diff --git a/go.mod b/go.mod index 0a6fd012c3..e9cde59c76 100644 --- a/go.mod +++ b/go.mod @@ -43,7 +43,7 @@ require ( k8s.io/klog/v2 v2.120.1 k8s.io/kubelet v0.30.2 k8s.io/utils v0.0.0-20231127182322-b307cd553661 - sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.26 + sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.27 sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader v0.0.16 sigs.k8s.io/yaml v1.4.0 ) diff --git a/go.sum b/go.sum index 0f835f838b..bedcdced42 100644 --- a/go.sum +++ b/go.sum @@ -445,8 +445,8 @@ k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6R k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0/go.mod h1:z7+wmGM2dfIiLRfrC6jb5kV2Mq/sK1ZP303cxzkV5Y4= -sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.26 h1:BHauRhfjzs4UWu/yiLw82WKpnsuoBMJLbn3WS7PMhRg= -sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.26/go.mod h1:02JRJ7ioAoT9PZzIxlR4Kw7WbejsMIy1eeDyYX8sgvk= +sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.27 h1:hXruEI0sLqi+7219xgF93K4i4G+Qb8QBr8iI0SFPi9Y= +sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.27/go.mod h1:02JRJ7ioAoT9PZzIxlR4Kw7WbejsMIy1eeDyYX8sgvk= sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader v0.0.16 h1:Fm/Yjv4nXjUtJ90uXKSKwPwaTWYuDFMhDNNOd77PlOg= sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader v0.0.16/go.mod h1:+kl90flu4+WCP6HBGVYbKVQR+5ztDzUNrWJz8rsnvRU= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= diff --git a/pkg/provider/config/azure_auth.go b/pkg/provider/config/azure_auth.go index 0f3d5f4f66..bf0076d6e0 100644 --- a/pkg/provider/config/azure_auth.go +++ b/pkg/provider/config/azure_auth.go @@ -223,7 +223,7 @@ func GetMultiTenantServicePrincipalToken(config *AzureAuthConfig, env *azure.Env klog.Background().WithName("multi-tenant-resource-token-provider"), authProvider.ManagedIdentityCredential, []azcore.TokenCredential{authProvider.NetworkTokenCredential}, - authProvider.TokenScope(), + authProvider.DefaultTokenScope(), ) } @@ -284,7 +284,7 @@ func GetNetworkResourceServicePrincipalToken(config *AzureAuthConfig, env *azure return armauth.NewTokenProvider( klog.Background().WithName("network-resource-token-provider"), authProvider.NetworkTokenCredential, - authProvider.TokenScope(), + authProvider.DefaultTokenScope(), ) } diff --git a/vendor/modules.txt b/vendor/modules.txt index 78411bbd2f..738655443f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1482,7 +1482,7 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client/metrics sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/common/metrics sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client -# sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.26 +# sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.27 ## explicit; go 1.20 sigs.k8s.io/cloud-provider-azure/pkg/azclient sigs.k8s.io/cloud-provider-azure/pkg/azclient/accountclient diff --git a/vendor/sigs.k8s.io/cloud-provider-azure/pkg/azclient/auth.go b/vendor/sigs.k8s.io/cloud-provider-azure/pkg/azclient/auth.go index f95464ab28..30e520f8df 100644 --- a/vendor/sigs.k8s.io/cloud-provider-azure/pkg/azclient/auth.go +++ b/vendor/sigs.k8s.io/cloud-provider-azure/pkg/azclient/auth.go @@ -215,7 +215,7 @@ func (factory *AuthProvider) IsMultiTenantModeEnabled() bool { return factory.MultiTenantCredential != nil } -func (factory *AuthProvider) TokenScope() string { +func (factory *AuthProvider) DefaultTokenScope() string { audience := factory.ClientOptions.Cloud.Services[cloud.ResourceManager].Audience - return fmt.Sprintf("https://%s/.default", audience) + return fmt.Sprintf("%s/.default", strings.TrimRight(audience, "/")) }