fix invocation of kubernetesAuthProvidersApi

Pass token provider when authenticating via openID tokens.

Signed-off-by: Jamie Klassen <jklassen@vmware.com>

.changeset/six-melons-end.md

@@ -0,0 +1,5 @@
+---
+'@backstage/plugin-kubernetes-react': patch
+---
+
+Fixed a bug where the logs dialog and any other functionality depending on the proxy endpoint would fail for clusters configured with the OIDC auth provider.

plugins/kubernetes-react/src/api/KubernetesBackendClient.test.ts

@@ -448,6 +448,9 @@ describe('KubernetesBackendClient', () => {
       const response = await backendClient.proxy(request);
 
       await expect(response.json()).resolves.toStrictEqual(nsResponse);
+      expect(kubernetesAuthProvidersApi.getCredentials).toHaveBeenCalledWith(
+        'oidc.okta',
+      );
     });
 
     it('hits the /proxy API with serviceAccount as auth provider', async () => {
@@ -495,6 +498,42 @@ describe('KubernetesBackendClient', () => {
       const response = await backendClient.proxy(request);
 
       await expect(response.json()).resolves.toStrictEqual(nsResponse);
+      expect(kubernetesAuthProvidersApi.getCredentials).toHaveBeenCalledWith(
+        'serviceAccount',
+      );
+    });
+
+    it('ignores oidcTokenProvider for non-oidc auth provider', async () => {
+      worker.use(
+        rest.get(
+          'http://localhost:1234/api/kubernetes/clusters',
+          (_, res, ctx) =>
+            res(
+              ctx.json({
+                items: [
+                  {
+                    name: 'cluster-a',
+                    authProvider: 'not oidc',
+                    oidcTokenProvider: 'should be ignored',
+                  },
+                ],
+              }),
+            ),
+        ),
+        rest.get(
+          'http://localhost:1234/api/kubernetes/proxy/api/v1/namespaces',
+          (_, res, ctx) => res(ctx.json([])),
+        ),
+      );
+
+      await backendClient.proxy({
+        clusterName: 'cluster-a',
+        path: '/api/v1/namespaces',
+      });
+
+      expect(kubernetesAuthProvidersApi.getCredentials).toHaveBeenCalledWith(
+        'not oidc',
+      );
     });
 
     it('hits /proxy api when signed in as a guest', async () => {

plugins/kubernetes-react/src/api/KubernetesBackendClient.ts

@@ -92,8 +92,13 @@ export class KubernetesBackendClient implements KubernetesApi {
 
   private async getCredentials(
     authProvider: string,
+    oidcTokenProvider?: string,
   ): Promise<{ token?: string }> {
-    return await this.kubernetesAuthProvidersApi.getCredentials(authProvider);
+    return await this.kubernetesAuthProvidersApi.getCredentials(
+      authProvider === 'oidc'
+        ? `${authProvider}.${oidcTokenProvider}`
+        : authProvider,
+    );
   }
 
   async getObjectsByEntity(
@@ -145,7 +150,10 @@ export class KubernetesBackendClient implements KubernetesApi {
     const { authProvider, oidcTokenProvider } = await this.getCluster(
       options.clusterName,
     );
-    const kubernetesCredentials = await this.getCredentials(authProvider);
+    const kubernetesCredentials = await this.getCredentials(
+      authProvider,
+      oidcTokenProvider,
+    );
     const url = `${await this.discoveryApi.getBaseUrl('kubernetes')}/proxy${
       options.path
     }`;