scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-23 01:45:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add plugin and key-cache for ExternalJWTSigner integration

Browse Source
This commit is contained in:
Harshal Neelkamal
2024-10-18 19:31:35 +00:00
parent 4c487b00af
commit 6fdacf0411
62 changed files with 4542 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/apis/authentication/validation/validation.go
View File

@@ -19,19 +19,18 @@ limitations under the License.
package validation
import (
"time"
"k8s.io/apimachinery/pkg/util/validation/field"
"k8s.io/kubernetes/pkg/apis/authentication"
)
const MinTokenAgeSec = 10 * 60 // 10 minutes
// ValidateTokenRequest validates a TokenRequest.
func ValidateTokenRequest(tr *authentication.TokenRequest) field.ErrorList {
allErrs := field.ErrorList{}
specPath := field.NewPath("spec")
const min = 10 * time.Minute
if tr.Spec.ExpirationSeconds < int64(min.Seconds()) {
if tr.Spec.ExpirationSeconds < MinTokenAgeSec {
allErrs = append(allErrs, field.Invalid(specPath.Child("expirationSeconds"), tr.Spec.ExpirationSeconds, "may not specify a duration less than 10 minutes"))
}
if tr.Spec.ExpirationSeconds > 1<<32 {