Skip to content

Commit 69b7083

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #4247 from mlbiam/main
for #4246 context with TLS parameters not passed to refresh process
2 parents 99dffe6 + c002285 commit 69b7083

File tree

2 files changed

+6
-7
lines changed

2 files changed

+6
-7
lines changed

backend/pkg/auth/auth.go

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -171,10 +171,8 @@ func CacheRefreshedToken(token *oauth2.Token, tokenType string, oldToken string,
171171
// token from the cache to obtain a new OAuth2 token
172172
// from the specified token URL endpoint.
173173
func GetNewToken(clientID, clientSecret string, cache cache.Cache[interface{}],
174-
tokenType string, token string, tokenURL string,
174+
tokenType string, token string, tokenURL string, ctx context.Context,
175175
) (*oauth2.Token, error) {
176-
ctx := context.Background()
177-
178176
// get refresh token
179177
refreshToken, err := cache.Get(ctx, oidcKeyPrefix+token)
180178
if err != nil {
@@ -267,6 +265,7 @@ func RefreshAndCacheNewToken(ctx context.Context, oidcAuthConfig *kubeconfig.Oid
267265
tokenType,
268266
token,
269267
provider.Endpoint().TokenURL,
268+
ctx,
270269
)
271270
if err != nil {
272271
return nil, fmt.Errorf("refreshing token: %w", err)

backend/pkg/auth/auth_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -618,7 +618,7 @@ func TestGetNewToken_Success(t *testing.T) {
618618
// Seed cache with old token -> old refresh mapping
619619
fc := &fakeCache{store: map[string]interface{}{"oidc-token-OLD": "REFRESH_OLD"}}
620620

621-
newTok, err := auth.GetNewToken("cid", "secret", fc, "id_token", "OLD", srv.URL)
621+
newTok, err := auth.GetNewToken("cid", "secret", fc, "id_token", "OLD", srv.URL, context.Background())
622622
if err != nil {
623623
t.Fatalf("GetNewToken unexpected error: %v", err)
624624
}
@@ -677,7 +677,7 @@ func TestGetNewToken_PreHTTPFailures(t *testing.T) {
677677
} {
678678
t.Run(tc.name, func(t *testing.T) {
679679
// Fails before HTTP; no server needed.
680-
_, err := auth.GetNewToken("cid", "secret", tc.cache, "id_token", "OLD", "http://127.0.0.1")
680+
_, err := auth.GetNewToken("cid", "secret", tc.cache, "id_token", "OLD", "http://127.0.0.1", context.Background())
681681
if err == nil || !strings.Contains(err.Error(), tc.expect) {
682682
t.Fatalf("want error containing %q, got %v", tc.expect, err)
683683
}
@@ -700,7 +700,7 @@ func TestGetNewToken_EndpointFailures(t *testing.T) {
700700
srv := newTokenServerJSON(t, tc.status, tc.body)
701701
fc := &fakeCache{store: map[string]interface{}{"oidc-token-OLD": "REFRESH_OLD"}}
702702

703-
if _, err := auth.GetNewToken("cid", "secret", fc, "id_token", "OLD", srv.URL); err == nil {
703+
if _, err := auth.GetNewToken("cid", "secret", fc, "id_token", "OLD", srv.URL, context.Background()); err == nil {
704704
t.Fatal("expected error, got nil")
705705
}
706706
})
@@ -724,7 +724,7 @@ func TestGetNewToken_CacheUpdateErrors(t *testing.T) {
724724
errOnSetWithTTL: tc.setTTLErr,
725725
}
726726

727-
if _, err := auth.GetNewToken("cid", "secret", fc, "id_token", "OLD", srv.URL); err == nil {
727+
if _, err := auth.GetNewToken("cid", "secret", fc, "id_token", "OLD", srv.URL, context.Background()); err == nil {
728728
t.Fatal("expected error containing 'caching refreshed token', got nil")
729729
}
730730
})

0 commit comments

Comments
 (0)