Skip to content

Commit

Permalink
Merge pull request #2319 from hardys/proxy_oidc
Browse files Browse the repository at this point in the history 
🌱 proxy: optionally enable OIDC auth
  • Loading branch information
@openshift-merge-robot
openshift-merge-robot authored Nov 10, 2022
2 parents 5ea4b92 + 044f9fc commit e8669e7
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion pkg/proxy/options/authentication.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ func NewAuthentication() *Authentication {
auth := &Authentication{
BuiltInOptions: kubeoptions.NewBuiltInAuthenticationOptions().
WithClientCert().
WithOIDC().
WithServiceAccounts().
WithTokenFile(),
// when adding new auth methods, also update AdditionalAuthEnabled below
Expand All @@ -62,7 +63,11 @@ func NewAuthentication() *Authentication {

// When configured to enable auth other than ClientCert, this returns true
func (c *Authentication) AdditionalAuthEnabled() bool {
return c.tokenAuthEnabled() || c.serviceAccountAuthEnabled()
return c.tokenAuthEnabled() || c.serviceAccountAuthEnabled() || c.oidcAuthEnabled()
}

func (c *Authentication) oidcAuthEnabled() bool {
return c.BuiltInOptions.OIDC != nil && c.BuiltInOptions.OIDC.IssuerURL != ""
}

func (c *Authentication) tokenAuthEnabled() bool {
Expand Down

0 comments on commit e8669e7

Please sign in to comment.