• Mike Danese's avatar
    serviceaccount: check token is issued by correct iss before verifying · 057b7af7
    Mike Danese authored
    Right now if a JWT for an unknown issuer, for any subject hits the
    serviceaccount token authenticator, we return a errors as if the token
    was meant for us but we couldn't find a key to verify it. We should
    instead return nil, false, nil.
    
    This change helps us support multiple service account token
    authenticators with different issuers.
    057b7af7
Name
Last commit
Last update
..
apiserver Loading commit data...
auth Loading commit data...
client Loading commit data...
configmap Loading commit data...
daemonset Loading commit data...
defaulttolerationseconds Loading commit data...
deployment Loading commit data...
etcd Loading commit data...
evictions Loading commit data...
examples Loading commit data...
framework Loading commit data...
garbagecollector Loading commit data...
master Loading commit data...
metrics Loading commit data...
objectmeta Loading commit data...
openshift Loading commit data...
pods Loading commit data...
quota Loading commit data...
replicaset Loading commit data...
replicationcontroller Loading commit data...
scale Loading commit data...
scheduler Loading commit data...
scheduler_perf Loading commit data...
secrets Loading commit data...
serviceaccount Loading commit data...
storageclasses Loading commit data...
tls Loading commit data...
ttlcontroller Loading commit data...
volume Loading commit data...
BUILD Loading commit data...
benchmark-controller.json Loading commit data...
doc.go Loading commit data...
utils.go Loading commit data...