io.fabric8.kubernetes.client.utils

Class OpenIDConnectionUtils

java.lang.Object

io.fabric8.kubernetes.client.utils.OpenIDConnectionUtils

public class OpenIDConnectionUtils
extends Object

Utility class for OpenID token refresh.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	OpenIDConnectionUtils.OAuthToken
static class	OpenIDConnectionUtils.OpenIdConfiguration

Field Summary

Fields

Modifier and Type	Field and Description
static String	CLIENT_ID_KUBECONFIG
static String	CLIENT_ID_PARAM
static String	CLIENT_SECRET_KUBECONFIG
static String	CLIENT_SECRET_PARAM
static String	GRANT_TYPE_PARAM
static String	ID_TOKEN_KUBECONFIG
static String	ISSUER_KUBECONFIG
static String	REFRESH_TOKEN_KUBECONFIG

Method Summary

Modifier and Type	Method and Description
static boolean	idTokenExpired(Config config)
static OpenIDConnectionUtils.OAuthToken	persistOAuthToken(Config currentConfig, OpenIDConnectionUtils.OAuthToken oAuthToken, String token) Save Updated Access and Refresh token in local KubeConfig file and in-memory Config object.
static CompletableFuture<String>	resolveOIDCTokenFromAuthConfig(Config currentConfig, Map<String,String> currentAuthProviderConfig, HttpClient.Builder clientBuilder) Fetch OpenID Connect token from Kubeconfig, check whether it's still valid or not; If expired handle token refresh with OpenID Connection provider APIs

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ID_TOKEN_KUBECONFIG

public static final String ID_TOKEN_KUBECONFIG

See Also:

Constant Field Values

ISSUER_KUBECONFIG

public static final String ISSUER_KUBECONFIG

See Also:

Constant Field Values

REFRESH_TOKEN_KUBECONFIG

public static final String REFRESH_TOKEN_KUBECONFIG

See Also:

Constant Field Values

GRANT_TYPE_PARAM

public static final String GRANT_TYPE_PARAM

See Also:

Constant Field Values

CLIENT_ID_PARAM

public static final String CLIENT_ID_PARAM

See Also:

Constant Field Values

CLIENT_SECRET_PARAM

public static final String CLIENT_SECRET_PARAM

See Also:

Constant Field Values

CLIENT_ID_KUBECONFIG

public static final String CLIENT_ID_KUBECONFIG

See Also:

Constant Field Values

CLIENT_SECRET_KUBECONFIG

public static final String CLIENT_SECRET_KUBECONFIG

See Also:

Constant Field Values

Method Detail

resolveOIDCTokenFromAuthConfig

public static CompletableFuture<String> resolveOIDCTokenFromAuthConfig(Config currentConfig,
                                                                       Map<String,String> currentAuthProviderConfig,
                                                                       HttpClient.Builder clientBuilder)

Fetch OpenID Connect token from Kubeconfig, check whether it's still valid or not; If expired handle token refresh with OpenID Connection provider APIs

Parameters:

currentAuthProviderConfig - current AuthInfo's AuthProvider config as a map

Returns:

access token for interacting with Kubernetes API

persistOAuthToken

public static OpenIDConnectionUtils.OAuthToken persistOAuthToken(Config currentConfig,
                                                                 OpenIDConnectionUtils.OAuthToken oAuthToken,
                                                                 String token)

Save Updated Access and Refresh token in local KubeConfig file and in-memory Config object.

Parameters:

currentConfig - current Config object.

oAuthToken - OAuth token information as received from OpenID provider.

token - new token to be persisted in KubeConfig (if not null).

Returns:

the oAuthToken for chaining and further processing.

idTokenExpired

public static boolean idTokenExpired(Config config)