Skip to content

Commit d96b730

Browse files
brendandburnsbrendandburns
authored
Merge pull request kubernetes-client#312 from brendandburns/refresh
Support refresh for Azure Active Directory tokens.
2 parents 89d532a + 56afe40 commit d96b730

2 files changed

Lines changed: 35 additions & 1 deletion

File tree

util/pom.xml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,11 @@
9191
<artifactId>protobuf-java</artifactId>
9292
<version>3.4.0</version>
9393
</dependency>
94+
<dependency>
95+
<groupId>com.microsoft.azure</groupId>
96+
<artifactId>adal4j</artifactId>
97+
<version>1.6.0</version>
98+
</dependency>
9499
</dependencies>
95100
<build>
96101
<plugins>

util/src/main/java/io/kubernetes/client/util/authenticators/AzureActiveDirectoryAuthenticator.java

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,15 @@
1212
*/
1313
package io.kubernetes.client.util.authenticators;
1414

15+
import com.microsoft.aad.adal4j.AuthenticationContext;
16+
import com.microsoft.aad.adal4j.AuthenticationResult;
1517
import io.kubernetes.client.util.KubeConfig;
18+
import java.net.MalformedURLException;
1619
import java.util.Date;
1720
import java.util.Map;
21+
import java.util.concurrent.ExecutionException;
22+
import java.util.concurrent.Executors;
23+
import java.util.concurrent.Future;
1824

1925
/**
2026
* The Authenticator interface represents a plugin that can handle a specific type of authentication
@@ -27,6 +33,9 @@ public class AzureActiveDirectoryAuthenticator implements Authenticator {
2733

2834
private static final String ACCESS_TOKEN = "access-token";
2935
private static final String EXPIRES_ON = "expires-on";
36+
private static final String TENANT_ID = "tenant-id";
37+
private static final String CLIENT_ID = "client-id";
38+
private static final String REFRESH_TOKEN = "refresh-token";
3039

3140
@Override
3241
public String getName() {
@@ -50,6 +59,26 @@ public boolean isExpired(Map<String, Object> config) {
5059

5160
@Override
5261
public Map<String, Object> refresh(Map<String, Object> config) {
53-
throw new RuntimeException("Unimplemented");
62+
// TODO: Support national clouds!
63+
String cloud = "https://login.microsoftonline.com";
64+
String tenantId = (String) config.get(TENANT_ID);
65+
String authority = cloud + "/" + tenantId;
66+
String clientId = (String) config.get(CLIENT_ID);
67+
String refreshToken = (String) config.get(REFRESH_TOKEN);
68+
69+
try {
70+
AuthenticationContext context =
71+
new AuthenticationContext(authority, true, Executors.newSingleThreadExecutor());
72+
Future<AuthenticationResult> resultFuture =
73+
context.acquireTokenByRefreshToken(refreshToken, clientId, null);
74+
AuthenticationResult result = resultFuture.get();
75+
config.put(ACCESS_TOKEN, result.getAccessToken());
76+
config.put(REFRESH_TOKEN, result.getRefreshToken());
77+
78+
return config;
79+
80+
} catch (InterruptedException | MalformedURLException | ExecutionException ex) {
81+
throw new RuntimeException(ex);
82+
}
5483
}
5584
}

0 commit comments

Comments
 (0)