Parse clientCertificateData/clientKeyData from auth plugins (#479)

Frassle · web-flow · commit c47babf203f0 · 2020-09-18T21:56:28.000-07:00
* Parse clientCertificateData/clientKeyData from auth plugins

Currently ExecuteExternalCommand crashes with a key not found error if
it runs a certificate based (rather than token based) plugin. This
commit will now return either the token string, or the certificate and
key strings which are then used to set the relevant fields on the
configuration object.

* Fix formatting

* Use new return style
diff --git a/src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs b/src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs
@@ -389,8 +389,10 @@ private void SetUserDetails(K8SConfiguration k8SConfig, Context activeContext)
                     throw new KubeConfigException("External command execution missing ApiVersion key");
                 }
 
-                var token = ExecuteExternalCommand(userDetails.UserCredentials.ExternalExecution);
-                AccessToken = token;
+                var (accessToken, clientCertificateData, clientCertificateKeyData) = ExecuteExternalCommand(userDetails.UserCredentials.ExternalExecution);
+                AccessToken = accessToken;
+                ClientCertificateData = clientCertificateData;
+                ClientCertificateKeyData = clientCertificateKeyData;
 
                 userCredentialsFound = true;
             }
@@ -458,8 +460,10 @@ public static Process CreateRunnableExternalProcess(ExternalExecution config)
         /// https://github.com/kubernetes-client/python-base/blob/master/config/exec_provider.py
         /// </summary>
         /// <param name="config">The external command execution configuration</param>
-        /// <returns>The token received from the external command execution</returns>
-        public static string ExecuteExternalCommand(ExternalExecution config)
+        /// <returns>
+        /// The token, client certificate data, and the client key data received from the external command execution
+        /// </returns>
+        public static (string, string, string) ExecuteExternalCommand(ExternalExecution config)
         {
             var process = CreateRunnableExternalProcess(config);
 
@@ -491,7 +495,22 @@ public static string ExecuteExternalCommand(ExternalExecution config)
                         $"external exec failed because api version {responseObject.ApiVersion} does not match {config.ApiVersion}");
                 }
 
-                return responseObject.Status["token"];
+                if (responseObject.Status.ContainsKey("token"))
+                {
+                    return (responseObject.Status["token"], null, null);
+                }
+                else if (responseObject.Status.ContainsKey("clientCertificateData"))
+                {
+                    if (!responseObject.Status.ContainsKey("clientKeyData"))
+                    {
+                        throw new KubeConfigException($"external exec failed missing clientKeyData field in plugin output");
+                    }
+                    return (null, responseObject.Status["clientCertificateData"], responseObject.Status["clientKeyData"]);
+                }
+                else
+                {
+                    throw new KubeConfigException($"external exec failed missing token or clientCertificateData field in plugin output");
+                }
             }
             catch (JsonSerializationException ex)
             {
