Add support for Azure AAD based authentication.

brendandburns · brendandburns · commit f73940628450 · 2018-07-13T22:26:50.000-07:00
diff --git a/src/KubernetesClient/KubeConfigModels/AuthProvider.cs b/src/KubernetesClient/KubeConfigModels/AuthProvider.cs
@@ -0,0 +1,24 @@
+namespace k8s.KubeConfigModels
+{
+    using System.Collections.Generic;
+    using YamlDotNet.RepresentationModel;
+    using YamlDotNet.Serialization;
+
+    /// <summary>
+    /// Contains information that describes identity information.  This is use to tell the kubernetes cluster who you are.
+    /// </summary>
+    public class AuthProvider {
+        /// <summary>
+        /// Gets or sets the nickname for this auth provider.
+        /// </summary>
+        [YamlMember(Alias = "name")]
+        public string Name { get; set; }
+
+        /// <summary>
+        /// Gets or sets the configuration for this auth provider
+        /// </summary>
+        [YamlMember(Alias = "config")]
+        public Dictionary<string, string> Config { get; set; }
+
+    }
+}
diff --git a/src/KubernetesClient/KubeConfigModels/UserCredentials.cs b/src/KubernetesClient/KubeConfigModels/UserCredentials.cs
@@ -3,82 +3,82 @@ namespace k8s.KubeConfigModels
     using System.Collections.Generic;
     using YamlDotNet.RepresentationModel;
     using YamlDotNet.Serialization;
-
+
     /// <summary>
     /// Contains information that describes identity information.  This is use to tell the kubernetes cluster who you are.
     /// </summary>
     public class UserCredentials
-    {
+    {
         /// <summary>
         /// Gets or sets PEM-encoded data from a client cert file for TLS. Overrides <see cref="ClientCertificate"/>.
         /// </summary>
         [YamlMember(Alias = "client-certificate-data", ApplyNamingConventions = false)]
         public string ClientCertificateData { get; set; }
-
+
         /// <summary>
         /// Gets or sets the path to a client cert file for TLS.
         /// </summary>
         [YamlMember(Alias = "client-certificate", ApplyNamingConventions = false)]
         public string ClientCertificate { get; set; }
-
+
         /// <summary>
         /// Gets or sets PEM-encoded data from a client key file for TLS. Overrides <see cref="ClientKey"/>.
         /// </summary>
         [YamlMember(Alias = "client-key-data", ApplyNamingConventions = false)]
         public string ClientKeyData { get; set; }
-
+
         /// <summary>
         /// Gets or sets the path to a client key file for TLS.
         /// </summary>
         [YamlMember(Alias = "client-key", ApplyNamingConventions = false)]
         public string ClientKey { get; set; }
-
+
         /// <summary>
         /// Gets or sets the bearer token for authentication to the kubernetes cluster.
         /// </summary>
         [YamlMember(Alias = "token")]
         public string Token { get; set; }
-
+
         /// <summary>
         /// Gets or sets the username to imperonate. The name matches the flag.
-        /// </summary>
-        [YamlMember(Alias = "as")]
-        public string Impersonate { get; set; }
-
+        /// </summary>
+        [YamlMember(Alias = "as")]
+        public string Impersonate { get; set; }
+
         /// <summary>
         /// Gets or sets the groups to imperonate.
-        /// </summary>
-        [YamlMember(Alias = "as-groups", ApplyNamingConventions = false)]
-        public IEnumerable<string> ImpersonateGroups { get; set; } = new string[0];
-
+        /// </summary>
+        [YamlMember(Alias = "as-groups", ApplyNamingConventions = false)]
+        public IEnumerable<string> ImpersonateGroups { get; set; } = new string[0];
+
         /// <summary>
         /// Gets or sets additional information for impersonated user.
-        /// </summary>
-        [YamlMember(Alias = "as-user-extra", ApplyNamingConventions = false)]
-        public Dictionary<string, string> ImpersonateUserExtra { get; set; } = new Dictionary<string, string>();
-
+        /// </summary>
+        [YamlMember(Alias = "as-user-extra", ApplyNamingConventions = false)]
+        public Dictionary<string, string> ImpersonateUserExtra { get; set; } = new Dictionary<string, string>();
+
         /// <summary>
         /// Gets or sets the username for basic authentication to the kubernetes cluster.
         /// </summary>
         [YamlMember(Alias = "username")]
         public string UserName { get; set; }
-
+
         /// <summary>
         /// Gets or sets the password for basic authentication to the kubernetes cluster.
         /// </summary>
         [YamlMember(Alias = "password")]
         public string Password { get; set; }
-
+
         /// <summary>
         /// Gets or sets custom authentication plugin for the kubernetes cluster.
         /// </summary>
         [YamlMember(Alias = "auth-provider", ApplyNamingConventions = false)]
-        public Dictionary<string, dynamic> AuthProvider { get; set; }
-
+        public AuthProvider AuthProvider { get; set; }
+
         /// <summary>
         /// Gets or sets additional information. This is useful for extenders so that reads and writes don't clobber unknown fields.
-        /// </summary>
-        [YamlMember(Alias = "extensions")]
+        /// </summary>
+        [YamlMember(Alias = "extensions")]
         public IDictionary<string, dynamic> Extensions { get; set; }
     }
 }
diff --git a/src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs b/src/KubernetesClient/KubernetesClientConfiguration.ConfigFile.cs
@@ -28,8 +28,8 @@ public partial class KubernetesClientConfiguration
         ///     Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
         /// </summary>
         /// <param name="masterUrl">kube api server endpoint</param>
-        /// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
-        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
+        /// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
+        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
         /// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
         public static KubernetesClientConfiguration BuildConfigFromConfigFile(string kubeconfigPath = null,
             string currentContext = null, string masterUrl = null, bool useRelativePaths = true)
@@ -42,8 +42,8 @@ public static KubernetesClientConfiguration BuildConfigFromConfigFile(string kub
         /// </summary>
         /// <param name="kubeconfig">Fileinfo of the kubeconfig, cannot be null</param>
         /// <param name="currentContext">override the context in config file, set null if do not want to override</param>
-        /// <param name="masterUrl">override the kube api server endpoint, set null if do not want to override</param>
-        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
+        /// <param name="masterUrl">override the kube api server endpoint, set null if do not want to override</param>
+        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
         /// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
         public static KubernetesClientConfiguration BuildConfigFromConfigFile(FileInfo kubeconfig,
             string currentContext = null, string masterUrl = null, bool useRelativePaths = true)
@@ -239,6 +239,14 @@ private void SetUserDetails(K8SConfiguration k8SConfig, Context activeContext)
                 userCredentialsFound = true;
             }
 
