Merge pull request #1191 from rmweir/token-hashing-v2.4

Add systems token interface

config/context.go

@@ -29,6 +29,7 @@ import (
 	rbacv1 "github.com/rancher/types/apis/rbac.authorization.k8s.io/v1"
 	storagev1 "github.com/rancher/types/apis/storage.k8s.io/v1"
 	"github.com/rancher/types/config/dialer"
+	"github.com/rancher/types/config/systemtokens"
 	"github.com/rancher/types/peermanager"
 	"github.com/rancher/types/user"
 	"github.com/rancher/wrangler-api/pkg/generated/controllers/rbac"
@@ -57,6 +58,7 @@ type ScaledContext struct {
 	Schemas           *types.Schemas
 	AccessControl     types.AccessControl
 	Dialer            dialer.Factory
+	SystemTokens      systemtokens.Interface
 	UserManager       user.Manager
 	PeerManager       peermanager.PeerManager
 	CatalogManager    CatalogManager
@@ -98,6 +100,7 @@ func (c *ScaledContext) NewManagementContext() (*ManagementContext, error) {
 	}
 	mgmt.Dialer = c.Dialer
 	mgmt.UserManager = c.UserManager
+	mgmt.SystemTokens = c.SystemTokens
 	mgmt.CatalogManager = c.CatalogManager
 	c.managementContext = mgmt
 	return mgmt, nil
@@ -177,6 +180,7 @@ type ManagementContext struct {
 	Scheme            *runtime.Scheme
 	Dialer            dialer.Factory
 	UserManager       user.Manager
+	SystemTokens      systemtokens.Interface
 	CatalogManager    CatalogManager
 
 	Management managementv3.Interface

config/systemtokens/systemtokens.go

@@ -0,0 +1,6 @@
+package systemtokens
+
+type Interface interface {
+	EnsureSystemToken(name, description, kind, username string, overrideTTL *int64, randomize bool) (string, error)
+	DeleteToken(tokenName string) error
+}

user/manager.go

@@ -9,8 +9,9 @@ import (
 type Manager interface {
 	SetPrincipalOnCurrentUser(apiContext *types.APIContext, principal v3.Principal) (*v3.User, error)
 	GetUser(apiContext *types.APIContext) string
-	EnsureToken(tokenName, description, kind, userName string) (string, error)
-	EnsureClusterToken(clusterName, tokenName, description, kind, userName string) (string, error)
+	EnsureToken(tokenName, description, kind, userName string, ttl *int64, randomize bool) (string, error)
+	EnsureClusterToken(clusterName, tokenName, description, kind, userName string, ttl *int64, randomize bool) (string, error)
+	DeleteToken(tokenName string) error
 	EnsureUser(principalName, displayName string) (*v3.User, error)
 	CheckAccess(accessMode string, allowedPrincipalIDs []string, userPrincipalID string, groups []v3.Principal) (bool, error)
 	SetPrincipalOnCurrentUserByUserID(userID string, principal v3.Principal) (*v3.User, error)