From 127914703e033190c1320236ceb555b448912960 Mon Sep 17 00:00:00 2001
From: Dan Jahner <dan@jahner.xyz>
Date: Fri, 2 Oct 2020 11:58:05 -0700
Subject: [PATCH 1/3] Docs only: Use prettier URL for latest config

---
 deploy-local-user-authenticator/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/deploy-local-user-authenticator/README.md b/deploy-local-user-authenticator/README.md
index 293c729b..22d4a331 100644
--- a/deploy-local-user-authenticator/README.md
+++ b/deploy-local-user-authenticator/README.md
@@ -15,7 +15,7 @@ User accounts can be created and edited dynamically using `kubectl` commands (se
 ## Installing the Latest Version with Default Options
 
 ```bash
-kubectl apply -f https://github.com/vmware-tanzu/pinniped/releases/download/$(curl https://api.github.com/repos/vmware-tanzu/pinniped/releases/latest -s | jq .name -r)/install-local-user-authenticator.yaml
+kubectl apply -f https://github.com/vmware-tanzu/pinniped/releases/latest/download/install-local-user-authenticator.yaml
 ```
 
 ## Installing an Older Version with Default Options

From e97bad2198418cb1899503e36aacfc2c2711d297 Mon Sep 17 00:00:00 2001
From: Dan Jahner <dan@jahner.xyz>
Date: Fri, 2 Oct 2020 12:42:25 -0700
Subject: [PATCH 2/3] Docs only: Fix failure response, format for clarity

---
 deploy-local-user-authenticator/README.md | 32 +++++++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/deploy-local-user-authenticator/README.md b/deploy-local-user-authenticator/README.md
index 22d4a331..76851982 100644
--- a/deploy-local-user-authenticator/README.md
+++ b/deploy-local-user-authenticator/README.md
@@ -118,14 +118,42 @@ is configured as an identity provider for Pinniped.
       Note that the value of `authenticated` is `true` to indicate a successful authentication.
 
       ```json
-      {"apiVersion":"authentication.k8s.io/v1beta1","kind":"TokenReview","status":{"authenticated":true,"user":{"username":"ryan","uid":"19c433ec-8f58-44ca-9ef0-2d1081ccb876","groups":["group1","group2"]}}}
+      {
+        "kind": "TokenReview",
+        "apiVersion": "authentication.k8s.io/v1beta1",
+        "metadata": {
+          "creationTimestamp": null
+        },
+        "spec": {},
+        "status": {
+          "authenticated": true,
+          "user": {
+            "username": "ryan",
+            "uid": "19c433ec-8f58-44ca-9ef0-2d1081ccb876",
+            "groups": [
+              "group1",
+              "group2"
+            ]
+          }
+        }
+      }
       ```
 
       Trying the above `curl` command again with the wrong username or password in the body of the request
       should result in a JSON response which indicates that the authentication failed.
 
       ```json
-      {"apiVersion":"authentication.k8s.io/v1beta1","kind":"TokenReview","status":{"authenticated":false}}
+      {
+        "kind": "TokenReview",
+        "apiVersion": "authentication.k8s.io/v1beta1",
+        "metadata": {
+          "creationTimestamp": null
+        },
+        "spec": {},
+        "status": {
+          "user": {}
+        }
+      }
       ```
 
   1. Remove the curl pod.

From 13e0b272c06fda9dca62a117c8e249684e456b4f Mon Sep 17 00:00:00 2001
From: Dan Jahner <dan@jahner.xyz>
Date: Fri, 2 Oct 2020 13:59:14 -0700
Subject: [PATCH 3/3] Docs only: Use consistent sample user name

---
 deploy-local-user-authenticator/README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/deploy-local-user-authenticator/README.md b/deploy-local-user-authenticator/README.md
index 76851982..d1d2f404 100644
--- a/deploy-local-user-authenticator/README.md
+++ b/deploy-local-user-authenticator/README.md
@@ -50,11 +50,11 @@ Either [install `ytt`](https://get-ytt.io/) or use the [container image from Doc
 Use `kubectl` to create, edit, and delete user accounts by creating a `Secret` for each user account in the same
 namespace where local-user-authenticator is deployed.  The name of the `Secret` resource is the username.
 Store the user's group membership and `bcrypt` encrypted password as the contents of the `Secret`.
-For example, to create a user named `ryan` with the password `password123`
+For example, to create a user named `pinny-the-seal` with the password `password123`
 who belongs to the groups `group1` and `group2`, use:
 
 ```bash
-kubectl create secret generic ryan \
+kubectl create secret generic pinny-the-seal \
   --namespace local-user-authenticator \
   --from-literal=groups=group1,group2 \
   --from-literal=passwordHash=$(htpasswd -nbBC 10 x password123 | sed -e "s/^x://")
@@ -109,7 +109,7 @@ is configured as an identity provider for Pinniped.
         "apiVersion": "authentication.k8s.io/v1beta1",
         "kind": "TokenReview",
         "spec": {
-          "token": "ryan:password123"
+          "token": "pinny-the-seal:password123"
         }
       }'
       ```
@@ -128,7 +128,7 @@ is configured as an identity provider for Pinniped.
         "status": {
           "authenticated": true,
           "user": {
-            "username": "ryan",
+            "username": "pinny-the-seal",
             "uid": "19c433ec-8f58-44ca-9ef0-2d1081ccb876",
             "groups": [
               "group1",