github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #45575 from wanghaoran1988/fix_44476

Browse Source 
Automatic merge from submit-queue

Make gcp auth provider not to override the Auth header if it's already exits

**What this PR does / why we need it**:
Make AuthProvider not wrap the transport if beartoken or basic auth is enabled
**Which issue this PR fixes** :
 fixes #44476 

**Special notes for your reviewer**:

**Release note**:
```
GCP auth plugin no longer overwrites existing Authorization headers.
```
This commit is contained in:
Kubernetes Submit Queue 2017-06-08 23:47:03 -07:00 committed by GitHub
commit 8c2a07fa1f
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp/gcp.go
View File

@ -124,10 +124,7 @@ func newGCPAuthProvider(_ string, gcpConfig map[string]string, persister restcli
}
func (g *gcpAuthProvider) WrapTransport(rt http.RoundTripper) http.RoundTripper {
return &oauth2.Transport{
Source: g.tokenSource,
Base: rt,
}
return &conditionalTransport{&oauth2.Transport{Source: g.tokenSource, Base: rt}}
}
func (g *gcpAuthProvider) Login() error { return nil }
@ -284,3 +281,14 @@ func parseJSONPath(input interface{}, name, template string) (string, error) {
}
return buf.String(), nil
}
type conditionalTransport struct {
oauthTransport *oauth2.Transport
}
func (t *conditionalTransport) RoundTrip(req *http.Request) (*http.Response, error) {
if len(req.Header.Get("Authorization")) != 0 {
return t.oauthTransport.Base.RoundTrip(req)
}
return t.oauthTransport.RoundTrip(req)
}