Skip to content

Commit e362745

Browse files
shaun-nxshaun-nx
committed
Update BasicAuth AIP and examples to use secretRef 
1 parent 38dd8f7 commit e362745

File tree

1 file changed

+6
-25
lines changed

1 file changed

+6
-25
lines changed

docs/proposals/authentication-filter.md

Lines changed: 6 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -136,14 +136,7 @@ const (
136136

137137
// BasicAuth configures HTTP Basic Authentication.
138138
type BasicAuth struct {
139-
// Secret is the name of the Secret containing htpasswd data.
140-
// The Secret must be in the same namespace as this filter.
141-
Secret string `json:"secret"`
142-
143-
// Key is the key within the Secret that contains the htpasswd data.
144-
Key string `json:"key,omitempty"`
145-
146-
// SecretRef allows referencing a Secret in the same or another namespace.
139+
// SecretRef allows referencing a Secret in the same or different namespace.
147140
// When namespace is set and differs from the filter's namespace, a ReferenceGrant in the target namespace is required.
148141
//
149142
// +optional
@@ -470,19 +463,6 @@ type AuthFailureResponse struct {
470463
BodyPolicy *AuthFailureBodyPolicy `json:"bodyPolicy,omitempty"`
471464
}
472465

473-
// LocalObjectReference references a namespaced object in the same namespace.
474-
type LocalObjectReference struct {
475-
Name string `json:"name"`
476-
}
477-
478-
// SecretKeyReference references a Secret and an optional key.
479-
type SecretKeyReference struct {
480-
Name string `json:"name"`
481-
482-
// Key within the Secret data. If omitted, controller defaults apply (e.g. "jwks.json").
483-
Key string `json:"key,omitempty"`
484-
}
485-
486466
// NamespacedObjectReference references an object by name with an optional namespace.
487467
// If namespace is omitted, it defaults to the AuthenticationFilter's namespace.
488468
type NamespacedObjectReference struct {
@@ -546,10 +526,11 @@ metadata:
546526
spec:
547527
type: Basic
548528
basic:
549-
secret: basic-auth-users # Secret containing htpasswd data
550-
key: htpasswd # key within the Secret
551-
realm: "Restricted" # Optional. Helps with logging
552-
onFailure: # Optional. These setting may be defaults.
529+
secretRef:
530+
name: basic-auth-users # Secret containing htpasswd data
531+
key: htpasswd # key within the Secret
532+
realm: "Restricted" # Optional. Helps with logging
533+
onFailure: # Optional. These setting may be defaults.
553534
statusCode: 401
554535
scheme: Basic
555536
```

0 commit comments

Comments
 (0)