Created
April 27, 2016 09:54
-
-
Save cmoulliard/f277724b4371862d018dff84035c0cba to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mvn clean compile exec:java | |
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option PermSize=256m; support was removed in 8.0 | |
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=512m; support was removed in 8.0 | |
[INFO] Scanning for projects... | |
[INFO] | |
[INFO] ------------------------------------------------------------------------ | |
[INFO] Building openshift-client 1.0-SNAPSHOT | |
[INFO] ------------------------------------------------------------------------ | |
[INFO] | |
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ openshift-client --- | |
[INFO] Deleting /Users/chmoulli/Temp/test-kubernetes-client/target | |
[INFO] | |
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ openshift-client --- | |
[WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent! | |
[INFO] Copying 1 resource | |
[INFO] | |
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ openshift-client --- | |
[INFO] Changes detected - recompiling the module! | |
[WARNING] File encoding has not been set, using platform encoding UTF-8, i.e. build is platform dependent! | |
[INFO] Compiling 1 source file to /Users/chmoulli/Temp/test-kubernetes-client/target/classes | |
[INFO] | |
[INFO] --- exec-maven-plugin:1.4.0:java (default-cli) @ openshift-client --- | |
--> GET https://172.28.128.4:8443/oapi/v1/users/~ HTTP/1.1 | |
Accept: application/json | |
Host: 172.28.128.4:8443 | |
Connection: Keep-Alive | |
Accept-Encoding: gzip | |
User-Agent: okhttp/2.7.2 | |
--> END GET | |
<-- HTTP/1.1 403 Forbidden (10ms) | |
Cache-Control: no-store | |
Content-Type: application/json | |
Date: Wed, 27 Apr 2016 09:52:32 GMT | |
Content-Length: 263 | |
OkHttp-Sent-Millis: 1461750752648 | |
OkHttp-Received-Millis: 1461750752657 | |
{ | |
"kind": "Status", | |
"apiVersion": "v1", | |
"metadata": {}, | |
"status": "Failure", | |
"message": "User \"system:anonymous\" cannot get users at the cluster scope", | |
"reason": "Forbidden", | |
"details": { | |
"name": "~", | |
"kind": "users" | |
}, | |
"code": 403 | |
} | |
<-- END HTTP (263-byte body) | |
--> GET https://172.28.128.4:8443/oauth/authorize?response_type=token&client_id=openshift-challenging-client HTTP/1.1 | |
Authorization: Basic YWRtaW46YWRtaW4= | |
Accept: application/json | |
Host: 172.28.128.4:8443 | |
Connection: Keep-Alive | |
Accept-Encoding: gzip | |
User-Agent: okhttp/2.7.2 | |
--> END GET | |
<-- HTTP/1.1 302 Found (22ms) | |
Cache-Control: no-cache, no-store, max-age=0, must-revalidate | |
Expires: Fri, 01 Jan 1990 00:00:00 GMT | |
Location: https://172.28.128.4:8443/oauth/token/implicit#access_token=qn08Tfjn4NgL_TSsqSBiOEoP6-6wr-pnmPzE6J_mzQU&expires_in=86400&token_type=Bearer | |
Pragma: no-cache | |
Set-Cookie: ssn=MTQ2MTc1MDc1MnxhSEU4RjdxQ1NRelM1aFphc0ExZGVoXzdvQXBiQk9WcFRmZHRLUHJSZVBlaFl0bk9LV081VF9nMmpuMzh4b1JFdXhkSXprTlVmM2J4TjRCNGpRa3hFQUpFb04ydlVNZFJ1V2tFeVBmb1BiRS13cHRqQkNrampJdzgxUS16WHVNa2RnPT18OHVYMlRQEcWD-0KRKISSoAfOwAxrs03gffV6S-zLtB4=; Path=/; Expires=Wed, 27 Apr 2016 09:57:32 GMT; Max-Age=300; HttpOnly; Secure | |
Date: Wed, 27 Apr 2016 09:52:32 GMT | |
Content-Length: 0 | |
Content-Type: text/plain; charset=utf-8 | |
OkHttp-Sent-Millis: 1461750752662 | |
OkHttp-Received-Millis: 1461750752684 | |
<-- END HTTP (0-byte body) | |
--> GET https://172.28.128.4:8443/oauth/token/implicit#access_token=qn08Tfjn4NgL_TSsqSBiOEoP6-6wr-pnmPzE6J_mzQU&expires_in=86400&token_type=Bearer HTTP/1.1 | |
Authorization: Basic YWRtaW46YWRtaW4= | |
Accept: application/json | |
Host: 172.28.128.4:8443 | |
Connection: Keep-Alive | |
Accept-Encoding: gzip | |
User-Agent: okhttp/2.7.2 | |
--> END GET | |
<-- HTTP/1.1 200 OK (2ms) | |
Content-Type: text/plain | |
Date: Wed, 27 Apr 2016 09:52:32 GMT | |
