/
googleauthprovider.go
49 lines (40 loc) · 1.24 KB
/
googleauthprovider.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package k8s
import (
"context"
"fmt"
"log"
"net/http"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
"k8s.io/client-go/rest"
)
var googleScopes = []string{
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/userinfo.email",
}
const (
googleAuthPlugin = "google" // so that this is different than "gcp" that's already in client-go tree.
)
func init() {
if err := rest.RegisterAuthProviderPlugin(googleAuthPlugin, newGoogleAuthProvider); err != nil {
log.Fatalf("Failed to register %s auth plugin: %v", googleAuthPlugin, err)
}
}
var _ rest.AuthProvider = &googleAuthProvider{}
type googleAuthProvider struct {
tokenSource oauth2.TokenSource
}
func (g *googleAuthProvider) WrapTransport(rt http.RoundTripper) http.RoundTripper {
return &oauth2.Transport{
Base: rt,
Source: g.tokenSource,
}
}
func (g *googleAuthProvider) Login() error { return nil }
func newGoogleAuthProvider(addr string, config map[string]string, persister rest.AuthProviderConfigPersister) (rest.AuthProvider, error) {
ts, err := google.DefaultTokenSource(context.TODO(), googleScopes...)
if err != nil {
return nil, fmt.Errorf("failed to create google token source: %+v", err)
}
return &googleAuthProvider{tokenSource: ts}, nil
}