Make Config use ClientBuilder

Author: lewisheadden

util/src/main/java/io/kubernetes/client/util/Config.java

@@ -13,6 +13,8 @@
 package io.kubernetes.client.util;
 
 import io.kubernetes.client.ApiClient;
+import io.kubernetes.client.util.credentials.AccessTokenCredentialProvider;
+import io.kubernetes.client.util.credentials.UsernamePasswordCredentialProvider;
 import java.io.ByteArrayInputStream;
 import okio.ByteString;
 import org.apache.log4j.Logger;
@@ -41,26 +43,11 @@ public class Config {
     public static final String ENV_SERVICE_PORT = "KUBERNETES_SERVICE_PORT";
     // The last resort host to try
     public static final String DEFAULT_FALLBACK_HOST = "http://localhost:8080";
-    public static final Charset BASIC_AUTH_CHARSET = Charset.forName("ISO-8859-1");
 
     private static final Logger log = Logger.getLogger(Config.class);
 
     public static ApiClient fromCluster() throws IOException {
-        String host = System.getenv(ENV_SERVICE_HOST);
-        String port = System.getenv(ENV_SERVICE_PORT);
-
-        FileInputStream caCert = new FileInputStream(SERVICEACCOUNT_CA_PATH);
-        BufferedReader tokenReader = new BufferedReader(new FileReader(SERVICEACCOUNT_TOKEN_PATH));
-        StringBuilder builder = new StringBuilder();
-        for (String line = tokenReader.readLine(); line != null; line = tokenReader.readLine()) {
-            builder.append(line);
-        }
-        ApiClient result = new ApiClient();
-        result.setBasePath("https://" + host + ":" + port);
-        result.setSslCaCert(caCert);
-        result.setApiKey("Bearer " + builder.toString());
-
-        return result;
+        return ClientBuilder.fromCluster().build();
     }
 
     public static ApiClient fromUrl(String url) {
@@ -78,95 +65,41 @@ public static ApiClient fromUserPassword(String url, String user, String passwor
     }
 
     public static ApiClient fromUserPassword(String url, String user, String password, boolean validateSSL) {
-        ApiClient client = fromUrl(url, validateSSL);
-        final String usernameAndPassword = user + ":" + password;
-        client.setApiKeyPrefix("Basic");
-        client.setApiKey(ByteString.of(usernameAndPassword.getBytes(BASIC_AUTH_CHARSET)).base64());
-        return client;
+        return new ClientBuilder()
+            .setBasePath(url)
+            .setCredentialProvider(new UsernamePasswordCredentialProvider(user, password))
+            .setVerifyingSsl(validateSSL)
+            .build();
     }
 
     public static ApiClient fromToken(String url, String token) {
         return fromToken(url, token, true);
     }
 
     public static ApiClient fromToken(String url, String token, boolean validateSSL) {
-        ApiClient client = fromUrl(url, validateSSL);
-        client.setApiKeyPrefix("Bearer");
-        client.setApiKey(token);
-        return client;
+        return new ClientBuilder()
+            .setBasePath(url)
+            .setCredentialProvider(new AccessTokenCredentialProvider(token))
+            .setVerifyingSsl(validateSSL)
+            .build();
     }
 
     public static ApiClient fromConfig(String fileName) throws IOException {
         return fromConfig(new FileReader(fileName));
     }
 
-    public static ApiClient fromConfig(InputStream stream) {
+    public static ApiClient fromConfig(InputStream stream) throws IOException {
         return fromConfig(new InputStreamReader(stream));
     }
 
-    public static ApiClient fromConfig(Reader input) {
+    public static ApiClient fromConfig(Reader input) throws IOException {
         return fromConfig(KubeConfig.loadKubeConfig(input));
     }
 
-    public static ApiClient fromConfig(KubeConfig config) {
-        ApiClient client = new ApiClient();
-        String server = config.getServer();
-        if (!server.startsWith("http://") && !server.startsWith("https://")) {
-            if (server.indexOf(":443") != -1) {
-                server = "https://" + server;
-            } else {
-                server = "http://" + server;
-            }
-        }
-        client.setBasePath(server);
-
-        try {
-            KeyManager[] mgrs = SSLUtils.keyManagers(
-                KubeConfig.getDataOrFile(config.getClientCertificateData(), config.getClientCertificateFile()),
-                KubeConfig.getDataOrFile(config.getClientKeyData(), config.getClientKeyFile()),
-                "RSA", "",
-                null, null);
-            client.setKeyManagers(mgrs);
-        } catch (Exception ex) {
-            log.error("Failed to invoke build key managers", ex);
-        }
-
-        if (config.verifySSL()) {
-            // It's silly to have to do it in this order, but each SSL setup
-            // consumes the CA cert, so if we do this before the client certs
-            // are injected the cert input stream is exhausted and things get
-            // grumpy
-            String caCert = config.getCertificateAuthorityData();
-            String caCertFile = config.getCertificateAuthorityFile();
-            if (caCert != null || caCertFile != null) {
-                try {
-                    client.setSslCaCert(new ByteArrayInputStream(KubeConfig.getDataOrFile(caCert, caCertFile)));
-                } catch (IOException ex) {
-                    log.error("Failed to read CA Cert file", ex);
-                }
-            }
-        } else {
-            client.setVerifyingSsl(false);
-        }
-
-        String token = config.getAccessToken();
-        if (token != null) {
-            // This is kind of a hack, except not, because I don't think we actually
-            // want to use oauth here.
-            client.setApiKey("Bearer " + token);
-        }
-
-        String username = config.getUsername();
-        if (username != null) {
-            client.setUsername(username);
-        }
-
-        String password = config.getPassword();
-        if (password != null) {
-            client.setPassword(password);
-        }
-
-        return client;
+    public static ApiClient fromConfig(KubeConfig config) throws IOException {
+        return ClientBuilder
+            .fromKubeConfig(config)
+            .build();
     }
 
     /**
@@ -181,23 +114,6 @@ public static ApiClient fromConfig(KubeConfig config) {
      * @return The best APIClient given the previously described rules
      */
     public static ApiClient defaultClient() throws IOException {
-        String kubeConfig = System.getenv(ENV_KUBECONFIG);
-        if (kubeConfig != null) {
-            return fromConfig(new FileReader(kubeConfig));
-        }
-        File config = new File(
-            new File(System.getenv(KubeConfig.ENV_HOME),
-                     KubeConfig.KUBEDIR),
-            KubeConfig.KUBECONFIG);
-        if (config.exists()) {
-            return fromConfig(new FileReader(config));
-        }
-        File clusterCA = new File(SERVICEACCOUNT_CA_PATH);
-        if (clusterCA.exists()) {
-            return fromCluster();
-        }
-        ApiClient client = new ApiClient();
-        client.setBasePath(DEFAULT_FALLBACK_HOST);
-        return client;
+        return ClientBuilder.defaults().build();
     }
 }