Skip to content

Commit

Permalink
Add posibility to use Bearer Token for auth
Browse files Browse the repository at this point in the history
  • Loading branch information
Alex Milushev committed Dec 20, 2018
1 parent 5f6fd89 commit c4a7a6c
Show file tree
Hide file tree
Showing 6 changed files with 13 additions and 5 deletions.
1 change: 1 addition & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
.idea
charts
examples
docs
1 change: 1 addition & 0 deletions charts/dex-k8s-authenticator/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ dexK8sAuthenticator:
client_id: my-cluster
redirect_uri: https://login.example.com/callback/my-cluster
k8s_ca_uri: https://url-to-your-ca.crt
bearer_token: false

service:
type: ClusterIP
Expand Down
3 changes: 1 addition & 2 deletions html/static/main.css
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,7 @@ h3 { font-size: 16px; }
pre {
background-color: #eff0f1;
padding: 5px;
white-space: pre-wrap;
overflow-wrap: break-word;
overflow: auto;
}

.dex-container {
Expand Down
5 changes: 3 additions & 2 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,13 +64,14 @@ type Cluster struct {
K8s_Master_URI string
K8s_Ca_URI string
K8s_Ca_Pem string
Bearer_Token bool

Verifier *oidc.IDTokenVerifier
Provider *oidc.Provider
OfflineAsScope bool
Client *http.Client
Redirect_URI string
Config Config
Config Config
}

// Define our configuration
Expand Down Expand Up @@ -189,7 +190,7 @@ func start_app(config Config) {
}()
}

cluster.Config = config
cluster.Config = config

base_redirect_uri, err := url.Parse(cluster.Redirect_URI)

Expand Down
2 changes: 2 additions & 0 deletions templates.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ type templateData struct {
K8sMasterURI string
K8sCaURI string
K8sCaPem string
BearerToken bool
IDPCaURI string
IDPCaPem string
LogoURI string
Expand Down Expand Up @@ -79,6 +80,7 @@ func (cluster *Cluster) renderToken(w http.ResponseWriter,
K8sMasterURI: cluster.K8s_Master_URI,
K8sCaURI: cluster.K8s_Ca_URI,
K8sCaPem: cluster.K8s_Ca_Pem,
BearerToken: cluster.Bearer_Token,
IDPCaURI: idpCaURI,
IDPCaPem: idpCaPem,
LogoURI: logoURI,
Expand Down
6 changes: 5 additions & 1 deletion templates/linux-mac-common.html
Original file line number Diff line number Diff line change
Expand Up @@ -78,14 +78,18 @@ <h3>Run configuration commands</h3>
<img class="clippy" width="13" src="{{ .Web_Path_Prefix }}static/clippy.svg" alt=""/>
</button>
<pre><code>kubectl config set-credentials {{ .Username }}-{{ .ClusterName }} \
{{- if .BearerToken }}
--token={{ .IDToken }}
{{- else }}
--auth-provider=oidc \
--auth-provider-arg=idp-issuer-url={{ .Issuer }} \
--auth-provider-arg=client-id={{ .ClientID }} \
--auth-provider-arg=client-secret={{ .ClientSecret }} \
--auth-provider-arg=refresh-token={{ .RefreshToken }} \
--auth-provider-arg=id-token={{ .IDToken }}
{{- if or (.IDPCaURI) (.IDPCaPem) }} \
{{- if or (.IDPCaURI) (.IDPCaPem) }} \
--auth-provider-arg=idp-certificate-authority=${HOME}/.kube/certs/{{ .ClusterName }}/idp-ca.crt
{{- end }}
{{- end }}</code></pre>
</div>

Expand Down

0 comments on commit c4a7a6c

Please sign in to comment.