github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

verify token file

Browse Source
This commit is contained in:
hzxuzhonghu
2017-11-10 11:30:51 +08:00
parent 9c904d6be2
commit 62c170fc1d
2 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
staging/src/k8s.io/apiserver/pkg/authentication/token/tokenfile/tokenfile.go
View File

@@ -62,11 +62,17 @@ func NewCSV(path string) (*TokenAuthenticator, error) {
if len(record) < 3 {
return nil, fmt.Errorf("token file '%s' must have at least 3 columns (token, user name, user uid), found %d", path, len(record))
}
recordNum++
if record[0] == "" {
glog.Warningf("empty token has been found in token file '%s', record number '%d'", path, recordNum)
continue
}
obj := &user.DefaultInfo{
Name: record[1],
UID: record[2],
}
recordNum++
if _, exist := tokens[record[0]]; exist {
glog.Warningf("duplicate token has been found in token file '%s', record number '%d'", path, recordNum)
}

10
staging/src/k8s.io/apiserver/pkg/authentication/token/tokenfile/tokenfile_test.go
View File

@@ -125,6 +125,16 @@ func TestInsufficientColumnsTokenFile(t *testing.T) {
}
}
func TestEmptyTokenTokenFile(t *testing.T) {
auth, err := newWithContents(t, ",user5,uid5\n")
if err != nil {
t.Fatalf("unexpected error %v", err)
}
if len(auth.tokens) != 0 {
t.Fatalf("empty token should not be recorded")
}
}
func newWithContents(t *testing.T, contents string) (auth *TokenAuthenticator, err error) {
f, err := ioutil.TempFile("", "tokenfile_test")
if err != nil {