From 71b2a4cdcc18694387961d119c6ab71772579918 Mon Sep 17 00:00:00 2001 From: Weinong Wang Date: Thu, 23 Jan 2020 14:21:33 -0800 Subject: [PATCH 1/2] Revert "It fixes a bug where AAD token obtained by kubectl is incompatible with on-behalf-of flow and oidc." This reverts commit d1480ab49d603d0a95e509b627252ee7af8559ae. Revert this commit due to incomplete migration path --- .../k8s.io/client-go/plugin/pkg/client/auth/azure/azure.go | 4 ++-- .../k8s.io/legacy-cloud-providers/azure/auth/azure_auth.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/azure/azure.go b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/azure/azure.go index 47db5eb39a6..e583100cc9c 100644 --- a/staging/src/k8s.io/client-go/plugin/pkg/client/auth/azure/azure.go +++ b/staging/src/k8s.io/client-go/plugin/pkg/client/auth/azure/azure.go @@ -287,7 +287,7 @@ func (ts *azureTokenSource) refreshToken(token *azureToken) (*azureToken, error) return nil, err } - oauthConfig, err := adal.NewOAuthConfigWithAPIVersion(env.ActiveDirectoryEndpoint, token.tenantID, nil) + oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, token.tenantID) if err != nil { return nil, fmt.Errorf("building the OAuth configuration for token refresh: %v", err) } @@ -344,7 +344,7 @@ func newAzureTokenSourceDeviceCode(environment azure.Environment, clientID strin } func (ts *azureTokenSourceDeviceCode) Token() (*azureToken, error) { - oauthConfig, err := adal.NewOAuthConfigWithAPIVersion(ts.environment.ActiveDirectoryEndpoint, ts.tenantID, nil) + oauthConfig, err := adal.NewOAuthConfig(ts.environment.ActiveDirectoryEndpoint, ts.tenantID) if err != nil { return nil, fmt.Errorf("building the OAuth configuration for device code authentication: %v", err) } diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth.go b/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth.go index 8d9383a0e03..7332a1240d5 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth.go @@ -97,7 +97,7 @@ func GetServicePrincipalToken(config *AzureAuthConfig, env *azure.Environment) ( env.ServiceManagementEndpoint) } - oauthConfig, err := adal.NewOAuthConfigWithAPIVersion(env.ActiveDirectoryEndpoint, tenantID, nil) + oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, tenantID) if err != nil { return nil, fmt.Errorf("creating the OAuth config: %v", err) } From d56f535755870d445a641bbe89681aba569735c8 Mon Sep 17 00:00:00 2001 From: Weinong Wang Date: Thu, 23 Jan 2020 18:21:59 -0800 Subject: [PATCH 2/2] fixed UT --- .../k8s.io/legacy-cloud-providers/azure/auth/azure_auth_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth_test.go b/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth_test.go index c22f663ab68..98a879189a9 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth_test.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth_test.go @@ -97,7 +97,7 @@ func TestGetServicePrincipalToken(t *testing.T) { token, err := GetServicePrincipalToken(config, env) assert.NoError(t, err) - oauthConfig, err := adal.NewOAuthConfigWithAPIVersion(env.ActiveDirectoryEndpoint, config.TenantID, nil) + oauthConfig, err := adal.NewOAuthConfig(env.ActiveDirectoryEndpoint, config.TenantID) assert.NoError(t, err) spt, err := adal.NewServicePrincipalToken(*oauthConfig, config.AADClientID, config.AADClientSecret, env.ServiceManagementEndpoint)