kubernetes-client/csharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add missing client cert (#729)

Browse Source 
* Updated GitVersioning package to fix issue with loading native libgit lib. Added check for missing HttpClientHandler

* fixed type

* HttpClientHandler is null when trying to get client certificates for web socket connection. Added direct configuration of client cert instead of via HttpClientHandler

* fixed indentation warning

* re-added certs from httpclienthandler if present

* Updated GitVersioning package to fix issue with loading native libgit lib. Added check for missing HttpClientHandler

* fixed type

* HttpClientHandler is null when trying to get client certificates for web socket connection. Added direct configuration of client cert instead of via HttpClientHandler

* fixed indentation warning

* re-added certs from httpclienthandler if present

* merged duplicate code

* reverted package changes
This commit is contained in:
Frode Hus
2021-10-20 15:51:58 +02:00
committed by GitHub
parent 2d8915dff7
commit 73d8e99d2a
4 changed files with 40 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/KubernetesClient/CertUtils.cs
View File

@@ -122,5 +122,28 @@ namespace k8s
} }
} }
} }
/// <summary>
/// Retrieves Client Certificate PFX from configuration
/// </summary>
/// <param name="config">Kubernetes Client Configuration</param>
/// <returns>Client certificate PFX</returns>
public static X509Certificate2 GetClientCert(KubernetesClientConfiguration config)
{
if (config == null)
{
throw new ArgumentNullException(nameof(config));
}
if ((!string.IsNullOrWhiteSpace(config.ClientCertificateData) ||
!string.IsNullOrWhiteSpace(config.ClientCertificateFilePath)) &&
(!string.IsNullOrWhiteSpace(config.ClientCertificateKeyData) ||
!string.IsNullOrWhiteSpace(config.ClientKeyFilePath)))
{
return GeneratePfx(config);
}
return null;
}
} }
} }

5
src/KubernetesClient/Kubernetes.ConfigInit.cs
View File

@@ -57,6 +57,7 @@ namespace k8s
ValidateConfig(config); ValidateConfig(config);
CaCerts = config.SslCaCerts; CaCerts = config.SslCaCerts;
SkipTlsVerify = config.SkipTlsVerify; SkipTlsVerify = config.SkipTlsVerify;
ClientCert = CertUtils.GetClientCert(config);
SetCredentials(config); SetCredentials(config);
} }
@@ -133,7 +134,7 @@ namespace k8s
} }
private X509Certificate2Collection CaCerts { get; } private X509Certificate2Collection CaCerts { get; }
private X509Certificate2 ClientCert { get; }
private bool SkipTlsVerify { get; } private bool SkipTlsVerify { get; }
partial void CustomInitialize() partial void CustomInitialize()
@@ -262,6 +263,8 @@ namespace k8s
}; };
} }
/// <summary> /// <summary>
/// Set credentials for the Client /// Set credentials for the Client
/// </summary> /// </summary>

12
src/KubernetesClient/Kubernetes.WebSocket.cs
View File

@@ -295,9 +295,17 @@ namespace k8s
} }
// Set Credentials // Set Credentials
foreach (var cert in this.HttpClientHandler.ClientCertificates.OfType<X509Certificate2>()) if (this.ClientCert != null)
{ {
webSocketBuilder.AddClientCertificate(cert); webSocketBuilder.AddClientCertificate(this.ClientCert);
}
if (this.HttpClientHandler != null)
{
foreach (var cert in this.HttpClientHandler.ClientCertificates.OfType<X509Certificate2>())
{
webSocketBuilder.AddClientCertificate(cert);
}
} }
if (Credentials != null) if (Credentials != null)

10
src/KubernetesClient/KubernetesClientConfiguration.HttpClientHandler.cs
View File

@@ -41,14 +41,10 @@ namespace k8s
throw new ArgumentNullException(nameof(handler)); throw new ArgumentNullException(nameof(handler));
} }
if ((!string.IsNullOrWhiteSpace(ClientCertificateData) || var clientCert = CertUtils.GetClientCert(this);
!string.IsNullOrWhiteSpace(ClientCertificateFilePath)) && if (clientCert != null)
(!string.IsNullOrWhiteSpace(ClientCertificateKeyData) ||
!string.IsNullOrWhiteSpace(ClientKeyFilePath)))
{ {
var cert = CertUtils.GeneratePfx(this); handler.ClientCertificates.Add(clientCert);
handler.ClientCertificates.Add(cert);
} }
} }
} }