Skip to content

Commit

Permalink
p/authn,test/e2e/oidc: fix oidc change
Browse files Browse the repository at this point in the history
  • Loading branch information
@ibihim
ibihim committed Mar 25, 2024
1 parent b696f39 commit 7eac18f
Showing 1 changed file with 17 additions and 6 deletions.
23 changes: 17 additions & 6 deletions pkg/authn/oidc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"context"
"net/http"

"k8s.io/apiserver/pkg/apis/apiserver"
"k8s.io/apiserver/pkg/authentication/authenticator"
"k8s.io/apiserver/pkg/authentication/request/bearertoken"
"k8s.io/apiserver/pkg/server/dynamiccertificates"
Expand All @@ -43,13 +44,23 @@ func NewOIDCAuthenticator(config *OIDCConfig) (*OIDCAuthenticator, error) {
}

tokenAuthenticator, err := oidc.New(oidc.Options{
IssuerURL: config.IssuerURL,
ClientID: config.ClientID,
JWTAuthenticator: apiserver.JWTAuthenticator{
Issuer: apiserver.Issuer{
URL: config.IssuerURL,
Audiences: []string{config.ClientID},
},
ClaimMappings: apiserver.ClaimMappings{
Username: apiserver.PrefixedClaimOrExpression{
Prefix: &config.UsernamePrefix,
Claim: config.UsernameClaim,
},
Groups: apiserver.PrefixedClaimOrExpression{
Prefix: &config.GroupsPrefix,
Claim: config.GroupsClaim,
},
},
},
CAContentProvider: dyCA,
UsernameClaim: config.UsernameClaim,
UsernamePrefix: config.UsernamePrefix,
GroupsClaim: config.GroupsClaim,
GroupsPrefix: config.GroupsPrefix,
SupportedSigningAlgs: config.SupportedSigningAlgs,
})
if err != nil {
Expand Down

0 comments on commit 7eac18f

Please sign in to comment.