-
Notifications
You must be signed in to change notification settings - Fork 0
/
authentication.yaml
85 lines (85 loc) · 3.72 KB
/
authentication.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
apiVersion: authorino.3scale.net/v1beta1
kind: AuthConfig
metadata:
name: authentication
spec:
hosts:
- edge.kafka.svc
- edge.kafka.127.0.0.1.nip.io
identity:
- name: edge
apiKey:
labelSelectors:
authorino.3scale.net/managed-by: authorino
kafka-scope: edge-authentication
credentials:
in: authorization_header
keySelector: APIKEY
response:
- name: wristband
wrapper: envoyDynamicMetadata
wristband:
issuer: https://authorino-authorino-oidc.kafka.svc:8083/kafka/authentication/wristband
customClaims:
- name: typ
value: Bearer
- name: preferred_username
valueFrom:
authJSON: auth.identity.metadata.annotations.kafka-auth/username
- name: rsname
valueFrom:
authJSON: auth.identity.metadata.annotations.kafka-auth/resource
- name: scopes
valueFrom:
authJSON: auth.identity.metadata.annotations.kafka-auth/operations
tokenDuration: 600
signingKeyRefs:
- name: wristband-signing-key
algorithm: RS256
---
apiVersion: v1
kind: Secret
metadata:
name: wristband-signing-key
stringData:
key.pem: |
-----BEGIN RSA PRIVATE KEY-----
MIIG4gIBAAKCAYEA1FMnOG+YWcQcAOceoWUMCoXOGlIsblTwy0y04rR6aWlfDQ72
ex8piqqTaVQ4beqEvacOJc7HRfj06SUcmowI8t6on3+n1FujcDZOi5UukEgP/RzJ
3feBvb63JPzOKBhs/SZYtKUir0eia7rgJjLKIu5DLn+u/osaUn5bPJ+ARSLD+8Xa
L6IFcoX3SiWhot1vm/I63255PbeAkOQP1ULCvVznUgfZd/lP8pvMS4Mw5PW1Sbuv
EndqmbcyKnOLkEFh25C15JCJe2ipr4J+xwLGB2qWp24MuQGsyZKLsFqReHpd6T+R
HjyGqhSrxIfQoEg1x0kkbXAUPok2jOiuPqNTmoDWeFrJ+KRCqqg85AUT+iU3Pu+Q
rhnfWSLilhP+6X5jHfzteX7BVwS1f44IBPra3oHdVd79X8FJb+SMZ8SgiZIl0cXv
3udPUhPwsUR0EazailabWCgkh/JwPtHrpF+lNQUZEX4qL/Lg1jUEwoCpuEhSODiI
P4ywVNRK2Qr4SAJnAgMBAAECggGAWmwHOeuckC4KVwAWdVlZJWoSefcg4OPfoFTM
e/esYhPz3NXQdmKxCFLYcHTjizvix/nK9qL3Dn+VnWymn9KfRP86BKMS0EcudW1L
SfqAWAW4eWy3M4ZihHIiAOiAy2aLk8uu30+sU8VIEGUHbH0YxIN/rN/HoLOQxCz3
ofuzXr4NhL2fy8VOWJVg2PzptzhifaFNHTYo//WUFSBq9cF2ubpE8RRSsttEBuf+
uvHl8rwJNpttVYnxpgD0pkuK1iZhRcfxdbWkWC7d4UGrkTxVcwuQNsocqtGHV5qp
NIcyM1ThvJOI2JuuOHyBEvDd7BwALrtBgde8PB//AbDf0ZoI8LldjE7MvEK2fSA3
g1MspoU0pHj5nT75q9A7CEv4fZ1KItmzftS2dF+Z8HlkdXQQ51Vh7CPrwxSSPENf
y9PavHla2AA/DdQdAMq09zV+H1ns+Oqc3hf4BN80S9VaTgEJouegkOS+cqCyvDBU
1urplLv8pVo1lk/weblUaJe6DmhRAoHBAO34S6QQwe9aD/7nfjfmh6AABNDMf/xu
csJPNxEdV3ysk5bP0B11b+Ke4vmo4sWnb3g4lSk/f7YOaEaZ73whnOG+5m64bzz9
Esa43UIUm+wUvonVWmZ0ewCZCx2Fn7jHRpk/t5LTAAkM+f+qctP3eFddS670mtkz
mUdJByeZQcavtMRbL1X6Su+XfDOrATYPlc4u50DAG29FqnkyNaNlcmmuX/DMfpJx
0HA7nxhgwbwikhyrQKBaB0S73/8G1VcWPQKBwQDkaXD4IzrmaWydqNhIvbUU1mzC
tKt9+zPtc7dlsC+YfoNeqSjjPOjE504lII73ZKgNP8bSg8XKNOJBPtz4F8Ssz/gF
Q9VECFC14ijXWky1kihhCEB1if61h01nbm0w60k0cijHnIka1y+jmAfkmlJVxlIg
9tLN3+DpP6Gn0e9HE1FunY6i+6FVX1NvLSEklso0ATMx+uub2LKE1WxDnHqPKBiI
mshBzpN/51+LWDOReiRB3bZrQAbFROudF5zSaXMCgcA44I+ztw2jV7NbCZlxYvgn
ldmQzlAI1Z04NBbFUG4IrnbYJPNpFxiW4cL+SQ9qjopmAaAlK7gqm2bw+Pn0gVQt
4KLS8+IigZprROQdVy+tTYf9CbGBq3V6vxmZBMcYMwj8t+34edYYU7GtGeA4KX3p
47KjLnOUVnDcSOgc3tSJ2JUsGV9G/XvLqDlXYBf6A9+aWDuNjl0AS3ZjYUzQsP6X
o8Xql/XoqqtXJ+juurGTde/WSlg3+0yhcQYovklfd0ECgcAd8fTtkzDVpFypDsnM
P5LN+I6puCYDjjtwlgslOcQDqhJvBp5lrEaYCfskwu/7XybpFcNrNftoVyaShztR
C0ytm1ZY2lvLX4u1TMEt+piz9UV18y8AOec6xVJQjRmjoDUouw69nLgc3LlSKUxf
nBvPQwDhcXqRoxhJfB4lclB8cPvsFJvuoi60kprNqIz/zwUTbFTZ6JubAv3kjFZ1
Rr6KpicRQbmfZwXPbvYHvriECg9W00pnJS2+DxsUrVPSAiECgcB+/iHnElR4D5ze
QxCQVeKSPHO00W2PTFB8slro1mTGX17hO4nPH++ZkGnLQgikR7omWIFrkk/1Ko8t
aXAJ0Z1hUPmgL3INagZQB7/vLh3311Sa3b/f3gwZUPrM11IMiPQ/ra/v/ASiUE/J
vHgwwCeJNpE+iF4mzwlX2/OScUF8csn8F3pYCKDYgEgUTcwjZTLer424gWNKkanQ
bdpS9+xMtvYY4CVeQyaA4lCnYuMyuFvsTnKnWkVrFyumceG1cvA=
-----END RSA PRIVATE KEY-----
type: Opaque