kubernetes-client/csharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added support for GCP (#227)

Browse Source 
fixes #226

neither GCP one nor Azure one supports renew expired token feature
This commit is contained in:
Cengiz Ilerler
2018-12-24 00:09:23 -05:00
committed by Kubernetes Prow Robot
parent 1600e44b00
commit 05273b7db7
1 changed files with 57 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs
View File

@@ -239,34 +239,68 @@ namespace k8s
if (userDetails.UserCredentials.AuthProvider != null) if (userDetails.UserCredentials.AuthProvider != null)
{ {
if (userDetails.UserCredentials.AuthProvider.Name == "azure" && if (userDetails.UserCredentials.AuthProvider.Config != null
userDetails.UserCredentials.AuthProvider.Config != null && && userDetails.UserCredentials.AuthProvider.Config.ContainsKey("access-token"))
userDetails.UserCredentials.AuthProvider.Config.ContainsKey("access-token"))
{ {
var config = userDetails.UserCredentials.AuthProvider.Config; switch (userDetails.UserCredentials.AuthProvider.Name)
if (config.ContainsKey("expires-on"))
{ {
var expiresOn = Int32.Parse(config["expires-on"]); case "azure":
DateTimeOffset expires;
#if NET452
var epoch = new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero);
expires = epoch.AddSeconds(expiresOn);
#else
expires = DateTimeOffset.FromUnixTimeSeconds(expiresOn);
#endif
if (DateTimeOffset.Compare(expires, DateTimeOffset.Now) <= 0)
{ {
var tenantId = config["tenant-id"]; var config = userDetails.UserCredentials.AuthProvider.Config;
var clientId = config["client-id"]; if (config.ContainsKey("expires-on"))
var apiServerId = config["apiserver-id"]; {
var refresh = config["refresh-token"]; var expiresOn = Int32.Parse(config["expires-on"]);
var newToken = RenewAzureToken(tenantId, clientId, apiServerId, refresh); DateTimeOffset expires;
config["access-token"] = newToken; #if NET452
var epoch = new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero);
expires = epoch.AddSeconds(expiresOn);
#else
expires = DateTimeOffset.FromUnixTimeSeconds(expiresOn);
#endif
if (DateTimeOffset.Compare(expires
, DateTimeOffset.Now)
<= 0)
{
var tenantId = config["tenant-id"];
var clientId = config["client-id"];
var apiServerId = config["apiserver-id"];
var refresh = config["refresh-token"];
var newToken = RenewAzureToken(tenantId
, clientId
, apiServerId
, refresh);
config["access-token"] = newToken;
}
}
AccessToken = config["access-token"];
userCredentialsFound = true;
break;
}
case "gcp":
{
var config = userDetails.UserCredentials.AuthProvider.Config;
const string keyExpire = "expiry";
if (config.ContainsKey(keyExpire))
{
if (DateTimeOffset.TryParse(config[keyExpire]
, out DateTimeOffset expires))
{
if (DateTimeOffset.Compare(expires
, DateTimeOffset.Now)
<= 0)
{
throw new KubeConfigException("Refresh not supported.");
}
}
}
AccessToken = config["access-token"];
userCredentialsFound = true;
break;
} }
} }
AccessToken = config["access-token"];
userCredentialsFound = true;
} }
} }