github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-20 01:01:22 +00:00
Code Issues Projects Releases Wiki Activity

Simplify authenticator configuration initialization

Browse Source
This commit is contained in:
zhengjiajin 2018-03-13 11:06:06 +08:00
parent a0844c17bf
commit 5e67f473cc
1 changed files with 9 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
pkg/kubeapiserver/authenticator/config.go
View File

@ -82,7 +82,6 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
var authenticators []authenticator.Request var authenticators []authenticator.Request
var tokenAuthenticators []authenticator.Token var tokenAuthenticators []authenticator.Token
securityDefinitions := spec.SecurityDefinitions{} securityDefinitions := spec.SecurityDefinitions{}
hasBasicAuth := false
// front-proxy, BasicAuth methods, local first, then remote // front-proxy, BasicAuth methods, local first, then remote
// Add the front proxy authenticator if requested // Add the front proxy authenticator if requested
@ -100,13 +99,20 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
authenticators = append(authenticators, requestHeaderAuthenticator) authenticators = append(authenticators, requestHeaderAuthenticator)
} }
// basic auth
if len(config.BasicAuthFile) > 0 { if len(config.BasicAuthFile) > 0 {
basicAuth, err := newAuthenticatorFromBasicAuthFile(config.BasicAuthFile) basicAuth, err := newAuthenticatorFromBasicAuthFile(config.BasicAuthFile)
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }
authenticators = append(authenticators, basicAuth) authenticators = append(authenticators, basicAuth)
hasBasicAuth = true
securityDefinitions["HTTPBasic"] = &spec.SecurityScheme{
SecuritySchemeProps: spec.SecuritySchemeProps{
Type: "basic",
Description: "HTTP Basic authentication",
},
}
} }
// X509 methods // X509 methods
@ -167,15 +173,6 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
tokenAuthenticators = append(tokenAuthenticators, webhookTokenAuth) tokenAuthenticators = append(tokenAuthenticators, webhookTokenAuth)
} }
if hasBasicAuth {
securityDefinitions["HTTPBasic"] = &spec.SecurityScheme{
SecuritySchemeProps: spec.SecuritySchemeProps{
Type: "basic",
Description: "HTTP Basic authentication",
},
}
}
if len(tokenAuthenticators) > 0 { if len(tokenAuthenticators) > 0 {
// Union the token authenticators // Union the token authenticators
tokenAuth := tokenunion.New(tokenAuthenticators...) tokenAuth := tokenunion.New(tokenAuthenticators...)
@ -200,8 +197,7 @@ func (config AuthenticatorConfig) New() (authenticator.Request, *spec.SecurityDe
} }
} }
switch len(authenticators) { if len(authenticators) == 0 {
case 0:
return nil, &securityDefinitions, nil return nil, &securityDefinitions, nil
} }