kuma
40 строк · 928.0 Байт
1package zoneingress
2
3import (
4"context"
5"time"
6
7"github.com/kumahq/kuma/pkg/core/tokens"
8)
9
10type Token = string
11
12type Identity struct {
13Zone string
14}
15
16// TokenIssuer issues Zone Ingress Tokens used then for proving identity of the zone ingresses.
17// Issued token can be bound by zone name.
18// See pkg/sds/auth/universal/authenticator.go to check algorithm for authentication
19type TokenIssuer interface {
20Generate(ctx context.Context, identity Identity, validFor time.Duration) (tokens.Token, error)
21}
22
23var _ TokenIssuer = &jwtTokenIssuer{}
24
25func NewTokenIssuer(issuer tokens.Issuer) TokenIssuer {
26return &jwtTokenIssuer{
27issuer: issuer,
28}
29}
30
31type jwtTokenIssuer struct {
32issuer tokens.Issuer
33}
34
35func (j *jwtTokenIssuer) Generate(ctx context.Context, identity Identity, validFor time.Duration) (Token, error) {
36claims := &ZoneIngressClaims{
37Zone: identity.Zone,
38}
39return j.issuer.Generate(ctx, claims, validFor)
40}
41