Fix #2612: add support for checking latest kubeconfig if receiving HT…

…TP_UNAUTHORIZED

kubernetes-client/src/main/java/io/fabric8/kubernetes/client/utils/HttpClientUtils.java

@@ -19,7 +19,6 @@
 import io.fabric8.kubernetes.api.model.ListOptions;
 import io.fabric8.kubernetes.client.Config;
 import io.fabric8.kubernetes.client.KubernetesClientException;
-import io.fabric8.kubernetes.client.internal.KubeConfigUtils;
 import io.fabric8.kubernetes.client.internal.SSLUtils;
 import okhttp3.*;
 import okhttp3.logging.HttpLoggingInterceptor;
@@ -30,8 +29,6 @@
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
-import java.io.File;
-import java.net.HttpURLConnection;
 import java.net.InetSocketAddress;
 import java.net.MalformedURLException;
 import java.net.Proxy;
@@ -152,7 +149,7 @@ private static OkHttpClient createHttpClient(final Config config, final Consumer
             }
             return chain.proceed(request);
           }).addInterceptor(new ImpersonatorInterceptor(config))
-            .addInterceptor(new OIDCTokenRefreshInterceptor(config))
+            .addInterceptor(new TokenRefreshInterceptor(config))
             .addInterceptor(new BackwardsCompatibilityInterceptor());
 
             Logger reqLogger = LoggerFactory.getLogger(HttpLoggingInterceptor.class);

kubernetes-client/src/main/java/io/fabric8/kubernetes/client/utils/OIDCTokenRefreshInterceptor.java → kubernetes-client/src/main/java/io/fabric8/kubernetes/client/utils/TokenRefreshInterceptor.java

@@ -30,9 +30,9 @@
 /**
  * Interceptor for handling expired OIDC tokens.
  */
-public class OIDCTokenRefreshInterceptor implements Interceptor {
+public class TokenRefreshInterceptor implements Interceptor {
   private Config config;
-  public OIDCTokenRefreshInterceptor(Config config) {
+  public TokenRefreshInterceptor(Config config) {
     this.config = config;
   }
 
@@ -43,13 +43,22 @@ public Response intercept(Chain chain) throws IOException {
     if (response.code() == HttpURLConnection.HTTP_UNAUTHORIZED) {
       io.fabric8.kubernetes.api.model.Config kubeConfig = KubeConfigUtils.parseConfig(new File(Config.getKubeconfigFilename()));
       Context currentContext = null;
+      String currentContextName = null;
       if (config.getCurrentContext() != null) {
         currentContext = config.getCurrentContext().getContext();
+        currentContextName = config.getCurrentContext().getName();
       }
       AuthInfo currentAuthInfo = KubeConfigUtils.getUserAuthInfo(kubeConfig, currentContext);
       // Check if AuthProvider is set or not
       if (currentAuthInfo != null && currentAuthInfo.getAuthProvider() != null) {
-        String newAccessToken = OpenIDConnectionUtils.resolveOIDCTokenFromAuthConfig(currentAuthInfo.getAuthProvider().getConfig());
+        response.close();
+        String newAccessToken;
+        if (currentAuthInfo.getAuthProvider().toLowerCase().equals("oidc")) {
+          newAccessToken = OpenIDConnectionUtils.resolveOIDCTokenFromAuthConfig(currentAuthInfo.getAuthProvider().getConfig());
+        } else {
+          Config newestConfig = Config.autoConfigure(currentContextName);
+          newAccessToken = newestConfig.getOauthToken();
+        }
         // Delete old Authorization header and append new one
         Request authReqWithUpdatedToken = chain.request().newBuilder()
           .header("Authorization", "Bearer " + newAccessToken).build();