Refactor

int128 · Aug 26, 2018 · 62b9a21 · 62b9a21
1 parent 974fc5c
commit 62b9a21
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 50 deletions.
diff --git a/cli/cli.go b/cli/cli.go
@@ -2,11 +2,7 @@ package cli
 
 import (
 	"context"
-	"crypto/tls"
-	"crypto/x509"
-	"encoding/base64"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"net/http"
 
@@ -54,7 +50,7 @@ func (c *CLI) Run(ctx context.Context) error {
 		return err
 	}
 	log.Printf("Reading %s", path)
-	cfg, err := kubeconfig.Load(path)
+	cfg, err := kubeconfig.Read(path)
 	if err != nil {
 		return fmt.Errorf("Could not load kubeconfig: %s", err)
 	}
@@ -63,7 +59,7 @@ func (c *CLI) Run(ctx context.Context) error {
 	if authInfo == nil {
 		return fmt.Errorf("Could not find current context: %s", cfg.CurrentContext)
 	}
-	authProvider, err := kubeconfig.ToOIDCAuthProviderConfig(authInfo)
+	authProvider, err := kubeconfig.FindOIDCAuthProvider(authInfo)
 	if err != nil {
 		return fmt.Errorf("Could not find auth-provider: %s", err)
 	}
@@ -84,32 +80,3 @@ func (c *CLI) Run(ctx context.Context) error {
 	log.Printf("Updated %s", path)
 	return nil
 }
-
-func (c *CLI) tlsConfig(authProvider *kubeconfig.OIDCAuthProviderConfig) (*tls.Config, error) {
-	p := x509.NewCertPool()
-	if authProvider.IDPCertificateAuthority() != "" {
-		b, err := ioutil.ReadFile(authProvider.IDPCertificateAuthority())
-		if err != nil {
-			return nil, fmt.Errorf("Could not read idp-certificate-authority: %s", err)
-		}
-		if p.AppendCertsFromPEM(b) != true {
-			return nil, fmt.Errorf("Could not load CA certificate from idp-certificate-authority: %s", err)
-		}
-		log.Printf("Using CA certificate: %s", authProvider.IDPCertificateAuthority())
-	}
-	if authProvider.IDPCertificateAuthorityData() != "" {
-		b, err := base64.StdEncoding.DecodeString(authProvider.IDPCertificateAuthorityData())
-		if err != nil {
-			return nil, fmt.Errorf("Could not decode idp-certificate-authority-data: %s", err)
-		}
-		if p.AppendCertsFromPEM(b) != true {
-			return nil, fmt.Errorf("Could not load CA certificate from idp-certificate-authority-data: %s", err)
-		}
-		log.Printf("Using CA certificate of idp-certificate-authority-data")
-	}
-	cfg := &tls.Config{InsecureSkipVerify: c.SkipTLSVerify}
-	if len(p.Subjects()) > 0 {
-		cfg.RootCAs = p
-	}
-	return cfg, nil
-}
diff --git a/cli/tls.go b/cli/tls.go
@@ -0,0 +1,42 @@
+package cli
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	"encoding/base64"
+	"fmt"
+	"io/ioutil"
+	"log"
+
+	"github.com/int128/kubelogin/kubeconfig"
+)
+
+func (c *CLI) tlsConfig(authProvider *kubeconfig.OIDCAuthProvider) (*tls.Config, error) {
+	p := x509.NewCertPool()
+	if authProvider.IDPCertificateAuthority() != "" {
+		b, err := ioutil.ReadFile(authProvider.IDPCertificateAuthority())
+		if err != nil {
+			return nil, fmt.Errorf("Could not read idp-certificate-authority: %s", err)
+		}
+		if p.AppendCertsFromPEM(b) != true {
+			return nil, fmt.Errorf("Could not load CA certificate from idp-certificate-authority: %s", err)
+		}
+		log.Printf("Using CA certificate: %s", authProvider.IDPCertificateAuthority())
+	}
+	if authProvider.IDPCertificateAuthorityData() != "" {
+		b, err := base64.StdEncoding.DecodeString(authProvider.IDPCertificateAuthorityData())
+		if err != nil {
+			return nil, fmt.Errorf("Could not decode idp-certificate-authority-data: %s", err)
+		}
+		if p.AppendCertsFromPEM(b) != true {
+			return nil, fmt.Errorf("Could not load CA certificate from idp-certificate-authority-data: %s", err)
+		}
+		log.Printf("Using CA certificate of idp-certificate-authority-data")
+	}
+
+	cfg := &tls.Config{InsecureSkipVerify: c.SkipTLSVerify}
+	if len(p.Subjects()) > 0 {
+		cfg.RootCAs = p
+	}
+	return cfg, nil
+}
diff --git a/kubeconfig/auth.go b/kubeconfig/auth.go
@@ -16,51 +16,51 @@ func FindCurrentAuthInfo(config *api.Config) *api.AuthInfo {
 	return config.AuthInfos[context.AuthInfo]
 }
 
