diff --git a/pkg/providers/all/all.go b/pkg/providers/all/all.go index 2d2371676bb7..7d4ee389078e 100644 --- a/pkg/providers/all/all.go +++ b/pkg/providers/all/all.go @@ -27,6 +27,7 @@ import ( // Alias these methods, so that folks can import this to get all providers. var ( - Enabled = providers.Enabled - Provide = providers.Provide + Enabled = providers.Enabled + Provide = providers.Provide + ExplicitProvide = providers.ExplicitProvide ) diff --git a/pkg/providers/interface.go b/pkg/providers/interface.go index 8ed4f1eaefe1..886d61005a93 100644 --- a/pkg/providers/interface.go +++ b/pkg/providers/interface.go @@ -83,3 +83,18 @@ func Provide(ctx context.Context, audience string) (string, error) { } return id, err } + +// ExplicitProvide fetches an OIDC token from the specified provider +func ExplicitProvide(ctx context.Context, audience, provider string) (string, error) { + m.Lock() + defer m.Unlock() + + p, ok := providers[provider] + if !ok { + return "", fmt.Errorf("%s is not a valid provider", provider) + } + if !p.Enabled(ctx) { + return "", fmt.Errorf("provider %s is not enabled, check providers.Enabled() before providers.ExplicitProvide()", provider) + } + return p.Provide(ctx, audience) +}