From 668a6249bc0ec500035238de220641637136184e Mon Sep 17 00:00:00 2001 From: natarajr Date: Mon, 18 Apr 2022 00:42:35 -0700 Subject: [PATCH] Fixing authcheck on login --- pkg/auth/auth.go | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go index 39a8a3b0..64f00f2d 100644 --- a/pkg/auth/auth.go +++ b/pkg/auth/auth.go @@ -77,9 +77,7 @@ func ReconcileAzureStackHCIAccess(ctx context.Context, cli client.Client, cloudF if strings.ToLower(os.Getenv("WSSD_DEBUG_MODE")) != "on" { _, err := os.Stat(wssdconfigpath) if err != nil { - if err := login(ctx, cli, cloudFqdn); err != nil { - return nil, err - } + return login(ctx, cli, cloudFqdn) } go UpdateLoginConfig(ctx, cli) } @@ -90,11 +88,7 @@ func ReconcileAzureStackHCIAccess(ctx context.Context, cli client.Client, cloudF return nil, errors.Wrap(err, "error: new authorizer failed") } // Login if certificate expired - if err := login(ctx, cli, cloudFqdn); err != nil { - return nil, err - } - // create new authorization - return auth.NewAuthorizerFromEnvironment(cloudFqdn) + return login(ctx, cli, cloudFqdn) } return authorizer, nil } @@ -124,48 +118,50 @@ func UpdateLoginConfig(ctx context.Context, cli client.Client) { } -func login(ctx context.Context, cli client.Client, cloudFqdn string) error { +func login(ctx context.Context, cli client.Client, cloudFqdn string) (auth.Authorizer, error) { wssdconfigpath := os.Getenv("WSSD_CONFIG_PATH") if wssdconfigpath == "" { - return errors.New("ReconcileAzureStackHCIAccess: Environment variable WSSD_CONFIG_PATH is not set") + return nil, errors.New("ReconcileAzureStackHCIAccess: Environment variable WSSD_CONFIG_PATH is not set") } mut.Lock() defer mut.Unlock() if _, err := os.Stat(wssdconfigpath); err == nil { - return nil + if authorizer, err := auth.NewAuthorizerFromEnvironment(cloudFqdn); err == nil { + return authorizer, nil + } } klog.Infof("AzureStackHCI: Login attempt") secret, err := GetSecret(ctx, cli, AzHCIAccessCreds) if err != nil { - return errors.Wrap(err, "failed to create wssd session, missing login credentials secret") + return nil, errors.Wrap(err, "failed to create wssd session, missing login credentials secret") } data, ok := secret.Data[AzHCIAccessTokenFieldName] if !ok { - return errors.New("error: could not parse kubernetes secret") + return nil, errors.New("error: could not parse kubernetes secret") } loginconfig := auth.LoginConfig{} err = config.LoadYAMLConfig(string(data), &loginconfig) if err != nil { - return errors.Wrap(err, "failed to create wssd session: parse yaml login config failed") + return nil, errors.Wrap(err, "failed to create wssd session: parse yaml login config failed") } authenticationClient, err := authentication.NewAuthenticationClientAuthMode(cloudFqdn, loginconfig) if err != nil { - return err + return nil, err } _, err = authenticationClient.LoginWithConfig(ctx, "", loginconfig, true) if err != nil && !azurestackhci.ResourceAlreadyExists(err) { - return errors.Wrap(err, "failed to create wssd session: login failed") + return nil, errors.Wrap(err, "failed to create wssd session: login failed") } if _, err := os.Stat(wssdconfigpath); err != nil { - return errors.Wrapf(err, "Missing wssdconfig %s after login", wssdconfigpath) + return nil, errors.Wrapf(err, "Missing wssdconfig %s after login", wssdconfigpath) } klog.Infof("AzureStackHCI: Login successful") - return nil + return auth.NewAuthorizerFromEnvironment(cloudFqdn) } func GetSecret(ctx context.Context, cli client.Client, name string) (*corev1.Secret, error) {