kubernetes-client/csharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e38525c13bae1c2e40feac6906ba326ff6cd1e2c
csharp/tests/KubernetesClient.Tests/AuthTests.cs
Boshi Lian e38525c13b Squashed commit of the following: (#492) 
commit dc93612024202e651a9cbe4194c1495c823bff12
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:24:33 2020 -0700

    fix SA1505

commit dc9fdbc4a4fbce7f4362a24e1ff98be4d27e16a8
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:24:02 2020 -0700

    add ()

commit 16fb7357fcd7e288a4b8fb201fda2b0aae92e5bc
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:21:37 2020 -0700

    disable SA1117

commit 544a7e5891e853e2e222f855e5446f3fd79ce2ba
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:21:16 2020 -0700

    fix SA1508

commit 4e998adf440dda4f13512d1e10f8cb5d5fbc6bd9
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:08:28 2020 -0700

    allow sa1623

commit baf787255c657a00a6074598c6875e0ab4c9d065
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:07:23 2020 -0700

    fix SA1413

commit 5ef2ca65de62e6c3cbe513902e3954d78f6dc315
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 16:05:45 2020 -0700

    fix SA1413

commit 6cb71f08060b8252a18b01a5788eb2ddcee67c3e
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:44:55 2020 -0700

    fix throw stack

commit e6ada0b1cb3aa72df5fcaa0b4690aadcbd4bda5a
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:44:35 2020 -0700

    allow CA2225

commit 2e79edec5843c20b7e8f8e9ec5b61cf95284466a
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:35:50 2020 -0700

    allow SA1507

commit 108f5a6361f4faa211a8e01f783803295fac0453
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:35:31 2020 -0700

    force SA1413

commit 20f33b64972bfafeada513ae1a46a030934673fd
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:30:58 2020 -0700

    force SA1413

commit 6b0de102d68a116e149868731e155bc374f56cc8
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:28:33 2020 -0700

    fix encoding

commit 4bd8892c2f0e0fa3666e59b0b77f5b23a2e4ca50
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:26:00 2020 -0700

    fix xunit order

commit e28556b37ecd782df2d740321e782622ecd277ca
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:10:20 2020 -0700

    fix spacing SA1012 SA1004

commit e8cf4b1e0be951babe04cc3674e17718319b8476
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:04:44 2020 -0700

    fix SA1211

commit b4164446f7f9d82fb872243e59e3f5c46fbb1f3c
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 06:02:34 2020 -0700

    fix attribute related warning

commit 2f17ef45947f6ade36593ede6ba4d27bd1991508
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 05:56:53 2020 -0700

    allow ca1801 ca1052 ca1054

commit 49b857f3f1b4a44a809c9186108caab0412c101e
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 05:50:07 2020 -0700

    fix SA1001

commit 3389662a32cfc481a3fdf50b6fd651e23aadd9dd
Author: Boshi LIAN <bolian@microsoft.com>
Date:   Fri Oct 9 06:24:32 2020 -0700

    fix dotnet format

commit f9d55fc925e8a7d2f2b403bd3ae35673068134da
Merge: 8e81532 0d68823
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 05:44:30 2020 -0700

    Merge branch 'master' into style_fix0

commit 8e815324040837714efb323580cc5dcd79e58310
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Fri Oct 9 05:33:02 2020 -0700

    fix remaing build err

commit ecf0152f9e989c4c68274b488d4b3ed6ee88daf9
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 05:24:00 2020 -0700

    fix SA1707

commit 462d94794848ebfcd102b56a4344ffc33b50f591
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 05:19:38 2020 -0700

    fix underscore naming

commit 5271b113603e469021348523f19555e6be22aebc
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 05:19:12 2020 -0700

    allow CA1822

commit 602713ce631026e88d8ff7e8803bb12c2addc3c2
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:37:16 2020 -0700

    fix CA1822

commit bd4fee4d31c1054eadf6d03aa10f443eee9654c0
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:36:36 2020 -0700