Content-Length: 756 | |
OkHttp-Sent-Millis: 1461750752685 | |
OkHttp-Received-Millis: 1461750752687 | |
You have reached this page by following a redirect Location header from an OAuth authorize request. | |
If a response_type=token parameter was passed to the /authorize endpoint, that requested an | |
"Implicit Grant" OAuth flow (see https://tools.ietf.org/html/rfc6749#section-4.2). | |
That flow requires the access token to be returned in the fragment portion of a redirect header. | |
Rather than following the redirect here, you can obtain the access token from the Location header | |
(see https://tools.ietf.org/html/rfc6749#section-4.2.2): | |
1. Parse the URL in the Location header and extract the fragment portion | |
2. Parse the fragment using the "application/x-www-form-urlencoded" format | |
3. The access_token parameter contains the granted OAuth access token | |
<-- END HTTP (756-byte body) | |
--> GET https://172.28.128.4:8443/oapi/v1/users/~ HTTP/1.1 | |
Accept: application/json | |
Authorization: Bearer qn08Tfjn4NgL_TSsqSBiOEoP6-6wr-pnmPzE6J_mzQU | |
Host: 172.28.128.4:8443 | |
Connection: Keep-Alive | |
Accept-Encoding: gzip | |
User-Agent: okhttp/2.7.2 | |
--> END GET | |
<-- HTTP/1.1 200 OK (4ms) | |
Cache-Control: no-store | |
Content-Type: application/json | |
Date: Wed, 27 Apr 2016 09:52:32 GMT | |
Content-Length: 258 | |
OkHttp-Sent-Millis: 1461750752688 | |
OkHttp-Received-Millis: 1461750752692 | |
{"kind":"User","apiVersion":"v1","metadata":{"name":"admin","selfLink":"/oapi/v1/users/admin","uid":"2bef9c82-0b01-11e6-9d72-080027b5c2f4","resourceVersion":"1819","creationTimestamp":"2016-04-25T16:17:14Z"},"identities":["anypassword:admin"],"groups":null} | |
<-- END HTTP (258-byte body) | |
11:52:32.723 [org.fuse.demo.kubernetes.ApimanClient.main()] INFO org.fuse.demo.kubernetes.ApimanClient - User : User(apiVersion=v1, fullName=null, groups=null, identities=[anypassword:admin], kind=User, metadata=ObjectMeta(annotations=null, creationTimestamp=2016-04-25T16:17:14Z, deletionGracePeriodSeconds=null, deletionTimestamp=null, generateName=null, generation=null, labels=null, name=admin, namespace=null, resourceVersion=1819, selfLink=/oapi/v1/users/admin, uid=2bef9c82-0b01-11e6-9d72-080027b5c2f4, additionalProperties={}), additionalProperties={}) | |
--> POST https://172.28.128.4:8443/oapi/v1/namespaces/default/subjectaccessreviews HTTP/1.1 | |
Content-Type: application/json; charset=utf-8 | |
Content-Length: 86 | |
Accept: application/json | |
Authorization: Bearer qn08Tfjn4NgL_TSsqSBiOEoP6-6wr-pnmPzE6J_mzQU | |
Host: 172.28.128.4:8443 | |
Connection: Keep-Alive | |
Accept-Encoding: gzip | |
User-Agent: okhttp/2.7.2 | |
{"apiVersion":"v1","groups":[],"kind":"SubjectAccessReview","resource":"*","verb":"*"} | |
--> END POST (86-byte body) | |
<-- HTTP/1.1 201 Created (5ms) | |
Cache-Control: no-store | |
Content-Type: application/json | |
Date: Wed, 27 Apr 2016 09:52:32 GMT | |
Content-Length: 129 | |
OkHttp-Sent-Millis: 1461750752757 | |
OkHttp-Received-Millis: 1461750752762 | |
{"kind":"SubjectAccessReviewResponse","apiVersion":"v1","namespace":"default","allowed":true,"reason":"allowed by cluster rule"} | |
<-- END HTTP (129-byte body) | |
11:52:32.765 [org.fuse.demo.kubernetes.ApimanClient.main()] INFO org.fuse.demo.kubernetes.ApimanClient - isAdminResponse: SubjectAccessReviewResponse(allowed=true, apiVersion=v1, kind=SubjectAccessReviewResponse, namespace=default, reason=allowed by cluster rule, additionalProperties={}) | |
11:52:32.765 [org.fuse.demo.kubernetes.ApimanClient.main()] INFO org.fuse.demo.kubernetes.ApimanClient - Allowed : true | |
11:52:32.765 [org.fuse.demo.kubernetes.ApimanClient.main()] INFO org.fuse.demo.kubernetes.ApimanClient - User name : admin |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment