github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rebase authenticators onto new interface.

Browse Source
This commit is contained in:
Mike Danese
2018-10-15 15:17:36 -07:00
parent 11be171757
commit e5227216c0
61 changed files with 415 additions and 337 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
pkg/kubelet/server/server_test.go
View File

@@ -44,6 +44,7 @@ import (
"k8s.io/apimachinery/pkg/util/httpstream"
"k8s.io/apimachinery/pkg/util/httpstream/spdy"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/apiserver/pkg/authentication/authenticator"
"k8s.io/apiserver/pkg/authentication/user"
"k8s.io/apiserver/pkg/authorization/authorizer"
"k8s.io/client-go/tools/remotecommand"
@@ -269,12 +270,12 @@ func (_ *fakeKubelet) GetCgroupCPUAndMemoryStats(cgroupName string, updateStats
}
type fakeAuth struct {
authenticateFunc func(*http.Request) (user.Info, bool, error)
authenticateFunc func(*http.Request) (*authenticator.Response, bool, error)
attributesFunc func(user.Info, *http.Request) authorizer.Attributes
authorizeFunc func(authorizer.Attributes) (authorized authorizer.Decision, reason string, err error)
}
func (f *fakeAuth) AuthenticateRequest(req *http.Request) (user.Info, bool, error) {
func (f *fakeAuth) AuthenticateRequest(req *http.Request) (*authenticator.Response, bool, error) {
return f.authenticateFunc(req)
}
func (f *fakeAuth) GetRequestAttributes(u user.Info, req *http.Request) authorizer.Attributes {
@@ -317,8 +318,8 @@ func newServerTestWithDebug(enableDebugging, redirectContainerStreaming bool, st
streamingRuntime: streamingServer,
}
fw.fakeAuth = &fakeAuth{
authenticateFunc: func(req *http.Request) (user.Info, bool, error) {
return &user.DefaultInfo{Name: "test"}, true, nil
authenticateFunc: func(req *http.Request) (*authenticator.Response, bool, error) {
return &authenticator.Response{User: &user.DefaultInfo{Name: "test"}}, true, nil
},
attributesFunc: func(u user.Info, req *http.Request) authorizer.Attributes {
return &authorizer.AttributesRecord{User: u}
@@ -768,9 +769,9 @@ Otherwise, add it to the expected list of paths that map to the "proxy" subresou
calledAttributes = false
)
fw.fakeAuth.authenticateFunc = func(req *http.Request) (user.Info, bool, error) {
fw.fakeAuth.authenticateFunc = func(req *http.Request) (*authenticator.Response, bool, error) {
calledAuthenticate = true
return expectedUser, true, nil
return &authenticator.Response{User: expectedUser}, true, nil
}
fw.fakeAuth.attributesFunc = func(u user.Info, req *http.Request) authorizer.Attributes {
calledAttributes = true
@@ -830,9 +831,9 @@ func TestAuthenticationError(t *testing.T) {
fw := newServerTest()
defer fw.testHTTPServer.Close()
fw.fakeAuth.authenticateFunc = func(req *http.Request) (user.Info, bool, error) {
fw.fakeAuth.authenticateFunc = func(req *http.Request) (*authenticator.Response, bool, error) {
calledAuthenticate = true
return expectedUser, true, nil
return &authenticator.Response{User: expectedUser}, true, nil
}
fw.fakeAuth.attributesFunc = func(u user.Info, req *http.Request) authorizer.Attributes {
calledAttributes = true
@@ -868,7 +869,7 @@ func TestAuthenticationFailure(t *testing.T) {
fw := newServerTest()
defer fw.testHTTPServer.Close()
fw.fakeAuth.authenticateFunc = func(req *http.Request) (user.Info, bool, error) {
fw.fakeAuth.authenticateFunc = func(req *http.Request) (*authenticator.Response, bool, error) {
calledAuthenticate = true
return nil, false, nil
}
@@ -906,9 +907,9 @@ func TestAuthorizationSuccess(t *testing.T) {
fw := newServerTest()
defer fw.testHTTPServer.Close()
fw.fakeAuth.authenticateFunc = func(req *http.Request) (user.Info, bool, error) {
fw.fakeAuth.authenticateFunc = func(req *http.Request) (*authenticator.Response, bool, error) {
calledAuthenticate = true
return expectedUser, true, nil
return &authenticator.Response{User: expectedUser}, true, nil
}
fw.fakeAuth.attributesFunc = func(u user.Info, req *http.Request) authorizer.Attributes {
calledAttributes = true