    fix CA1822

commit 257d461f21ef7df65fbc787d5c42c59a89d0eced
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:34:25 2020 -0700

    introduce dispose pattern

commit 1d668c7926f877ea196edb67acbfe9bfeddb9e15
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:23:09 2020 -0700

    allow CA2008

commit e4fa6acaf36b84298c8c2ab125ff8aa9efc097b7
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:20:28 2020 -0700

    allow CA1827

commit dd931d99fa3a95f936ed566320fffa85efb22838
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:14:35 2020 -0700

    allow SA1314 CA1825

commit 13b6cf11df439be8020e17bc5d30addc62f90c39
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:13:51 2020 -0700

    Revert "fix CA1825"

    This reverts commit 17e03bcd4e0f129a64e57d54fbe72acb7d1d226b.

commit 368664139c75d61ab5a0c432a7fbbdad956c54cf
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:09:52 2020 -0700

    move class to single files

commit 0015631805d6bc31e4695881989058bb3955766f
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:09:27 2020 -0700

    disable CA2000 / TODO

commit 0a1241e84ba1247c8ab4ab8d32bd5d800114420b
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:07:23 2020 -0700

    allow SA1715

commit 17e03bcd4e0f129a64e57d54fbe72acb7d1d226b
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 04:06:57 2020 -0700

    fix CA1825

commit 7baf350ca93cb45e2587d86fb6ab6e4cf665b6da
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:42:04 2020 -0700

    fix SA1312 SA1306

commit 44ad5934182adfc871215637e9612295bc26e6f2
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:30:35 2020 -0700

    fix CA2007

commit 325fa2c2d16d541db6e21b791c5170f39f832d43
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:25:11 2020 -0700

    fix SA1131

commit 8f1f46b065dd7e9b316491676bb0b93ef91d0595
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:17:08 2020 -0700

    allow SA1119

commit 57c0fe7cc26932cc30b4d7cc75a809746d74d5aa
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:14:14 2020 -0700

    fix SA1400

commit 0afcbbc09d5ef66fbbd4b291d14e7804a8e5a1d3
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:12:18 2020 -0700

    fix SA1513

commit 45f2424531d35a2a106e10e788aff1a18d745078
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 03:09:17 2020 -0700

    allow ca1720 ca1716 sa1405

commit 3403814130a1bf730c4e275f74e9cf5d03bedb41
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:16:37 2020 -0700

    fix model oper not contains generated header

commit 11377d916cf8cd3ad9109388aff6cf989ff4b7b0
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:14:05 2020 -0700

    fix SA1649

commit 92b00051a8c80542a63e1dddbb6eed4e98ad26f9
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:11:16 2020 -0700

    fix SA1124

commit 901a9dd2426fa316bcc5a3c2fc411e583f0e07df
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:09:27 2020 -0700

    save 1122

commit a8f17b6bac1f1c115b7ed9ebb70d16697a3e81b7
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:09:07 2020 -0700

    1507 followup

commit a143184921abb38a09e28a7ef07379003fb19563
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:07:38 2020 -0700

    fix sa1507

commit 54b56026265cbbbfa6e5b8b4dcfab281ffbfa272
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:06:44 2020 -0700

    fix sa1513

commit 53a009205c88a1d63d8daf32599bbc6428619638
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:05:36 2020 -0700

    fix SA1649

commit 26d3e78f61ffc381887baaf5c8b56d92aa0ec563
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 02:01:01 2020 -0700

    fix ca1816

commit 1ce5a04ce7a32d901cbece3e18d59e3c068cfd27
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed Oct 7 01:56:43 2020 -0700

    readable ruleset

commit dafc55f1c2cdc8466919276291333ba46176161a
Author: Boshi Lian <farmer1992@gmail.com>
Date:   Wed May 27 19:13:56 2020 -0700

