From d775b0827059ea772f446a79b7a9011b9b9a64b0 Mon Sep 17 00:00:00 2001 From: Brendan Burns Date: Fri, 23 Feb 2018 21:56:36 -0800 Subject: [PATCH] Add support for Azure authentication. --- .../io/kubernetes/client/util/KubeConfig.java | 9 +++ .../AzureActiveDirectoryAuthenticator.java | 55 +++++++++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 util/src/main/java/io/kubernetes/client/util/authenticators/AzureActiveDirectoryAuthenticator.java diff --git a/util/src/main/java/io/kubernetes/client/util/KubeConfig.java b/util/src/main/java/io/kubernetes/client/util/KubeConfig.java index fa07eed840..fc7c11f0dd 100644 --- a/util/src/main/java/io/kubernetes/client/util/KubeConfig.java +++ b/util/src/main/java/io/kubernetes/client/util/KubeConfig.java @@ -13,6 +13,8 @@ package io.kubernetes.client.util; import io.kubernetes.client.util.authenticators.Authenticator; +import io.kubernetes.client.util.authenticators.AzureActiveDirectoryAuthenticator; +import io.kubernetes.client.util.authenticators.GCPAuthenticator; import java.io.File; import java.io.FileNotFoundException; import java.io.FileReader; @@ -58,6 +60,11 @@ public static void registerAuthenticator(Authenticator auth) { } } + static { + registerAuthenticator(new GCPAuthenticator()); + registerAuthenticator(new AzureActiveDirectoryAuthenticator()); + } + /** Load a Kubernetes config from the default location */ public static KubeConfig loadDefaultKubeConfig() throws FileNotFoundException { File config = new File(new File(System.getenv(ENV_HOME), KUBEDIR), KUBECONFIG); @@ -182,6 +189,8 @@ public String getAccessToken() { // TODO persist things here. } return auth.getToken(authConfig); + } else { + log.error("Unknown auth provider: " + name); } } } diff --git a/util/src/main/java/io/kubernetes/client/util/authenticators/AzureActiveDirectoryAuthenticator.java b/util/src/main/java/io/kubernetes/client/util/authenticators/AzureActiveDirectoryAuthenticator.java new file mode 100644 index 0000000000..42c5741135 --- /dev/null +++ b/util/src/main/java/io/kubernetes/client/util/authenticators/AzureActiveDirectoryAuthenticator.java @@ -0,0 +1,55 @@ +/* +Copyright 2018 The Kubernetes Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package io.kubernetes.client.util.authenticators; + +import io.kubernetes.client.util.KubeConfig; +import java.util.Date; +import java.util.Map; + +/** + * The Authenticator interface represents a plugin that can handle a specific type of authentication + * information (e.g. 'azure') + */ +public class AzureActiveDirectoryAuthenticator implements Authenticator { + static { + KubeConfig.registerAuthenticator(new AzureActiveDirectoryAuthenticator()); + } + + private static final String ACCESS_TOKEN = "access-token"; + private static final String EXPIRES_ON = "expires-on"; + + @Override + public String getName() { + return "azure"; + } + + @Override + public String getToken(Map config) { + return (String) config.get(ACCESS_TOKEN); + } + + @Override + public boolean isExpired(Map config) { + String expiresOn = (String) config.get(EXPIRES_ON); + Date expiry = new Date(Long.parseLong(expiresOn) * 1000); + if (expiry != null && expiry.compareTo(new Date()) <= 0) { + return true; + } + return false; + } + + @Override + public Map refresh(Map config) { + throw new RuntimeException("Unimplemented"); + } +}