rancher 2.6 hotfixes

[johnewhitley]

…ed the logic to use created at plus ttl

[johnewhitley]

This is definitely a shim fix propsoal for now. Will look at trying to improve handeling empty strings for expiredAt when I get some more time

[johnewhitley]

I definitely don’t really want this PR to get merged in ^^ since it’s an OS repo and others might use it.
I think the PR needs some love in being able to handle an empty string for expiresAt and change it’s calculation to use createdAT + TTL = expires time if expiresAt is empty.
I was more or so working fast with Ryan to test the fix rancher mentioned from kubeconfig to json on line 55 of client.go and then ran into the time parsing errors.

Example payload from the API:

{
  “authProvider”: “activedirectory”,
  “baseType”: “token”,
  “clusterId”: null,
  “created”: “2022-07-08T20:59:16Z”,
  “createdTS”: 1657313956000,
  “creatorId”: null,
  “current”: false,
  “description”: “”,
  “enabled”: true,
  “expired”: false,
  “expiresAt”: “”,
  “groupPrincipals”: null,
  “id”: “token-855qm”,
  “isDerived”: false,
  “labels”: {
    “authn.management.cattle.io/kind”: “session”,
    “authn.management.cattle.io/token-userId”: “u-xspkfzqum5”,
    “cattle.io/creator”: “norman”
  },
  “lastUpdateTime”: “”,
  “links”: {
    “self”: “https://rancher-np-ssc.homedepot.com/v3-public/tokens/token-855qm”
  },
  “name”: “token-855qm”,
  “token”: “notsharingmyrealtokenlol”,
  “ttl”: 28800000,
  “type”: “token”,
  “userId”: “u-xspkfzqum5”,
  “userPrincipal”: “map[displayName:JEW1F2S loginName:JEW1F2S me:true metadata:map[creationTimestamp:<nil> name:activedirectory_user://CN=JEW1F2S,OU=Corp,OU=Associates,OU=THD Accounts,DC=amer,DC=homedepot,DC=com] principalType:user provider:activedirectory]“,
  “uuid”: “fb6c027e-c209-4187-a823-4883abc1cf59"
}

[johnewhitley]

Alright I think this is the best possible solve for now. It handles expiresAt empty strings.

[johnewhitley]

I feel pretty good about this merge to master.