Skip to content

Commit

Permalink
Add support for Azure AAD based authentication.
Browse files Browse the repository at this point in the history
  • Loading branch information
@brendandburns
brendandburns committed Jul 14, 2018
1 parent aec5c99 commit 170774e
Show file tree
Hide file tree
Showing 2 changed files with 51 additions and 43 deletions.
50 changes: 25 additions & 25 deletions src/KubernetesClient/KubeConfigModels/UserCredentials.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,82 +3,82 @@ namespace k8s.KubeConfigModels
using System.Collections.Generic;
using YamlDotNet.RepresentationModel;
using YamlDotNet.Serialization;


/// <summary>
/// Contains information that describes identity information. This is use to tell the kubernetes cluster who you are.
/// </summary>
public class UserCredentials
{
{
/// <summary>
/// Gets or sets PEM-encoded data from a client cert file for TLS. Overrides <see cref="ClientCertificate"/>.
/// </summary>
[YamlMember(Alias = "client-certificate-data", ApplyNamingConventions = false)]
public string ClientCertificateData { get; set; }


/// <summary>
/// Gets or sets the path to a client cert file for TLS.
/// </summary>
[YamlMember(Alias = "client-certificate", ApplyNamingConventions = false)]
public string ClientCertificate { get; set; }


/// <summary>
/// Gets or sets PEM-encoded data from a client key file for TLS. Overrides <see cref="ClientKey"/>.
/// </summary>
[YamlMember(Alias = "client-key-data", ApplyNamingConventions = false)]
public string ClientKeyData { get; set; }


/// <summary>
/// Gets or sets the path to a client key file for TLS.
/// </summary>
[YamlMember(Alias = "client-key", ApplyNamingConventions = false)]
public string ClientKey { get; set; }


/// <summary>
/// Gets or sets the bearer token for authentication to the kubernetes cluster.
/// </summary>
[YamlMember(Alias = "token")]
public string Token { get; set; }


/// <summary>
/// Gets or sets the username to imperonate. The name matches the flag.
/// </summary>
[YamlMember(Alias = "as")]
public string Impersonate { get; set; }

/// </summary>
[YamlMember(Alias = "as")]
public string Impersonate { get; set; }

/// <summary>
/// Gets or sets the groups to imperonate.
/// </summary>
[YamlMember(Alias = "as-groups", ApplyNamingConventions = false)]
public IEnumerable<string> ImpersonateGroups { get; set; } = new string[0];

/// </summary>
[YamlMember(Alias = "as-groups", ApplyNamingConventions = false)]
public IEnumerable<string> ImpersonateGroups { get; set; } = new string[0];

/// <summary>
/// Gets or sets additional information for impersonated user.
/// </summary>
[YamlMember(Alias = "as-user-extra", ApplyNamingConventions = false)]
public Dictionary<string, string> ImpersonateUserExtra { get; set; } = new Dictionary<string, string>();

/// </summary>
[YamlMember(Alias = "as-user-extra", ApplyNamingConventions = false)]
public Dictionary<string, string> ImpersonateUserExtra { get; set; } = new Dictionary<string, string>();

/// <summary>
/// Gets or sets the username for basic authentication to the kubernetes cluster.
/// </summary>
[YamlMember(Alias = "username")]
public string UserName { get; set; }


/// <summary>
/// Gets or sets the password for basic authentication to the kubernetes cluster.
/// </summary>
[YamlMember(Alias = "password")]
public string Password { get; set; }


/// <summary>
/// Gets or sets custom authentication plugin for the kubernetes cluster.
/// </summary>
[YamlMember(Alias = "auth-provider", ApplyNamingConventions = false)]
public Dictionary<string, dynamic> AuthProvider { get; set; }

public AuthProvider AuthProvider { get; set; }

/// <summary>
/// Gets or sets additional information. This is useful for extenders so that reads and writes don't clobber unknown fields.
/// </summary>
[YamlMember(Alias = "extensions")]
/// </summary>
[YamlMember(Alias = "extensions")]
public IDictionary<string, dynamic> Extensions { get; set; }
}
}
44 changes: 26 additions & 18 deletions src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,8 @@ public partial class KubernetesClientConfiguration
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
/// </summary>
/// <param name="masterUrl">kube api server endpoint</param>
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
public static KubernetesClientConfiguration BuildConfigFromConfigFile(string kubeconfigPath = null,
string currentContext = null, string masterUrl = null, bool useRelativePaths = true)
Expand All @@ -42,8 +42,8 @@ public static KubernetesClientConfiguration BuildConfigFromConfigFile(string kub
/// </summary>
/// <param name="kubeconfig">Fileinfo of the kubeconfig, cannot be null</param>
/// <param name="currentContext">override the context in config file, set null if do not want to override</param>
/// <param name="masterUrl">override the kube api server endpoint, set null if do not want to override</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// <param name="masterUrl">override the kube api server endpoint, set null if do not want to override</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
public static KubernetesClientConfiguration BuildConfigFromConfigFile(FileInfo kubeconfig,
string currentContext = null, string masterUrl = null, bool useRelativePaths = true)
Expand Down Expand Up @@ -239,6 +239,14 @@ private void SetUserDetails(K8SConfiguration k8SConfig, Context activeContext)
userCredentialsFound = true;
}

if (userDetails.UserCredentials.AuthProvider != null) {
if (userDetails.UserCredentials.AuthProvider.Name == "azure" &&
userDetails.UserCredentials.AuthProvider.Config.ContainsKey("access-token")) {
AccessToken = userDetails.UserCredentials.AuthProvider.Config["access-token"];
userCredentialsFound = true;
}
}

if (!userCredentialsFound)
{
throw new KubeConfigException(
Expand All @@ -249,8 +257,8 @@ private void SetUserDetails(K8SConfiguration k8SConfig, Context activeContext)
/// <summary>
/// Loads entire Kube Config from default or explicit file path
/// </summary>
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static async Task<K8SConfiguration> LoadKubeConfigAsync(string kubeconfigPath = null, bool useRelativePaths = true)
Expand All @@ -263,8 +271,8 @@ public static async Task<K8SConfiguration> LoadKubeConfigAsync(string kubeconfig
/// <summary>
/// Loads entire Kube Config from default or explicit file path
/// </summary>
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static K8SConfiguration LoadKubeConfig(string kubeconfigPath = null, bool useRelativePaths = true)
Expand All @@ -275,8 +283,8 @@ public static K8SConfiguration LoadKubeConfig(string kubeconfigPath = null, bool
// <summary>
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfig">Kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// <param name="kubeconfig">Kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static async Task<K8SConfiguration> LoadKubeConfigAsync(FileInfo kubeconfig, bool useRelativePaths = true)
Expand All @@ -288,12 +296,12 @@ public static async Task<K8SConfiguration> LoadKubeConfigAsync(FileInfo kubeconf

using (var stream = kubeconfig.OpenRead())
{
var config = await Yaml.LoadFromStreamAsync<K8SConfiguration>(stream);

if (useRelativePaths)
{
config.FileName = kubeconfig.FullName;
}
var config = await Yaml.LoadFromStreamAsync<K8SConfiguration>(stream);

if (useRelativePaths)
{
config.FileName = kubeconfig.FullName;
}

return config;
}
Expand All @@ -302,8 +310,8 @@ public static async Task<K8SConfiguration> LoadKubeConfigAsync(FileInfo kubeconf
/// <summary>
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfig">Kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// <param name="kubeconfig">Kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static K8SConfiguration LoadKubeConfig(FileInfo kubeconfig, bool useRelativePaths = true)
Expand Down

0 comments on commit 170774e

Please sign in to comment.