diff --git a/kr8s/_api.py b/kr8s/_api.py index 9f7c5cbd..2fe6d8bb 100644 --- a/kr8s/_api.py +++ b/kr8s/_api.py @@ -75,13 +75,9 @@ async def _create_session(self) -> None: with contextlib.suppress(RuntimeError): await self._session.aclose() self._session = None - userauth = None - if self.auth.username and self.auth.password: - userauth = httpx.BasicAuth(self.auth.username, self.auth.password) self._session = httpx.AsyncClient( base_url=self.auth.server, headers=headers, - auth=userauth, verify=await self.auth.ssl_context(), ) @@ -186,9 +182,6 @@ async def open_websocket( headers = {"User-Agent": self.__version__, "content-type": "application/json"} if self.auth.token: headers["Authorization"] = f"Bearer {self.auth.token}" - userauth = None - if self.auth.username and self.auth.password: - userauth = aiohttp.BasicAuth(self.auth.username, self.auth.password) url = self._construct_url(version, base, namespace, url) kwargs.update(url=url, ssl=await self.auth.ssl_context()) auth_attempts = 0 @@ -197,7 +190,6 @@ async def open_websocket( async with aiohttp.ClientSession( base_url=self.auth.server, headers=headers, - auth=userauth, ) as session: async with session.ws_connect(**kwargs) as response: yield response @@ -254,8 +246,6 @@ async def _whoami(self): ) as r: data = r.json() return data["status"]["user"]["username"] - elif self.auth.username: - return f"kubecfg:basicauth:{self.auth.username}" elif self.auth.client_cert_file: with open(self.auth.client_cert_file, "rb") as f: cert = x509.load_pem_x509_certificate(f.read()) diff --git a/kr8s/_auth.py b/kr8s/_auth.py index af781426..6f47ae29 100644 --- a/kr8s/_auth.py +++ b/kr8s/_auth.py @@ -27,8 +27,6 @@ def __init__( self.client_key_file = None self.server_ca_file = None self.token = None - self.username = None - self.password = None self.namespace = namespace self.active_context = None self._insecure_skip_tls_verify = False @@ -182,10 +180,11 @@ async def _load_kubeconfig(self) -> None: ) if "token" in self._user: self.token = self._user["token"] - if "username" in self._user: - self.username = self._user["username"] - if "password" in self._user: - self.password = self._user["password"] + if "username" in self._user or "password" in self._user: + raise ValueError( + "username/password authentication was removed in Kubernetes 1.19, " + "kr8s doesn't not support this Kubernetes version" + ) if self.namespace is None: self.namespace = self._context.get("namespace", "default") if "auth-provider" in self._user: