blob: 4fb6448f78b80268dc572cc79e0f1dc030371f4e [file] [log] [blame]
Matthias Andreas Benkard832a54e2019-01-29 09:27:38 +01001/*
2Copyright The Kubernetes Authors.
3
4Licensed under the Apache License, Version 2.0 (the "License");
5you may not use this file except in compliance with the License.
6You may obtain a copy of the License at
7
8 http://www.apache.org/licenses/LICENSE-2.0
9
10Unless required by applicable law or agreed to in writing, software
11distributed under the License is distributed on an "AS IS" BASIS,
12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13See the License for the specific language governing permissions and
14limitations under the License.
15*/
16
17
18// This file was autogenerated by go-to-protobuf. Do not edit it manually!
19
20syntax = 'proto2';
21
22package k8s.io.api.authentication.v1beta1;
23
24import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
25import "k8s.io/apimachinery/pkg/runtime/generated.proto";
26import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
27import "k8s.io/apimachinery/pkg/util/intstr/generated.proto";
28
29// Package-wide variables from generator "generated".
30option go_package = "v1beta1";
31
32// ExtraValue masks the value so protobuf can generate
33// +protobuf.nullable=true
34// +protobuf.options.(gogoproto.goproto_stringer)=false
35message ExtraValue {
36 // items, if empty, will result in an empty slice
37
38 repeated string items = 1;
39}
40
41// TokenReview attempts to authenticate a token to a known user.
42// Note: TokenReview requests may be cached by the webhook token authenticator
43// plugin in the kube-apiserver.
44message TokenReview {
45 // +optional
46 optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
47
48 // Spec holds information about the request being evaluated
49 optional TokenReviewSpec spec = 2;
50
51 // Status is filled in by the server and indicates whether the request can be authenticated.
52 // +optional
53 optional TokenReviewStatus status = 3;
54}
55
56// TokenReviewSpec is a description of the token authentication request.
57message TokenReviewSpec {
58 // Token is the opaque bearer token.
59 // +optional
60 optional string token = 1;
61}
62
63// TokenReviewStatus is the result of the token authentication request.
64message TokenReviewStatus {
65 // Authenticated indicates that the token was associated with a known user.
66 // +optional
67 optional bool authenticated = 1;
68
69 // User is the UserInfo associated with the provided token.
70 // +optional
71 optional UserInfo user = 2;
72
73 // Error indicates that the token couldn't be checked
74 // +optional
75 optional string error = 3;
76}
77
78// UserInfo holds the information about the user needed to implement the
79// user.Info interface.
80message UserInfo {
81 // The name that uniquely identifies this user among all active users.
82 // +optional
83 optional string username = 1;
84
85 // A unique value that identifies this user across time. If this user is
86 // deleted and another user by the same name is added, they will have
87 // different UIDs.
88 // +optional
89 optional string uid = 2;
90
91 // The names of groups this user is a part of.
92 // +optional
93 repeated string groups = 3;
94
95 // Any additional information provided by the authenticator.
96 // +optional
97 map<string, ExtraValue> extra = 4;
98}
99