From 1f6a28e79a2ec67387ab0fa414803a62bc9e516d Mon Sep 17 00:00:00 2001
From: Tom Wieczorek <t.wieczorek@yieldlab.de>
Date: Wed, 4 Sep 2019 14:40:48 +0200
Subject: [PATCH] Use ID token if auth type is OIDC

Simply use the ID token inside the Authentication header for the OIDC
case. This helps at least a bit when running locally as long as the ID
token is still valid.
---
 pykube/http.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pykube/http.py b/pykube/http.py
index 54c4478..92fd9e0 100644
--- a/pykube/http.py
+++ b/pykube/http.py
@@ -120,7 +120,11 @@ def send(self, request, **kwargs):
                         auth_config.get("expiry"),
                         config,
                     )
-            # @@@ support oidc
+            elif auth_provider.get("name") == "oidc":
+                auth_config = auth_provider.get("config", {})
+                # @@@ support token refresh
+                if "id-token" in auth_config:
+                    request.headers["Authorization"] = "Bearer {}".format(auth_config["id-token"])
         elif "client-certificate" in config.user:
             kwargs["cert"] = (
                 config.user["client-certificate"].filename(),