github.com/telepresenceio/telepresence/v2@v2.20.0-pro.6.0.20240517030216-236ea954e789/pkg/authenticator/grpc/authenticator.go

github.com/telepresenceio/telepresence/v2@v2.20.0-pro.6.0.20240517030216-236ea954e789/pkg/authenticator/grpc/authenticator.go (about)

     1  package grpc
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	"google.golang.org/grpc"
     8  	"k8s.io/client-go/tools/clientcmd"
     9  
    10  	"github.com/datawire/dlib/dlog"
    11  	rpc "github.com/telepresenceio/telepresence/rpc/v2/authenticator"
    12  	"github.com/telepresenceio/telepresence/v2/pkg/authenticator"
    13  )
    14  
    15  func RegisterAuthenticatorServer(srv *grpc.Server, kubeClientConfig clientcmd.ClientConfig) {
    16  	rpc.RegisterAuthenticatorServer(srv, &AuthenticatorServer{
    17  		authenticator: authenticator.NewService(kubeClientConfig),
    18  	})
    19  }
    20  
    21  type Authenticator interface {
    22  	GetExecCredentials(ctx context.Context, contextName string) ([]byte, error)
    23  }
    24  
    25  type AuthenticatorServer struct {
    26  	rpc.UnsafeAuthenticatorServer
    27  
    28  	authenticator Authenticator
    29  }
    30  
    31  // GetContextExecCredentials returns credentials for a particular Kubernetes context on the host machine.
    32  func (h *AuthenticatorServer) GetContextExecCredentials(ctx context.Context, request *rpc.GetContextExecCredentialsRequest) (*rpc.GetContextExecCredentialsResponse, error) {
    33  	dlog.Debugf(ctx, "GetContextExecCredentials(%s)", request.ContextName)
    34  	rawExecCredentials, err := h.authenticator.GetExecCredentials(ctx, request.ContextName)
    35  	if err != nil {
    36  		return nil, fmt.Errorf("failed to resolve exec credentils: %w", err)
    37  	}
    38  
    39  	return &rpc.GetContextExecCredentialsResponse{
    40  		RawCredentials: rawExecCredentials,
    41  	}, nil
    42  }