiserver.

10.  class TokenReviewFields extends AnyRef
11.  case class TokenReviewSpec(audiences: Optional[Vector[String]] = Optional.Absent, token: Optional[String] = Optional.Absent) extends Product with Serializable

    TokenReviewSpec is a description of the token authentication request.

    TokenReviewSpec is a description of the token authentication request.

    audiences

    Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.

    token

    Token is the opaque bearer token.

12.  class TokenReviewSpecFields extends AnyRef
13.  case class TokenReviewStatus(audiences: Optional[Vector[String]] = Optional.Absent, authenticated: Optional[Boolean] = Optional.Absent, error: Optional[String] = Optional.Absent, user: Optional[UserInfo] = Optional.Absent) extends Product with Serializable

    TokenReviewStatus is the result of the token authentication request.

    TokenReviewStatus is the result of the token authentication request.

    audiences

    Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token's audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is "true", the token is valid against the audience of the Kubernetes API server.

    authenticated

    Authenticated indicates that the token was associated with a known user.

    error

    Error indicates that the token couldn't be checked

14.  class TokenReviewStatusFields extends AnyRef
15.  case class UserInfo(extra: Optional[Map[String, Vector[String]]] = Optional.Absent, groups: Optional[Vector[String]] = Optional.Absent, uid: Optional[String] = Optional.Absent, username: Optional[String] = Optional.Absent) extends Product with Serializable

    UserInfo holds the information about the user needed to implement the user.Info interface.

    UserInfo holds the information about the user needed to implement the user.Info interface.

    extra

    Any additional information provided by the authenticator.

    groups

    The names of groups this user is a part of.

    uid

    A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.

    username

    The name that uniquely identifies this user among all active users.

16.  class UserInfoFields extends AnyRef