feat: implement library token provider

Azure · Dec 20, 2023 · 6bb5f1c · 6bb5f1c
1 parent ec62371
commit 6bb5f1c
Show file tree

Hide file tree

Showing 3 changed files with 115 additions and 1 deletion.
diff --git a/pkg/token/options_ctor_test.go b/pkg/token/options_ctor_test.go
@@ -122,7 +122,6 @@ func TestOptions_toInternalOptions(t *testing.T) {
 		}, o.toInternalOptions())
 	})
 
-
 	// this test uses reflection to ensure all fields in *Options
 	// are copied to *token.Options without modification.
 	t.Run("fields assignment", func(t *testing.T) {

diff --git a/pkg/token/provider.go b/pkg/token/provider.go
@@ -0,0 +1,41 @@
+package token
+
+import (
+	"context"
+
+	"github.com/Azure/kubelogin/pkg/internal/token"
+)
+
+type tokenProviderShim struct {
+	impl token.TokenProvider
+}
+
+var _ TokenProvider = (*tokenProviderShim)(nil)
+
+func (tp *tokenProviderShim) GetAccessToken(ctx context.Context) (AccessToken, error) {
+	t, err := tp.impl.Token(ctx)
+	if err != nil {
+		return AccessToken{}, err
+	}
+
+	rv := AccessToken{
+		Token:     t.AccessToken,
+		ExpiresOn: t.Expires(),
+	}
+
+	return rv, nil
+}
+
+// GetTokenProvider returns a token provider based on the given options.
+func GetTokenProvider(options *Options) (TokenProvider, error) {
+	impl, err := token.NewTokenProvider(options.toInternalOptions())
+	if err != nil {
+		return nil, err
+	}
+
+	rv := &tokenProviderShim{
+		impl: impl,
+	}
+
+	return rv, nil
+}
diff --git a/pkg/token/provider_test.go b/pkg/token/provider_test.go
@@ -0,0 +1,74 @@
+package token
+
+import (
+	"context"
+	"encoding/json"
+	"testing"
+
+	"github.com/Azure/go-autorest/autorest/adal"
+	"github.com/Azure/kubelogin/pkg/internal/token/mock_token"
+	"github.com/stretchr/testify/assert"
+	"go.uber.org/mock/gomock"
+)
+
+func TestGetTokenProvider(t *testing.T) {
+	t.Run("invalid login method", func(t *testing.T) {
+		opts := &Options{
+			LoginMethod: "invalid-login-method",
+		}
+		tp, err := GetTokenProvider(opts)
+		assert.Error(t, err)
+		assert.Nil(t, tp)
+	})
+
+	t.Run("basic", func(t *testing.T) {
+		opts := &Options{
+			LoginMethod:        MSILogin,
+			ClientID:           "client-id",
+			IdentityResourceID: "identity-resource-id",
+			ServerID:           "server-id",
+		}
+		tp, err := GetTokenProvider(opts)
+		assert.NoError(t, err)
+		assert.NotNil(t, tp)
+	})
+}
+
+func TestTokenProviderShim_GetAccessToken(t *testing.T) {
+	t.Run("failure case", func(t *testing.T) {
+		mockCtrl := gomock.NewController(t)
+		defer mockCtrl.Finish()
+
+		mockTokenProvider := mock_token.NewMockTokenProvider(mockCtrl)
+		mockTokenProvider.EXPECT().Token(gomock.Any()).Return(adal.Token{}, assert.AnError)
+
+		tp := &tokenProviderShim{
+			impl: mockTokenProvider,
+		}
+
+		token, err := tp.GetAccessToken(context.Background())
+		assert.Equal(t, AccessToken{}, token)
+		assert.Equal(t, assert.AnError, err)
+	})
+
+	t.Run("success case", func(t *testing.T) {
+		mockCtrl := gomock.NewController(t)
+		defer mockCtrl.Finish()
+
+		adalToken := adal.Token{
+			AccessToken: "access-token",
+			ExpiresOn:   json.Number("1700000000"),
+		}
+		mockTokenProvider := mock_token.NewMockTokenProvider(mockCtrl)
+		mockTokenProvider.EXPECT().Token(gomock.Any()).Return(adalToken, nil)
+
+		tp := &tokenProviderShim{
+			impl: mockTokenProvider,
+		}
+
+		token, err := tp.GetAccessToken(context.Background())
+		assert.NoError(t, err)
+		assert.Equal(t, adalToken.AccessToken, token.Token)
+		assert.Equal(t, adalToken.Expires(), token.ExpiresOn)
+	})
+}