Example 1 with ClientCertificateAuthentication
use of io.kubernetes.client.util.credentials.ClientCertificateAuthentication in project java by kubernetes-client.
the class ClientBuilder method build.
public ApiClient build() {
final ApiClient client = new ApiClient();
client.setHttpClient(client.getHttpClient().newBuilder().protocols(protocols).readTimeout(this.readTimeout).pingInterval(pingInterval).build());
if (basePath != null) {
if (basePath.endsWith("/")) {
basePath = basePath.substring(0, basePath.length() - 1);
}
client.setBasePath(basePath);
}
client.setVerifyingSsl(verifyingSsl);
if (authentication != null) {
if (StringUtils.isNotEmpty(keyStorePassphrase)) {
if (authentication instanceof KubeconfigAuthentication) {
if (((KubeconfigAuthentication) authentication).getDelegateAuthentication() instanceof ClientCertificateAuthentication) {
((ClientCertificateAuthentication) (((KubeconfigAuthentication) authentication).getDelegateAuthentication())).setPassphrase(keyStorePassphrase);
}
}
}
authentication.provide(client);
}
// TODO: Add a test to ensure that this works correctly...
if (caCertBytes != null) {
client.setSslCaCert(new ByteArrayInputStream(caCertBytes));
}
return client;
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
ApiClient(io.kubernetes.client.openapi.ApiClient)
ClientCertificateAuthentication(io.kubernetes.client.util.credentials.ClientCertificateAuthentication)
KubeconfigAuthentication(io.kubernetes.client.util.credentials.KubeconfigAuthentication)
Example 2 with ClientCertificateAuthentication
use of io.kubernetes.client.util.credentials.ClientCertificateAuthentication in project java by kubernetes-client.
the class ClientBuilder method fromCertificateSigningRequest.
/**
* Returns a new ApiClient instance reading from CertificateSigningRequest.
*
* <p>It will create a CertificateSigningRequest object to the cluster if it doesn't exist, and
* waits until the request is approved.
*
* @param bootstrapApiClient the bootstrap api client
* @param privateKey the private key
* @param csr the csr
* @return the api client
* @throws IOException the io exception
* @throws CSRNotApprovedException the csr not approved exception
* @throws ApiException the api exception
*/
public static ApiClient fromCertificateSigningRequest(ApiClient bootstrapApiClient, PrivateKey privateKey, V1CertificateSigningRequest csr) throws IOException, CSRNotApprovedException, ApiException {
byte[] certificateData = CSRUtils.createAndWaitUntilCertificateSigned(bootstrapApiClient, csr);
InputStream is = bootstrapApiClient.getSslCaCert();
is.reset();
ClientBuilder newBuilder = new ClientBuilder();
newBuilder.setAuthentication(new ClientCertificateAuthentication(certificateData, SSLUtils.dumpKey(privateKey)));
newBuilder.setBasePath(bootstrapApiClient.getBasePath());
newBuilder.setVerifyingSsl(bootstrapApiClient.isVerifyingSsl());
newBuilder.setCertificateAuthority(IOUtils.toByteArray(is));
return newBuilder.build();
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
ClientCertificateAuthentication(io.kubernetes.client.util.credentials.ClientCertificateAuthentication)
Aggregations
ClientCertificateAuthentication (io.kubernetes.client.util.credentials.ClientCertificateAuthentication)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ApiClient (io.kubernetes.client.openapi.ApiClient)1
KubeconfigAuthentication (io.kubernetes.client.util.credentials.KubeconfigAuthentication)1
FileInputStream (java.io.FileInputStream)1
InputStream (java.io.InputStream)1
