1
1
import fs = require( 'fs' ) ;
2
2
import os = require( 'os' ) ;
3
3
import path = require( 'path' ) ;
4
+ import https = require( 'https' ) ;
4
5
5
6
import base64 = require( 'base-64' ) ;
6
7
import jsonpath = require( 'jsonpath' ) ;
@@ -80,15 +81,15 @@ export class KubeConfig {
80
81
return this . getCluster ( this . getCurrentContextObject ( ) [ 'cluster' ] ) ;
81
82
}
82
83
83
- public getCluster ( name : string ) {
84
+ public getCluster ( name : string ) : Cluster {
84
85
return KubeConfig . findObject ( this . clusters , name , 'cluster' ) ;
85
86
}
86
87
87
88
public getCurrentUser ( ) {
88
89
return this . getUser ( this . getCurrentContextObject ( ) [ 'user' ] ) ;
89
90
}
90
91
91
- public getUser ( name : string ) {
92
+ public getUser ( name : string ) : User {
92
93
return KubeConfig . findObject ( this . users , name , 'user' ) ;
93
94
}
94
95
@@ -106,22 +107,25 @@ export class KubeConfig {
106
107
return null ;
107
108
}
108
109
109
- public applyToRequest ( opts : request . Options ) {
110
- let cluster = this . getCurrentCluster ( ) ;
111
- let user = this . getCurrentUser ( ) ;
110
+ private applyHTTPSOptions ( opts : request . Options | https . RequestOptions ) {
111
+ const cluster = this . getCurrentCluster ( ) ;
112
+ const user = this . getCurrentUser ( ) ;
112
113
113
- if ( cluster . skipTLSVerify ) {
114
- opts . strictSSL = false
115
- }
116
114
opts . ca = this . bufferFromFileOrString ( cluster . caFile , cluster . caData ) ;
117
115
opts . cert = this . bufferFromFileOrString ( user . certFile , user . certData ) ;
118
116
opts . key = this . bufferFromFileOrString ( user . keyFile , user . keyData ) ;
117
+ }
118
+
119
+ private applyAuthorizationHeader ( opts : request . Options | https . RequestOptions ) {
120
+ const user = this . getCurrentUser ( ) ;
119
121
let token = null ;
122
+
120
123
if ( user . authProvider && user . authProvider . config ) {
121
- let config = user . authProvider . config ;
124
+ const config = user . authProvider . config ;
122
125
// This should probably be extracted as auth-provider specific plugins...
123
126
token = 'Bearer ' + config [ 'access-token' ] ;
124
- let expiry = config [ 'expiry' ] ;
127
+ const expiry = config [ 'expiry' ] ;
128
+
125
129
if ( expiry ) {
126
130
let expiration = Date . parse ( expiry ) ;
127
131
if ( expiration < Date . now ( ) ) {
@@ -131,7 +135,7 @@ export class KubeConfig {
131
135
cmd = cmd + ' ' + config [ 'cmd-args' ] ;
132
136
}
133
137
// TODO: Cache to file?
134
- let result = shelljs . exec ( cmd , { silent : true } ) ;
138
+ const result = shelljs . exec ( cmd , { silent : true } ) ;
135
139
if ( result [ 'code' ] != 0 ) {
136
140
throw new Error ( 'Failed to refresh token: ' + result ) ;
137
141
}
@@ -148,13 +152,43 @@ export class KubeConfig {
148
152
}
149
153
}
150
154
}
155
+
151
156
}
157
+
152
158
if ( user . token ) {
153
159
token = 'Bearer ' + user . token ;
154
160
}
161
+
155
162
if ( token ) {
156
163
opts . headers [ 'Authorization' ] = token ;
157
164
}
165
+ }
166
+
167
+ private applyOptions ( opts : request . Options | https . RequestOptions ) {
168
+ this . applyHTTPSOptions ( opts ) ;
169
+ this . applyAuthorizationHeader ( opts ) ;
170
+ }
171
+
172
+ public applytoHTTPsOptions ( opts : https . RequestOptions ) {
173
+ const user = this . getCurrentUser ( ) ;
174
+
175
+ this . applyOptions ( opts ) ;
176
+
177
+ if ( user . username ) {
178
+ opts . auth = `${ user . username } :${ user . password } ` ;
179
+ }
180
+ }
181
+
182
+ public applyToRequest ( opts : request . Options ) {
183
+ const cluster = this . getCurrentCluster ( ) ;
184
+ const user = this . getCurrentUser ( ) ;
185
+
186
+ this . applyOptions ( opts ) ;
187
+
188
+ if ( cluster . skipTLSVerify ) {
189
+ opts . strictSSL = false
190
+ }
191
+
158
192
if ( user . username ) {
159
193
opts . auth = {
160
194
username : user . username ,
0 commit comments