-// ToOIDCAuthProviderConfig converts from api.AuthInfo to OIDCAuthProviderConfig.
-func ToOIDCAuthProviderConfig(authInfo *api.AuthInfo) (*OIDCAuthProviderConfig, error) {
+// FindOIDCAuthProvider returns the OIDC authProvider.
+func FindOIDCAuthProvider(authInfo *api.AuthInfo) (*OIDCAuthProvider, error) {
 	if authInfo.AuthProvider == nil {
-		return nil, fmt.Errorf("auth-provider is not set, did you setup kubectl as listed here: https://github.com/int128/kubelogin#3-setup-kubectl")
+		return nil, fmt.Errorf("auth-provider is not set, did you setup kubectl as listed here: https://github.com/int128/kubelogin")
 	}
 	if authInfo.AuthProvider.Name != "oidc" {
 		return nil, fmt.Errorf("auth-provider `%s` is not supported", authInfo.AuthProvider.Name)
 	}
-	return (*OIDCAuthProviderConfig)(authInfo.AuthProvider), nil
+	return (*OIDCAuthProvider)(authInfo.AuthProvider), nil
 }
 
-// OIDCAuthProviderConfig represents OIDC configuration in the kubeconfig.
-type OIDCAuthProviderConfig api.AuthProviderConfig
+// OIDCAuthProvider represents OIDC configuration in the kubeconfig.
+type OIDCAuthProvider api.AuthProviderConfig
 
 // IDPIssuerURL returns the idp-issuer-url.
-func (c *OIDCAuthProviderConfig) IDPIssuerURL() string {
+func (c *OIDCAuthProvider) IDPIssuerURL() string {
 	return c.Config["idp-issuer-url"]
 }
 
 // ClientID returns the client-id.
-func (c *OIDCAuthProviderConfig) ClientID() string {
+func (c *OIDCAuthProvider) ClientID() string {
 	return c.Config["client-id"]
 }
 
 // ClientSecret returns the client-secret.
-func (c *OIDCAuthProviderConfig) ClientSecret() string {
+func (c *OIDCAuthProvider) ClientSecret() string {
 	return c.Config["client-secret"]
 }
 
 // IDPCertificateAuthority returns the idp-certificate-authority.
-func (c *OIDCAuthProviderConfig) IDPCertificateAuthority() string {
+func (c *OIDCAuthProvider) IDPCertificateAuthority() string {
 	return c.Config["idp-certificate-authority"]
 }
 
 // IDPCertificateAuthorityData returns the idp-certificate-authority-data.
-func (c *OIDCAuthProviderConfig) IDPCertificateAuthorityData() string {
+func (c *OIDCAuthProvider) IDPCertificateAuthorityData() string {
 	return c.Config["idp-certificate-authority-data"]
 }
 
 // SetIDToken replaces the id-token.
-func (c *OIDCAuthProviderConfig) SetIDToken(idToken string) {
+func (c *OIDCAuthProvider) SetIDToken(idToken string) {
 	c.Config["id-token"] = idToken
 }
 
 // SetRefreshToken replaces the refresh-token.
-func (c *OIDCAuthProviderConfig) SetRefreshToken(refreshToken string) {
+func (c *OIDCAuthProvider) SetRefreshToken(refreshToken string) {
 	c.Config["refresh-token"] = refreshToken
 }
diff --git a/kubeconfig/kubeconfig.go b/kubeconfig/kubeconfig.go
@@ -7,8 +7,8 @@ import (
 	"k8s.io/client-go/tools/clientcmd/api"
 )
 
-// Load loads the file and returns the Config.
-func Load(path string) (*api.Config, error) {
+// Read parses the file and returns the Config.
+func Read(path string) (*api.Config, error) {
 	config, err := clientcmd.LoadFromFile(path)
 	if err != nil {
 		return nil, fmt.Errorf("Could not load kubeconfig from %s: %s", path, err)