+            if (userDetails.UserCredentials.AuthProvider != null) {
+                if (userDetails.UserCredentials.AuthProvider.Name == "azure" &&
+                    userDetails.UserCredentials.AuthProvider.Config.ContainsKey("access-token")) {
+                    AccessToken = userDetails.UserCredentials.AuthProvider.Config["access-token"];
+                    userCredentialsFound = true;
+                }
+            }
+
             if (!userCredentialsFound)
             {
                 throw new KubeConfigException(
@@ -249,8 +257,8 @@ private void SetUserDetails(K8SConfiguration k8SConfig, Context activeContext)
         /// <summary>
         ///     Loads entire Kube Config from default or explicit file path
         /// </summary>
-        /// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
-        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
+        /// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
+        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
         /// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
         /// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
         public static async Task<K8SConfiguration> LoadKubeConfigAsync(string kubeconfigPath = null, bool useRelativePaths = true)
@@ -263,8 +271,8 @@ public static async Task<K8SConfiguration> LoadKubeConfigAsync(string kubeconfig
         /// <summary>
         ///     Loads entire Kube Config from default or explicit file path
         /// </summary>
-        /// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
-        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
+        /// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
+        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
         /// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
         /// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
         public static K8SConfiguration LoadKubeConfig(string kubeconfigPath = null, bool useRelativePaths = true)
@@ -275,8 +283,8 @@ public static K8SConfiguration LoadKubeConfig(string kubeconfigPath = null, bool
         // <summary>
         ///     Loads Kube Config
         /// </summary>
-        /// <param name="kubeconfig">Kube config file contents</param>
-        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
+        /// <param name="kubeconfig">Kube config file contents</param>
+        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
         /// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
         /// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
         public static async Task<K8SConfiguration> LoadKubeConfigAsync(FileInfo kubeconfig, bool useRelativePaths = true)
@@ -288,12 +296,12 @@ public static async Task<K8SConfiguration> LoadKubeConfigAsync(FileInfo kubeconf
 
             using (var stream = kubeconfig.OpenRead())
             {
-                var config = await Yaml.LoadFromStreamAsync<K8SConfiguration>(stream);
-
-                if (useRelativePaths)
-                {
-                    config.FileName = kubeconfig.FullName;
-                }
+                var config = await Yaml.LoadFromStreamAsync<K8SConfiguration>(stream);
+
+                if (useRelativePaths)
+                {
+                    config.FileName = kubeconfig.FullName;
+                }
 
                 return config;
             }
@@ -302,8 +310,8 @@ public static async Task<K8SConfiguration> LoadKubeConfigAsync(FileInfo kubeconf
         /// <summary>
         ///     Loads Kube Config
         /// </summary>
-        /// <param name="kubeconfig">Kube config file contents</param>
-        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
+        /// <param name="kubeconfig">Kube config file contents</param>
+        /// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
         /// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
         /// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
         public static K8SConfiguration LoadKubeConfig(FileInfo kubeconfig, bool useRelativePaths = true)
