1 package gkeauth
2
3 import (
4 "context"
5 "fmt"
6 "log"
7 "net/http"
8
9 "golang.org/x/oauth2"
10 "golang.org/x/oauth2/google"
11 "k8s.io/client-go/rest"
12 )
13
14 var (
15 gkeAuthPlugin = "gke-auth"
16 googleScopes = []string{
17 "https://www.googleapis.com/auth/cloud-platform",
18 "https://www.googleapis.com/auth/userinfo.email"}
19 )
20
21 func init() {
22 if err := rest.RegisterAuthProviderPlugin(gkeAuthPlugin, newGCPAuthProvider); err != nil {
23 log.Fatalf("Failed to register gcp auth plugin: %v", err)
24 }
25 }
26
27 var _ rest.AuthProvider = &gcpAuthProvider{}
28
29 type gcpAuthProvider struct {
30 tokenSource oauth2.TokenSource
31 }
32
33 func (g *gcpAuthProvider) WrapTransport(rt http.RoundTripper) http.RoundTripper {
34 return &oauth2.Transport{
35 Base: rt,
36 Source: g.tokenSource,
37 }
38 }
39 func (g *gcpAuthProvider) Login() error { return nil }
40
41 func newGCPAuthProvider(_ string, _ map[string]string, _ rest.AuthProviderConfigPersister) (rest.AuthProvider, error) {
42 ts, err := google.DefaultTokenSource(context.Background(), googleScopes...)
43 if err != nil {
44 return nil, fmt.Errorf("failed to create google token source: %+v", err)
45 }
46 return &gcpAuthProvider{tokenSource: ts}, nil
47 }
48
View as plain text