github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-05 15:37:24 +00:00
Code Issues Projects Releases Wiki Activity

oidc auth plugin: don't hard fail if provider is unavailable

Browse Source 
When using OpenID Connect authentication, don't cause the API
server to fail if the provider is unavailable. This allows
installations to run OpenID Connect providers after starting the
API server, a common case when the provider is running on the
cluster itself.

Errors are now deferred to the authenticate method.
This commit is contained in:
Eric Chiang
2016-06-24 11:26:18 -07:00
parent bf54cd40f3
commit 2f6db37ff5
3 changed files with 235 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/apiserver/authenticator/authn.go
View File

@@ -156,8 +156,6 @@ func newAuthenticatorFromOIDCIssuerURL(issuerURL, clientID, caFile, usernameClai
CAFile: caFile,
UsernameClaim: usernameClaim,
GroupsClaim: groupsClaim,
MaxRetries: oidc.DefaultRetries,
RetryBackoff: oidc.DefaultBackoff,
})
if err != nil {
return nil, err