    sync none from guideline
2020-10-23 08:31:57 -07:00

531 lines
21 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http.Headers;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading.Tasks;
using k8s.KubeConfigModels;
using k8s.Models;
using k8s.Tests.Mock;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Server.Kestrel.Https;
using Microsoft.Rest;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Xunit;
using Xunit.Abstractions;
namespace k8s.Tests
{
public class AuthTests
{
private readonly ITestOutputHelper testOutput;
public AuthTests(ITestOutputHelper testOutput)
{
this.testOutput = testOutput;
}
private static HttpOperationResponse<V1PodList> ExecuteListPods(IKubernetes client)
{
return client.ListNamespacedPodWithHttpMessagesAsync("default").Result;
}
[Fact]
public void Anonymous()
{
using (var server = new MockKubeApiServer(testOutput))
{
var client = new Kubernetes(new KubernetesClientConfiguration { Host = server.Uri.ToString() });
var listTask = ExecuteListPods(client);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
using (var server = new MockKubeApiServer(testOutput, cxt =>
{
cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return Task.FromResult(false);
}))
{
var client = new Kubernetes(new KubernetesClientConfiguration { Host = server.Uri.ToString() });
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
}
[Fact]
public void BasicAuth()
{
const string testName = "test_name";
const string testPassword = "test_password";
using (var server = new MockKubeApiServer(testOutput, cxt =>
{
var header = cxt.Request.Headers["Authorization"].FirstOrDefault();
var expect = new AuthenticationHeaderValue("Basic",
Convert.ToBase64String(Encoding.UTF8.GetBytes($"{testName}:{testPassword}")))
.ToString();
if (header != expect)
{
cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return Task.FromResult(false);
}
return Task.FromResult(true);
}))
{
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
Username = testName,
Password = testPassword,
});
var listTask = ExecuteListPods(client);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
Username = "wrong name",
Password = testPassword,
});
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
Username = testName,
Password = "wrong password",
});
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
Username = "both wrong",
Password = "wrong password",
});
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration { Host = server.Uri.ToString() });
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
Username = "xx",
});
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
}
}
#if NETCOREAPP2_1 // The functionality under test, here, is dependent on managed HTTP / WebSocket in .NET Core 2.1 or newer.
// this test doesn't work on OSX and is inconsistent on windows
[OperatingSystemDependentFact(Exclude = OperatingSystem.OSX | OperatingSystem.Windows)]
public void Cert()
{
var serverCertificateData = File.ReadAllText("assets/apiserver-pfx-data.txt");
var clientCertificateKeyData = File.ReadAllText("assets/client-key-data.txt");
var clientCertificateData = File.ReadAllText("assets/client-certificate-data.txt");
X509Certificate2 serverCertificate = null;
if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
using (MemoryStream serverCertificateStream =
new MemoryStream(Convert.FromBase64String(serverCertificateData)))
{
serverCertificate = OpenCertificateStore(serverCertificateStream);
}
}
else
{
serverCertificate = new X509Certificate2(Convert.FromBase64String(serverCertificateData), "");
}
var clientCertificate = new X509Certificate2(Convert.FromBase64String(clientCertificateData), "");
var clientCertificateValidationCalled = false;
using (var server = new MockKubeApiServer(testOutput, listenConfigure: options =>
{
options.UseHttps(new HttpsConnectionAdapterOptions
{
ServerCertificate = serverCertificate,
ClientCertificateMode = ClientCertificateMode.RequireCertificate,
ClientCertificateValidation = (certificate, chain, valid) =>
{
clientCertificateValidationCalled = true;
return clientCertificate.Equals(certificate);
},
});
}))
{
{
clientCertificateValidationCalled = false;
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
ClientCertificateData = clientCertificateData,
ClientCertificateKeyData = clientCertificateKeyData,
