Merge pull request #217 from brendandburns/auth

k8s-ci-robot · web-flow · commit 0aee44e1d6fa · 2019-03-08T07:11:26.000-08:00
Fix exec.
diff --git a/src/cloud_auth.ts b/src/cloud_auth.ts
@@ -19,6 +19,9 @@ interface Config {
 }
 export class CloudAuth implements Authenticator {
     public isAuthProvider(user: User): boolean {
+        if (!user || !user.authProvider) {
+            return false;
+        }
         return user.authProvider.name === 'azure' || user.authProvider.name === 'gcp';
     }
 
diff --git a/src/config.ts b/src/config.ts
@@ -276,13 +276,11 @@ export class KubeConfig {
         }
         let token: string | null = null;
 
-        if (user.authProvider && user.authProvider.config) {
-            KubeConfig.authenticators.forEach((authenticator: Authenticator) => {
-                if (authenticator.isAuthProvider(user)) {
-                    token = authenticator.getToken(user);
-                }
-            });
-        }
+        KubeConfig.authenticators.forEach((authenticator: Authenticator) => {
+            if (authenticator.isAuthProvider(user)) {
+                token = authenticator.getToken(user);
+            }
+        });
 
         if (user.token) {
             token = 'Bearer ' + user.token;
diff --git a/src/config_test.ts b/src/config_test.ts
@@ -816,6 +816,33 @@ describe('KubeConfig', () => {
                 expect(opts.headers.Authorization).to.equal(`Bearer ${token}`);
             }
         });
+        it('should exec with exec auth (other location)', () => {
+            const config = new KubeConfig();
+            const token = 'token';
+            const responseStr = `'{
+                "apiVersion": "client.authentication.k8s.io/v1beta1",
+                "kind": "ExecCredential",
+                "status": {
+                  "token": "${token}"
+                }
+              }'`;
+            config.loadFromClusterAndUser(
+                { skipTLSVerify: false } as Cluster,
+                {
+                    exec: {
+                        command: 'echo',
+                        args: [`${responseStr}`],
+                    },
+                } as User,
+            );
+            // TODO: inject the exec command here?
+            const opts = {} as requestlib.Options;
+            config.applyToRequest(opts);
+            expect(opts.headers).to.not.be.undefined;
+            if (opts.headers) {
+                expect(opts.headers.Authorization).to.equal(`Bearer ${token}`);
+            }
+        });
         it('should throw with no command.', () => {
             const config = new KubeConfig();
             config.loadFromClusterAndUser(
diff --git a/src/config_types.ts b/src/config_types.ts
@@ -1,5 +1,6 @@
 import * as fs from 'fs';
 import * as u from 'underscore';
+import { ExtensionsV1beta1RollbackConfig } from './api';
 
 export interface Cluster {
     readonly name: string;
@@ -38,6 +39,7 @@ export interface User {
     readonly name: string;
     readonly certData?: string;
     readonly certFile?: string;
+    readonly exec?: any;
     readonly keyData?: string;
     readonly keyFile?: string;
     readonly authProvider?: any;
diff --git a/src/exec_auth.ts b/src/exec_auth.ts
@@ -7,6 +7,15 @@ export class ExecAuth implements Authenticator {
     private readonly tokenCache: { [key: string]: any } = {};
 
     public isAuthProvider(user: User) {
+        if (!user) {
+            return false;
+        }
+        if (user.exec) {
+            return true;
+        }
+        if (!user.authProvider) {
+            return false;
+        }
         return (
             user.authProvider.name === 'exec' || (user.authProvider.config && user.authProvider.config.exec)
         );
@@ -25,18 +34,27 @@ export class ExecAuth implements Authenticator {
             }
             this.tokenCache[user.name] = null;
         }
-        const config = user.authProvider.config;
-        if (!config.exec.command) {
+        let exec: any = null;
+        if (user.authProvider && user.authProvider.config) {
+            exec = user.authProvider.config.exec;
+        }
+        if (user.exec) {
+            exec = user.exec;
+        }
+        if (!exec) {
+            return null;
+        }
+        if (!exec.command) {
             throw new Error('No command was specified for exec authProvider!');
         }
-        let cmd = config.exec.command;
-        if (config.exec.args) {
-            cmd = `${cmd} ${config.exec.args.join(' ')}`;
+        let cmd = exec.command;
+        if (exec.args) {
+            cmd = `${cmd} ${exec.args.join(' ')}`;
         }
         let opts: shell.ExecOpts;
-        if (config.exec.env) {
+        if (exec.env) {
             const env = {};
-            config.exec.env.forEach((elt) => (env[elt.name] = elt.value));
+            exec.env.forEach((elt) => (env[elt.name] = elt.value));
             opts = { env };
         }
         const result = shell.exec(cmd, opts);

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,9 @@ interface Config {`
`19`	`19`	`}`
`20`	`20`	`export class CloudAuth implements Authenticator {`
`21`	`21`	`public isAuthProvider(user: User): boolean {`
	`22`	`+ if (!user \|\| !user.authProvider) {`
	`23`	`+ return false;`
	`24`	`+ }`
`22`	`25`	`return user.authProvider.name === 'azure' \|\| user.authProvider.name === 'gcp';`
`23`	`26`	`}`
`24`	`27`