Merge pull request #104 from vidispine/fixes-1.29

explicit auth type selection

Author: gre9ory

hull-vidispine-addon/Chart.yaml

@@ -3,4 +3,4 @@ apiVersion: v1
 appVersion: 1.29.0
 description: hull-vidispine-addon
 name: hull-vidispine-addon
-version: 1.29.1
+version: 1.29.2

hull-vidispine-addon/README.md

@@ -70,7 +70,8 @@ Describes an endpoint which is communicated with. <br>Has exclusively the follow
 | Parameter                       | Description                                                     | Defaults                 |                  Example |
 | ------------------------------- | ----------------------------------------------------------------| -----------------------------| -----------------------------------------|
 | `endpoint` | The HTTP/HTTPS path to the endpoint API <br><br>If this is not defined, nothing will be attempted to be written to this endpoint | | `https://vpms3testsystem.westeurope.cloudapp.azure.com:19081/Authentication/Core`<br>or<br>`http://dv-ndr-plat4.s4m.de:31060` 
-| `auth` | Defines how to authenticate at the given endpoint<br><br>Has one of following keys:<br>`basic`<br>`token`<br>`session` |
+| `auth` | Defines how to authenticate at the given endpoint<br><br>Has one of following keys:<br>`type`<br>`basic`<br>`token`<br>`session` |
+| `auth.type` | Defines the explicit type of authentication to use, must be either `session`, `token` or `basic`. If not set the first defined authentication method is used. | | `type:`&#160;`basic`
 | `auth.basic` | Defines basic authentication for connecting to API | | `env:`<br>&#160;&#160;`username:`&#160;`VIDICORE_ADMIN_USERNAME`<br>&#160;&#160;`password:`&#160;`VIDICORE_ADMIN_PASSWORD`
 | `auth.basic.env.username` | Defines the environment variable that holds the username for basic auth.<br><br>Note:<br>If the `username` to be used is not contained in the automatically created `auth` or pod specific secret, the secret holding the `username` must be mounted to the container to populate the `username` environment variable
 | `auth.basic.env.password` | Defines the environment variable that holds the password for basic auth.<br><br>Note:<br>If the `password` to be used is not contained in the automatically created `auth` or pod specific secret, the secret holding the `password` must be mounted to the container to populate the `password` environment variable

hull-vidispine-addon/hull-vidispine-addon.yaml

@@ -152,7 +152,7 @@ hull:
                     body:
                       client_id: $env:CLIENT_CONFIGPORTAL_INSTALLATION_ID
                       client_secret: $env:CLIENT_CONFIGPORTAL_INSTALLATION_SECRET
-                      grantType: client_credentials
+                      grant_type: client_credentials
                       scope: 'configportalscope'
                     headers:
                       Content-Type: "application/x-www-form-urlencoded"
@@ -1272,9 +1272,20 @@ hull:
                   # Set ContentType Header always
                   $headers.Add("Content-Type", $contentType)
                   $headers.Add("Accept", $contentType)
-                                    
                   $authHeader = [String]::Empty
-                  if ($null -ne $auth.session)
+
+                  $explicitAuthType = $false
+                  if ($null -ne $auth.type) 
+                  {
+                    $this.WriteLog("++++ Auth type is explicitly set to '$($auth.type)'")
+                    $explicitAuthType = $true
+                  }
+                  else
+                  {
+                    $this.WriteLog("++++ No explitit auth type is set, selecting first one defined.")
+                  }
+
+                  if ($null -ne $auth.session -and (-not $explicitAuthType -or ($explicitAuthType -and $auth.type -eq "session"))) 
                   {
                     if ($null -ne $this._sessionCookies)
                     {
@@ -1286,12 +1297,12 @@ hull:
                       $this.GetAccess($auth.session, "session")
                     }
                   }
-                  if ($null -ne $auth.token)
+                  if ($null -ne $auth.token -and (-not $explicitAuthType -or ($explicitAuthType -and $auth.type -eq "token")))
                   {
                     $accessToken = $this.GetAccess($auth.token, "token")
                     $authHeader = "Bearer $accessToken"
                   }
-                  if ($null -ne $auth.basic)
+                  if ($null -ne $auth.basic -and (-not $explicitAuthType -or ($explicitAuthType -and $auth.type -eq "basic")))
                   {
                     $authHeader = "Basic $([Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes([environment]::GetEnvironmentVariable($auth.basic.env.username,"Process") + ":" + [environment]::GetEnvironmentVariable($auth.basic.env.password,"Process"))))"
                     $this.WriteLog("++++ Using Basic Auth for User '$([Text.Encoding]::ASCII.GetBytes([environment]::GetEnvironmentVariable($auth.basic.env.username,"Process")))'. Password is $(if ([environment]::GetEnvironmentVariable($auth.basic.env.password,"Process") -ne [String]::Empty) {"not "} else {" "} )empty.")