-
Notifications
You must be signed in to change notification settings - Fork 327
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(kuma-cp) Initial token generator with HTTP Server on localhost #326
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we consider Token Issuer
per Mesh
(similarly to CA
per Mesh
) ?
1e67648
to
4c93127
Compare
Do we really need it though? I feel like this is an improvement that can be added later on. |
if rt.Config().Environment != config_core.KubernetesEnvironment { | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the purpose of these lines ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I did a mistake when merging/rebasing. Fixed
|
||
func (a *DataplaneTokenServer) Start(stop <-chan struct{}) error { | ||
mux := http.NewServeMux() | ||
mux.HandleFunc("/token", a.handleIdentityRequest) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would expect POST /tokens
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
changed
Summary
Implementation of initial token generator. I added the server that generates JWT token for dataplanes. It listens on http://127.0.0.1:5679. Private key for JWT token is generated on CP startup.
Tokens are not yet used.