Implement basic authentication

frincon · frincon · commit 314149f84b20 · 2020-06-22T21:40:34.000+08:00
diff --git a/kubernetes-client/src/Kubernetes/Client/Auth/Basic.hs b/kubernetes-client/src/Kubernetes/Client/Auth/Basic.hs
@@ -0,0 +1,45 @@
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards   #-}
+module Kubernetes.Client.Auth.Basic where
+
+import           Data.ByteString.Base64         ( encode )
+import           Data.Function                  ( (&) )
+import           Data.Monoid                    ( (<>) )
+import           Data.Text                      ( Text )
+import           Kubernetes.Client.Auth.Internal.Types
+import           Kubernetes.OpenAPI.Core
+import           Kubernetes.Client.KubeConfig
+
+import qualified Data.Text.Encoding            as T
+import qualified Lens.Micro                    as L
+
+
+data BasicAuth = BasicAuth { basicAuthUsername :: Text
+                           , basicAuthPassword :: Text
+                           }
+
+instance AuthMethod BasicAuth where
+  applyAuthMethod _ BasicAuth{..} req =
+    pure
+      $           req
+      `setHeader` toHeader ("authorization", "Basic " <> encodeBasicAuth)
+      &           L.set rAuthTypesL []
+    where
+      encodeBasicAuth = T.decodeUtf8 $ encode $ T.encodeUtf8 $ basicAuthUsername <> ":" <> basicAuthPassword
+
+-- |Detects if username and password is specified in AuthConfig, if it is configures 'KubernetesClientConfig' with 'BasicAuth'
+basicAuth :: DetectAuth
+basicAuth auth (tlsParams, cfg) = do
+  u <- username auth
+  p <- password auth
+  return $ return (tlsParams, setBasicAuth u p cfg)
+
+-- |Configures the 'KubernetesClientConfig' to use basic authentication.
+setBasicAuth
+  :: Text                 -- ^Username
+  -> Text                 -- ^Password
+  -> KubernetesClientConfig
+  -> KubernetesClientConfig
+setBasicAuth u p kcfg = kcfg
+  { configAuthMethods = [AnyAuthMethod (BasicAuth u p)]
+  }
diff --git a/kubernetes-client/src/Kubernetes/Client/Config.hs b/kubernetes-client/src/Kubernetes/Client/Config.hs
@@ -44,6 +44,7 @@ import           Data.Maybe
 import qualified Data.Text                     as T
 import qualified Data.Text.Encoding            as T
 import           Data.Yaml
+import           Kubernetes.Client.Auth.Basic
 import           Kubernetes.Client.Auth.ClientCert
 import           Kubernetes.Client.Auth.GCP
 import           Kubernetes.Client.Auth.OIDC
@@ -172,3 +173,4 @@ applyAuthSettings oidcCache auth input =
     <|> tokenFileAuth auth input
     <|> gcpAuth auth input
     <|> cachedOIDCAuth oidcCache auth input
+    <|> basicAuth auth input
