func()

in auth/auth.go [207:218]

• 12 lines of code
• 5 McCabe index (conditional complexity)

func (c *Client) extractSAToken(cfg *config.MountConfig, idPool, audience string) (*authenticationv1.TokenRequestStatus, error) {
	audienceTokens := map[string]authenticationv1.TokenRequestStatus{}
	if err := json.Unmarshal([]byte(cfg.PodInfo.ServiceAccountTokens), &audienceTokens); err != nil {
		return nil, err
	}
	for k, v := range audienceTokens {
		if k == idPool || k == audience { // Only returns the token if the audience is the workload identity. Other tokens cannot be used.
			return &v, nil
		}
	}
	return nil, fmt.Errorf("no token has audience value of idPool")
}