This module is designed to interact with a Dex server running on Kubernetes using both gRPC and HTTP calls to handle user authorization and authentication programmatically.
This module comes with precompiled protocol buffer bindings for targeted Dex gRPC API versions. As of the creation of this repository, the latest version is 2.14.0
. See the protocol file for available API methods.
The following shows same basic use cases for this module:
import json
from io import BytesIO
from dex_k8s_client.k8s.cluster import Dex_K8S_Cluster
from dex_k8s_client.k8s.connector import Dex_K8S_Connector
from dex_k8s_client.client import Dex_K8S_Client
# Cluster CA certificate
cluster_ca_cert = None
with open('/my/cluster/ca.crt', 'rb') as f:
cluster_ca_cert = BytesIO(f.read())
# Dex certificates
dex_client_cert = None
dex_client_key = None
dex_ca_cert = None
with open('/my/dex/client.crt', 'rb') as f:
dex_client_cert = f.read()
with open('/my/dex/client.key', 'rb') as f:
dex_client_key = f.read()
with open('/my/dex/ca.crt', 'rb') as f:
dex_ca_cert = f.read()
# Define your cluster
cluster = Dex_K8S_Cluster('my-cluster-name',
ca_cert = cluster_ca_cert,
api_url = 'https://mycluster:8443/api/url',
issuer_url = 'https://mycluster-dex-issuer:5556')
# Define your Dex connection (optional)
dex_connector = Dex_K8S_Connector(
host = 'mycluster',
grpc_port = '5557',
https_port = '5556',
client_cert = dex_client_cert,
client_key = dex_client_key,
ca_cert = dex_ca_cert,
issuer_url = 'https://mycluster-dex-issuer:5556',
version = '2.14.0'
)
# Create the client
dex = Dex_K8S_Client(cluster, oauth2=dex_oauth2, grpc=dex_grpc)
# Get a token for a user
token = dex.get_token('client-id', 'client-secret', '[email protected]', 'password')
# Get the token JSON
print(json.dumps(token.json()))
# Decode the token to inspect the payload
print(json.dumps(token.decode()))
# Get a kubeconfig for a user
kubeconfig = dex.get_kubeconfig('client-id', 'client-secret', '[email protected]', 'password')
To install the module with the precompiled protocol buffer bindings:
python3 setup.py install
Tests are broken down into unit tests and integration tests (managed with a Dex and OpenLDAP running on Docker).
To run unit tests:
$ make test_unit
To run integration tests first make sure you build the required Docker environment:
$ make build
$ make run
Now that your Docker environment is ready, you can run integration tests:
$ make test_integration
If you want to run both unit and integration tests back to back, make sure you first follow the steps to get your Docker environment set up:
$ make test