It not necessary to mention where the functions are implemented in
document. Further more, the directories recorded here is out of date.
Now they are in:
staging/src/k8s.io/apiserver/plugin/pkg/authenticator/...
Noted that every bearer token, in any of the four authentication
strategies that use bearer tokens, appears in an HTTP header
value without additional quotation/encoding (beyond that supported
by HTTP). Included a fully concrete example. Wrote this down once,
where the issue first arises, and referenced it from the other relevant
strategies.
This constraint was elicited in #sig-auth discussion
on Sep 21, and not previously stated explicitly and in a way that
clearly applied to all four kinds of bearer token --- leaving the
reader to wonder if some other encoding is expected.
Most OAuth2 libraries use the access_token as a bearer token. This
is different for Kubernetes, since the OIDC plugin uses an id_token
instead (also returned in the token response).
Be explicit and call out this difference.
Andrew Chen
Manjunath A Kumatagi
Cao Shufeng
Marc Boorshtein
xilabao
Alejandro Escobar
Jie Luo
Ben Balter
Jordan Liggitt
Di Xu
Jeff Schroeder
Jared
deads2k
Feynman Liang
devin-donnelly
Jimmy Cuadra
Mike Spreitzer
Chmouel Boudjnah
Eric Chiang
Eric Tune
Eric Chiang
foxish
mikebrow
zhouhaibing089
John Mulhausen
John Mulhausen