Use ID token if auth type is OIDC

Simply use the ID token inside the Authentication header for the OIDC case. This helps at least a bit when running locally as long as the ID token is still valid.
hjacobs · Sep 4, 2019 · 1f6a28e · 1f6a28e
1 parent 46f2738
commit 1f6a28e
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/pykube/http.py b/pykube/http.py
@@ -120,7 +120,11 @@ def send(self, request, **kwargs):
                         auth_config.get("expiry"),
                         config,
                     )
-            # @@@ support oidc
+            elif auth_provider.get("name") == "oidc":
+                auth_config = auth_provider.get("config", {})
+                # @@@ support token refresh
+                if "id-token" in auth_config:
+                    request.headers["Authorization"] = "Bearer {}".format(auth_config["id-token"])
         elif "client-certificate" in config.user:
             kwargs["cert"] = (
                 config.user["client-certificate"].filename(),