Skip to content

Commit

Permalink
added support for GCP (#227)
Browse files Browse the repository at this point in the history 
fixes #226

neither GCP one nor Azure one supports renew expired token feature
  • Loading branch information
@cilerler @k8s-ci-robot
cilerler authored and k8s-ci-robot committed Dec 24, 2018
1 parent 1600e44 commit 05273b7
Showing 1 changed file with 57 additions and 23 deletions.
80 changes: 57 additions & 23 deletions src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,34 +239,68 @@ private void SetUserDetails(K8SConfiguration k8SConfig, Context activeContext)

if (userDetails.UserCredentials.AuthProvider != null)
{
if (userDetails.UserCredentials.AuthProvider.Name == "azure" &&
userDetails.UserCredentials.AuthProvider.Config != null &&
userDetails.UserCredentials.AuthProvider.Config.ContainsKey("access-token"))
if (userDetails.UserCredentials.AuthProvider.Config != null
&& userDetails.UserCredentials.AuthProvider.Config.ContainsKey("access-token"))
{
var config = userDetails.UserCredentials.AuthProvider.Config;
if (config.ContainsKey("expires-on"))
switch (userDetails.UserCredentials.AuthProvider.Name)
{
var expiresOn = Int32.Parse(config["expires-on"]);
DateTimeOffset expires;
#if NET452
var epoch = new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero);
expires = epoch.AddSeconds(expiresOn);
#else
expires = DateTimeOffset.FromUnixTimeSeconds(expiresOn);
#endif

if (DateTimeOffset.Compare(expires, DateTimeOffset.Now) <= 0)
case "azure":
{
var tenantId = config["tenant-id"];
var clientId = config["client-id"];
var apiServerId = config["apiserver-id"];
var refresh = config["refresh-token"];
var newToken = RenewAzureToken(tenantId, clientId, apiServerId, refresh);
config["access-token"] = newToken;
var config = userDetails.UserCredentials.AuthProvider.Config;
if (config.ContainsKey("expires-on"))
{
var expiresOn = Int32.Parse(config["expires-on"]);
DateTimeOffset expires;
#if NET452
var epoch = new DateTimeOffset(1970, 1, 1, 0, 0, 0, TimeSpan.Zero);
expires = epoch.AddSeconds(expiresOn);
#else
expires = DateTimeOffset.FromUnixTimeSeconds(expiresOn);
#endif

if (DateTimeOffset.Compare(expires
, DateTimeOffset.Now)
<= 0)
{
var tenantId = config["tenant-id"];
var clientId = config["client-id"];
var apiServerId = config["apiserver-id"];
var refresh = config["refresh-token"];
var newToken = RenewAzureToken(tenantId
, clientId
, apiServerId
, refresh);
config["access-token"] = newToken;
}
}

AccessToken = config["access-token"];
userCredentialsFound = true;
break;
}
case "gcp":
{
var config = userDetails.UserCredentials.AuthProvider.Config;
const string keyExpire = "expiry";
if (config.ContainsKey(keyExpire))
{
if (DateTimeOffset.TryParse(config[keyExpire]
, out DateTimeOffset expires))
{
if (DateTimeOffset.Compare(expires
, DateTimeOffset.Now)
<= 0)
{
throw new KubeConfigException("Refresh not supported.");
}
}
}

AccessToken = config["access-token"];
userCredentialsFound = true;
break;
}
}
AccessToken = config["access-token"];
userCredentialsFound = true;
}
}

Expand Down

0 comments on commit 05273b7

Please sign in to comment.