SslCaCerts = new X509Certificate2Collection(serverCertificate),
SkipTlsVerify = false,
});
var listTask = ExecuteListPods(client);
Assert.True(clientCertificateValidationCalled);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
{
clientCertificateValidationCalled = false;
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
ClientCertificateData = clientCertificateData,
ClientCertificateKeyData = clientCertificateKeyData,
SkipTlsVerify = true,
});
var listTask = ExecuteListPods(client);
Assert.True(clientCertificateValidationCalled);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
{
clientCertificateValidationCalled = false;
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
ClientCertificateFilePath =
"assets/client.crt", // TODO amazoning why client.crt != client-data.txt
ClientKeyFilePath = "assets/client.key",
SkipTlsVerify = true,
});
Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));
Assert.True(clientCertificateValidationCalled);
}
{
clientCertificateValidationCalled = false;
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
SkipTlsVerify = true,
});
Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));
Assert.False(clientCertificateValidationCalled);
}
}
}
[OperatingSystemDependentFact(Exclude = OperatingSystem.OSX | OperatingSystem.Windows)]
public void ExternalCertificate()
{
const string name = "testing_irrelevant";
var serverCertificateData = Convert.FromBase64String(File.ReadAllText("assets/apiserver-pfx-data.txt"));
var clientCertificateKeyData = Convert.FromBase64String(File.ReadAllText("assets/client-key-data.txt"));
var clientCertificateData = Convert.FromBase64String(File.ReadAllText("assets/client-certificate-data.txt"));
X509Certificate2 serverCertificate = null;
if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
using (MemoryStream serverCertificateStream = new MemoryStream(serverCertificateData))
{
serverCertificate = OpenCertificateStore(serverCertificateStream);
}
}
else
{
serverCertificate = new X509Certificate2(serverCertificateData, "");
}
var clientCertificate = new X509Certificate2(clientCertificateData, "");
var clientCertificateValidationCalled = false;
using (var server = new MockKubeApiServer(testOutput, listenConfigure: options =>
{
options.UseHttps(new HttpsConnectionAdapterOptions
{
ServerCertificate = serverCertificate,
ClientCertificateMode = ClientCertificateMode.RequireCertificate,
ClientCertificateValidation = (certificate, chain, valid) =>
{
clientCertificateValidationCalled = true;
return clientCertificate.Equals(certificate);
},
});
}))
{
{
var clientCertificateText = Encoding.ASCII.GetString(clientCertificateData).Replace("\n", "\\n");
var clientCertificateKeyText = Encoding.ASCII.GetString(clientCertificateKeyData).Replace("\n", "\\n");
var responseJson = $"{{\"apiVersion\":\"testingversion\",\"status\":{{\"clientCertificateData\":\"{clientCertificateText}\",\"clientKeyData\":\"{clientCertificateKeyText}\"}}}}";
var kubernetesConfig = GetK8SConfiguration(server.Uri.ToString(), responseJson, name);
var clientConfig = KubernetesClientConfiguration.BuildConfigFromConfigObject(kubernetesConfig, name);
var client = new Kubernetes(clientConfig);
var listTask = ExecuteListPods(client);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
{
var clientCertificateText = File.ReadAllText("assets/client.crt").Replace("\n", "\\n");
var clientCertificateKeyText = File.ReadAllText("assets/client.key").Replace("\n", "\\n");
var responseJson = $"{{\"apiVersion\":\"testingversion\",\"status\":{{\"clientCertificateData\":\"{clientCertificateText}\",\"clientKeyData\":\"{clientCertificateKeyText}\"}}}}";
var kubernetesConfig = GetK8SConfiguration(server.Uri.ToString(), responseJson, name);
var clientConfig = KubernetesClientConfiguration.BuildConfigFromConfigObject(kubernetesConfig, name);
var client = new Kubernetes(clientConfig);
Assert.ThrowsAny<Exception>(() => ExecuteListPods(client));
Assert.True(clientCertificateValidationCalled);
}
}
}
#endif // NETCOREAPP2_1
[Fact]
public void ExternalToken()
{
const string token = "testingtoken";
const string name = "testing_irrelevant";
using (var server = new MockKubeApiServer(testOutput, cxt =>
{
var header = cxt.Request.Headers["Authorization"].FirstOrDefault();
