forked from rancher/rancher
-
Notifications
You must be signed in to change notification settings - Fork 0
/
token.go
57 lines (51 loc) · 1.33 KB
/
token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
package auth
import (
tokenUtil "github.com/rancher/rancher/pkg/auth/tokens"
v3 "github.com/rancher/types/apis/management.cattle.io/v3"
"github.com/rancher/types/config"
"k8s.io/apimachinery/pkg/runtime"
)
const (
tokenController = "mgmt-auth-tokens-controller"
)
type TokenController struct {
tokens v3.TokenInterface
}
func newTokenController(mgmt *config.ManagementContext) *TokenController {
n := &TokenController{
tokens: mgmt.Management.Tokens(""),
}
return n
}
//sync is called periodically and on real updates
func (n *TokenController) sync(key string, obj *v3.Token) (runtime.Object, error) {
if obj == nil {
return nil, nil
}
// remove legacy finalizers
if obj.DeletionTimestamp != nil {
finalizers := obj.GetFinalizers()
for i, finalizer := range finalizers {
if finalizer == "controller.cattle.io/cat-token-controller" {
finalizers = append(finalizers[:i], finalizers[i+1:]...)
newObj := obj.DeepCopy()
newObj.SetFinalizers(finalizers)
var err error
obj, err = n.tokens.Update(newObj)
if err != nil {
return nil, err
}
break
}
}
}
if obj.TTLMillis != 0 && obj.ExpiresAt == "" {
//compute and save expiresAt
newObj := obj.DeepCopy()
tokenUtil.SetTokenExpiresAt(newObj)
if _, err := n.tokens.Update(newObj); err != nil {
return nil, err
}
}
return nil, nil
}