mirror of https://github.com/k3s-io/k3s
78 lines
3.2 KiB
Go
78 lines
3.2 KiB
Go
/*
|
|
Copyright 2016 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package rest
|
|
|
|
import (
|
|
authenticationv1 "k8s.io/api/authentication/v1"
|
|
authenticationv1beta1 "k8s.io/api/authentication/v1beta1"
|
|
"k8s.io/apiserver/pkg/authentication/authenticator"
|
|
"k8s.io/apiserver/pkg/registry/generic"
|
|
"k8s.io/apiserver/pkg/registry/rest"
|
|
genericapiserver "k8s.io/apiserver/pkg/server"
|
|
serverstorage "k8s.io/apiserver/pkg/server/storage"
|
|
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
|
"k8s.io/kubernetes/pkg/apis/authentication"
|
|
"k8s.io/kubernetes/pkg/registry/authentication/tokenreview"
|
|
)
|
|
|
|
type RESTStorageProvider struct {
|
|
Authenticator authenticator.Request
|
|
APIAudiences authenticator.Audiences
|
|
}
|
|
|
|
func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) {
|
|
// TODO figure out how to make the swagger generation stable, while allowing this endpoint to be disabled.
|
|
// if p.Authenticator == nil {
|
|
// return genericapiserver.APIGroupInfo{}, false
|
|
// }
|
|
|
|
apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(authentication.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
|
|
// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
|
|
// TODO refactor the plumbing to provide the information in the APIGroupInfo
|
|
|
|
if apiResourceConfigSource.VersionEnabled(authenticationv1beta1.SchemeGroupVersion) {
|
|
apiGroupInfo.VersionedResourcesStorageMap[authenticationv1beta1.SchemeGroupVersion.Version] = p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter)
|
|
}
|
|
if apiResourceConfigSource.VersionEnabled(authenticationv1.SchemeGroupVersion) {
|
|
apiGroupInfo.VersionedResourcesStorageMap[authenticationv1.SchemeGroupVersion.Version] = p.v1Storage(apiResourceConfigSource, restOptionsGetter)
|
|
}
|
|
|
|
return apiGroupInfo, true
|
|
}
|
|
|
|
func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
|
|
storage := map[string]rest.Storage{}
|
|
// tokenreviews
|
|
tokenReviewStorage := tokenreview.NewREST(p.Authenticator, p.APIAudiences)
|
|
storage["tokenreviews"] = tokenReviewStorage
|
|
|
|
return storage
|
|
}
|
|
|
|
func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) map[string]rest.Storage {
|
|
storage := map[string]rest.Storage{}
|
|
// tokenreviews
|
|
tokenReviewStorage := tokenreview.NewREST(p.Authenticator, p.APIAudiences)
|
|
storage["tokenreviews"] = tokenReviewStorage
|
|
|
|
return storage
|
|
}
|
|
|
|
func (p RESTStorageProvider) GroupName() string {
|
|
return authentication.GroupName
|
|
}
|