var expect = new AuthenticationHeaderValue("Bearer", token).ToString();
if (header != expect)
{
cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return Task.FromResult(false);
}
return Task.FromResult(true);
}))
{
{
var responseJson = $"{{\"apiVersion\":\"testingversion\",\"status\":{{\"token\":\"{token}\"}}}}";
var kubernetesConfig = GetK8SConfiguration(server.Uri.ToString(), responseJson, name);
var clientConfig = KubernetesClientConfiguration.BuildConfigFromConfigObject(kubernetesConfig, name);
var client = new Kubernetes(clientConfig);
var listTask = ExecuteListPods(client);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
{
var responseJson = "{\"apiVersion\":\"testingversion\",\"status\":{\"token\":\"wrong_token\"}}";
var kubernetesConfig = GetK8SConfiguration(server.Uri.ToString(), responseJson, name);
var clientConfig = KubernetesClientConfiguration.BuildConfigFromConfigObject(kubernetesConfig, name);
var client = new Kubernetes(clientConfig);
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
}
}
[Fact]
public void Token()
{
const string token = "testingtoken";
using (var server = new MockKubeApiServer(testOutput, cxt =>
{
var header = cxt.Request.Headers["Authorization"].FirstOrDefault();
var expect = new AuthenticationHeaderValue("Bearer", token).ToString();
if (header != expect)
{
cxt.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return Task.FromResult(false);
}
return Task.FromResult(true);
}))
{
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
AccessToken = token,
});
var listTask = ExecuteListPods(client);
Assert.True(listTask.Response.IsSuccessStatusCode);
Assert.Equal(1, listTask.Body.Items.Count);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
AccessToken = "wrong token",
});
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration
{
Host = server.Uri.ToString(),
Username = "wrong name",
Password = "same password",
});
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
{
var client = new Kubernetes(new KubernetesClientConfiguration { Host = server.Uri.ToString() });
var listTask = ExecuteListPods(client);
Assert.Equal(HttpStatusCode.Unauthorized, listTask.Response.StatusCode);
}
}
}
private X509Certificate2 OpenCertificateStore(Stream stream)
{
Pkcs12Store store = new Pkcs12Store();
store.Load(stream, new char[] { });
var keyAlias = store.Aliases.Cast<string>().SingleOrDefault(a => store.IsKeyEntry(a));
var key = (RsaPrivateCrtKeyParameters)store.GetKey(keyAlias).Key;
var bouncyCertificate = store.GetCertificate(keyAlias).Certificate;
var certificate = new X509Certificate2(DotNetUtilities.ToX509Certificate(bouncyCertificate));
var parameters = DotNetUtilities.ToRSAParameters(key);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.ImportParameters(parameters);
certificate = RSACertificateExtensions.CopyWithPrivateKey(certificate, rsa);
return certificate;
}
private K8SConfiguration GetK8SConfiguration(string serverUri, string responseJson, string name)
{
const string username = "testinguser";
var contexts = new List<Context>
{
new Context { Name = name, ContextDetails = new ContextDetails { Cluster = name, User = username } },
};
{
var clusters = new List<Cluster>
{
new Cluster
{
Name = name,
ClusterEndpoint = new ClusterEndpoint { SkipTlsVerify = true, Server = serverUri },
},
};
var command = RuntimeInformation.IsOSPlatform(OSPlatform.Windows) ? "cmd.exe" : "echo";
if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
command = "printf";
}
var arguments = new string[] { };
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
arguments = new[] { "/c", "echo", responseJson };
}
if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
{
arguments = new[] { responseJson.Replace("\"", "\\\"") };
}
if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
arguments = new[] { "\"%s\"", responseJson.Replace("\"", "\\\"") };
}
var users = new List<User>
{
new User
{
Name = username,
UserCredentials = new UserCredentials
{
ExternalExecution = new ExternalExecution
{
ApiVersion = "testingversion",
Command = command,
Arguments = arguments.ToList(),
},
},
},
};
var kubernetesConfig = new K8SConfiguration { Clusters = clusters, Users = users, Contexts = contexts };
return kubernetesConfig;
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink