MCPcopy
hub / github.com/kubernetes/client-go / validateAuthInfo

Function validateAuthInfo

tools/clientcmd/validation.go:198–269  ·  view source on GitHub ↗

validateAuthInfo looks for conflicts and errors in the auth info

(authInfoName string, authInfo clientcmdapi.AuthInfo)

Source from the content-addressed store, hash-verified

196
197// validateAuthInfo looks for conflicts and errors in the auth info
198func validateAuthInfo(authInfoName string, authInfo clientcmdapi.AuthInfo) []error {
199 validationErrors := make([]error, 0)
200
201 usingAuthPath := false
202 methods := make([]string, 0, 3)
203 if len(authInfo.Token) != 0 {
204 methods = append(methods, "token")
205 }
206 if len(authInfo.Username) != 0 || len(authInfo.Password) != 0 {
207 methods = append(methods, "basicAuth")
208 }
209
210 if len(authInfo.ClientCertificate) != 0 || len(authInfo.ClientCertificateData) != 0 {
211 // Make sure cert data and file aren't both specified
212 if len(authInfo.ClientCertificate) != 0 && len(authInfo.ClientCertificateData) != 0 {
213 validationErrors = append(validationErrors, fmt.Errorf("client-cert-data and client-cert are both specified for %v. client-cert-data will override.", authInfoName))
214 }
215 // Make sure key data and file aren't both specified
216 if len(authInfo.ClientKey) != 0 && len(authInfo.ClientKeyData) != 0 {
217 validationErrors = append(validationErrors, fmt.Errorf("client-key-data and client-key are both specified for %v; client-key-data will override", authInfoName))
218 }
219 // Make sure a key is specified
220 if len(authInfo.ClientKey) == 0 && len(authInfo.ClientKeyData) == 0 {
221 validationErrors = append(validationErrors, fmt.Errorf("client-key-data or client-key must be specified for %v to use the clientCert authentication method.", authInfoName))
222 }
223
224 if len(authInfo.ClientCertificate) != 0 {
225 clientCertFile, err := os.Open(authInfo.ClientCertificate)
226 defer clientCertFile.Close()
227 if err != nil {
228 validationErrors = append(validationErrors, fmt.Errorf("unable to read client-cert %v for %v due to %v", authInfo.ClientCertificate, authInfoName, err))
229 }
230 }
231 if len(authInfo.ClientKey) != 0 {
232 clientKeyFile, err := os.Open(authInfo.ClientKey)
233 defer clientKeyFile.Close()
234 if err != nil {
235 validationErrors = append(validationErrors, fmt.Errorf("unable to read client-key %v for %v due to %v", authInfo.ClientKey, authInfoName, err))
236 }
237 }
238 }
239
240 if authInfo.Exec != nil {
241 if authInfo.AuthProvider != nil {
242 validationErrors = append(validationErrors, fmt.Errorf("authProvider cannot be provided in combination with an exec plugin for %s", authInfoName))
243 }
244 if len(authInfo.Exec.Command) == 0 {
245 validationErrors = append(validationErrors, fmt.Errorf("command must be specified for %v to use exec authentication plugin", authInfoName))
246 }
247 if len(authInfo.Exec.APIVersion) == 0 {
248 validationErrors = append(validationErrors, fmt.Errorf("apiVersion must be specified for %v to use exec authentication plugin", authInfoName))
249 }
250 for _, v := range authInfo.Exec.Env {
251 if len(v.Name) == 0 {
252 validationErrors = append(validationErrors, fmt.Errorf("env variable name must be specified for %v to use exec authentication plugin", authInfoName))
253 } else if len(v.Value) == 0 {
254 validationErrors = append(validationErrors, fmt.Errorf("env variable %s value must be specified for %v to use exec authentication plugin", v.Name, authInfoName))
255 }

Callers 4

testAuthInfoMethod · 0.85
ValidateFunction · 0.85
ConfirmUsableFunction · 0.85
ConfirmUsableMethod · 0.85

Calls 2

ErrorfMethod · 0.65
CloseMethod · 0.65

Tested by 1

testAuthInfoMethod · 0.68