Rename "Webhook" to "TokenAuthenticator" in our REST handler and callers.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
parent
2bdbac3e15
commit
80a23bd2fd
@ -57,7 +57,7 @@ type Config struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type ExtraConfig struct {
|
type ExtraConfig struct {
|
||||||
Webhook authenticator.Token
|
TokenAuthenticator authenticator.Token
|
||||||
Issuer credentialrequest.CertIssuer
|
Issuer credentialrequest.CertIssuer
|
||||||
StartControllersPostStartHook func(ctx context.Context)
|
StartControllersPostStartHook func(ctx context.Context)
|
||||||
}
|
}
|
||||||
@ -111,7 +111,7 @@ func (c completedConfig) New() (*PinnipedServer, error) {
|
|||||||
NegotiatedSerializer: Codecs,
|
NegotiatedSerializer: Codecs,
|
||||||
}
|
}
|
||||||
|
|
||||||
credentialRequestStorage := credentialrequest.NewREST(c.ExtraConfig.Webhook, c.ExtraConfig.Issuer)
|
credentialRequestStorage := credentialrequest.NewREST(c.ExtraConfig.TokenAuthenticator, c.ExtraConfig.Issuer)
|
||||||
|
|
||||||
v1alpha1Storage, ok := apiGroupInfo.VersionedResourcesStorageMap[gvr.Version]
|
v1alpha1Storage, ok := apiGroupInfo.VersionedResourcesStorageMap[gvr.Version]
|
||||||
if !ok {
|
if !ok {
|
||||||
|
@ -37,15 +37,15 @@ type CertIssuer interface {
|
|||||||
IssuePEM(subject pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error)
|
IssuePEM(subject pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewREST(webhook authenticator.Token, issuer CertIssuer) *REST {
|
func NewREST(tokenAuthenticator authenticator.Token, issuer CertIssuer) *REST {
|
||||||
return &REST{
|
return &REST{
|
||||||
webhook: webhook,
|
tokenAuthenticator: tokenAuthenticator,
|
||||||
issuer: issuer,
|
issuer: issuer,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
type REST struct {
|
type REST struct {
|
||||||
webhook authenticator.Token
|
tokenAuthenticator authenticator.Token
|
||||||
issuer CertIssuer
|
issuer CertIssuer
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -78,7 +78,7 @@ func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation
|
|||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
authResponse, authenticated, err := r.webhook.AuthenticateToken(cancelCtx, credentialRequest.Spec.Token.Value)
|
authResponse, authenticated, err := r.tokenAuthenticator.AuthenticateToken(cancelCtx, credentialRequest.Spec.Token.Value)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
traceFailureWithError(t, "webhook authentication", err)
|
traceFailureWithError(t, "webhook authentication", err)
|
||||||
return failureResponse(), nil
|
return failureResponse(), nil
|
||||||
|
@ -14,9 +14,9 @@ import (
|
|||||||
|
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
"k8s.io/apiserver/pkg/authentication/authenticator"
|
||||||
genericapiserver "k8s.io/apiserver/pkg/server"
|
genericapiserver "k8s.io/apiserver/pkg/server"
|
||||||
genericoptions "k8s.io/apiserver/pkg/server/options"
|
genericoptions "k8s.io/apiserver/pkg/server/options"
|
||||||
"k8s.io/apiserver/plugin/pkg/authenticator/token/webhook"
|
|
||||||
"k8s.io/client-go/kubernetes"
|
"k8s.io/client-go/kubernetes"
|
||||||
restclient "k8s.io/client-go/rest"
|
restclient "k8s.io/client-go/rest"
|
||||||
"k8s.io/klog/v2"
|
"k8s.io/klog/v2"
|
||||||
@ -241,7 +241,7 @@ func getClusterCASigner(ctx context.Context, serverInstallationNamespace string)
|
|||||||
// Create a configuration for the aggregated API server.
|
// Create a configuration for the aggregated API server.
|
||||||
func getAggregatedAPIServerConfig(
|
func getAggregatedAPIServerConfig(
|
||||||
dynamicCertProvider provider.DynamicTLSServingCertProvider,
|
dynamicCertProvider provider.DynamicTLSServingCertProvider,
|
||||||
webhookTokenAuthenticator *webhook.WebhookTokenAuthenticator,
|
tokenAuthenticator authenticator.Token,
|
||||||
ca credentialrequest.CertIssuer,
|
ca credentialrequest.CertIssuer,
|
||||||
startControllersPostStartHook func(context.Context),
|
startControllersPostStartHook func(context.Context),
|
||||||
) (*apiserver.Config, error) {
|
) (*apiserver.Config, error) {
|
||||||
@ -270,7 +270,7 @@ func getAggregatedAPIServerConfig(
|
|||||||
apiServerConfig := &apiserver.Config{
|
apiServerConfig := &apiserver.Config{
|
||||||
GenericConfig: serverConfig,
|
GenericConfig: serverConfig,
|
||||||
ExtraConfig: apiserver.ExtraConfig{
|
ExtraConfig: apiserver.ExtraConfig{
|
||||||
Webhook: webhookTokenAuthenticator,
|
TokenAuthenticator: tokenAuthenticator,
|
||||||
Issuer: ca,
|
Issuer: ca,
|
||||||
StartControllersPostStartHook: startControllersPostStartHook,
|
StartControllersPostStartHook: startControllersPostStartHook,
|
||||||
},
|
},
|
||||||
|
Loading…
Reference in New Issue
Block a user