kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Integrate Auth in runtime and make the config file relative to runtime root

Browse source
This commit is contained in:
creack 2013-03-22 02:19:39 -07:00
parent 5e561a9d52
commit c72ff318d3
6 changed files with 55 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -7,3 +7,4 @@ build_src
command-line-arguments.test command-line-arguments.test
.flymake* .flymake*
docker.test docker.test
auth/auth.test

62
auth/auth.go
View file

@ -8,11 +8,12 @@ import (
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"os" "os"
"path"
"strings" "strings"
) )
// Where we store the config file // Where we store the config file
const CONFIGFILE = "/var/lib/docker/.dockercfg" const CONFIGFILE = ".dockercfg"
// the registry server we want to login against // the registry server we want to login against
//const REGISTRY_SERVER = "https://registry.docker.io" //const REGISTRY_SERVER = "https://registry.docker.io"
@ -22,10 +23,11 @@ type AuthConfig struct {
Username string `json:"username"` Username string `json:"username"`
Password string `json:"password"` Password string `json:"password"`
Email string `json:"email"` Email string `json:"email"`
rootPath string `json:-`
} }
// create a base64 encoded auth string to store in config // create a base64 encoded auth string to store in config
func EncodeAuth(authConfig AuthConfig) string { func EncodeAuth(authConfig *AuthConfig) string {
authStr := authConfig.Username + ":" + authConfig.Password authStr := authConfig.Username + ":" + authConfig.Password
msg := []byte(authStr) msg := []byte(authStr)
encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg))) encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg)))
@ -34,50 +36,54 @@ func EncodeAuth(authConfig AuthConfig) string {
} }
// decode the auth string // decode the auth string
func DecodeAuth(authStr string) (AuthConfig, error) { func DecodeAuth(authStr string) (*AuthConfig, error) {
decLen := base64.StdEncoding.DecodedLen(len(authStr)) decLen := base64.StdEncoding.DecodedLen(len(authStr))
decoded := make([]byte, decLen) decoded := make([]byte, decLen)
authByte := []byte(authStr) authByte := []byte(authStr)
n, err := base64.StdEncoding.Decode(decoded, authByte) n, err := base64.StdEncoding.Decode(decoded, authByte)
if err != nil { if err != nil {
return AuthConfig{}, err return nil, err
} }
if n > decLen { if n > decLen {
return AuthConfig{}, errors.New("something went wrong decoding auth config") return nil, fmt.Errorf("Something went wrong decoding auth config")
} }
arr := strings.Split(string(decoded), ":") arr := strings.Split(string(decoded), ":")
if len(arr) != 2 {
return nil, fmt.Errorf("Invalid auth configuration file")
}
password := strings.Trim(arr[1], "\x00") password := strings.Trim(arr[1], "\x00")
return AuthConfig{Username: arr[0], Password: password}, nil return &AuthConfig{Username: arr[0], Password: password}, nil
} }
// load up the auth config information and return values // load up the auth config information and return values
func LoadConfig() (AuthConfig, error) { // FIXME: use the internal golang config parser
if _, err := os.Stat(CONFIGFILE); err == nil { func LoadConfig(rootPath string) (*AuthConfig, error) {
b, err := ioutil.ReadFile(CONFIGFILE) confFile := path.Join(rootPath, CONFIGFILE)
if err != nil { if _, err := os.Stat(confFile); err != nil {
return AuthConfig{}, err return &AuthConfig{}, fmt.Errorf("The Auth config file is missing")
}
arr := strings.Split(string(b), "\n")
orig_auth := strings.Split(arr[0], " = ")
orig_email := strings.Split(arr[1], " = ")
authConfig, err := DecodeAuth(orig_auth[1])
if err != nil {
return AuthConfig{}, err
}
authConfig.Email = orig_email[1]
return authConfig, nil
} else {
return AuthConfig{}, nil
} }
return AuthConfig{}, nil b, err := ioutil.ReadFile(confFile)
if err != nil {
return nil, err
}
arr := strings.Split(string(b), "\n")
orig_auth := strings.Split(arr[0], " = ")
orig_email := strings.Split(arr[1], " = ")
authConfig, err := DecodeAuth(orig_auth[1])
if err != nil {
return nil, err
}
authConfig.Email = orig_email[1]
authConfig.rootPath = rootPath
return authConfig, nil
} }
// save the auth config // save the auth config
func saveConfig(authStr string, email string) error { func saveConfig(rootPath, authStr string, email string) error {
lines := "auth = " + authStr + "\n" + "email = " + email + "\n" lines := "auth = " + authStr + "\n" + "email = " + email + "\n"
b := []byte(lines) b := []byte(lines)
err := ioutil.WriteFile(CONFIGFILE, b, 0600) err := ioutil.WriteFile(path.Join(rootPath, CONFIGFILE), b, 0600)
if err != nil { if err != nil {
return err return err
} }
@ -85,7 +91,7 @@ func saveConfig(authStr string, email string) error {
} }
// try to register/login to the registry server // try to register/login to the registry server
func Login(authConfig AuthConfig) (string, error) { func Login(authConfig *AuthConfig) (string, error) {
storeConfig := false storeConfig := false
reqStatusCode := 0 reqStatusCode := 0
var status string var status string
@ -146,7 +152,7 @@ func Login(authConfig AuthConfig) (string, error) {
} }
if storeConfig { if storeConfig {
authStr := EncodeAuth(authConfig) authStr := EncodeAuth(authConfig)
saveConfig(authStr, authConfig.Email) saveConfig(authConfig.rootPath, authStr, authConfig.Email)
} }
return status, nil return status, nil
} }

2
auth/auth_test.go
View file

@ -5,7 +5,7 @@ import (
) )
func TestEncodeAuth(t *testing.T) { func TestEncodeAuth(t *testing.T) {
newAuthConfig := AuthConfig{Username: "ken", Password: "test", Email: "test@example.com"} newAuthConfig := &AuthConfig{Username: "ken", Password: "test", Email: "test@example.com"}
authStr := EncodeAuth(newAuthConfig) authStr := EncodeAuth(newAuthConfig)
decAuthConfig, err := DecodeAuth(authStr) decAuthConfig, err := DecodeAuth(authStr)
if err != nil { if err != nil {

25
commands.go
View file

@ -69,17 +69,13 @@ func (srv *Server) CmdLogin(stdin io.ReadCloser, stdout io.Writer, args ...strin
var username string var username string
var password string var password string
var email string var email string
authConfig, err := auth.LoadConfig()
if err != nil {
fmt.Fprintf(stdout, "Error : %s\n", err)
}
fmt.Fprint(stdout, "Username (", authConfig.Username, "): ") fmt.Fprint(stdout, "Username (", srv.runtime.authConfig.Username, "): ")
fmt.Fscanf(stdin, "%s", &username) fmt.Fscanf(stdin, "%s", &username)
if username == "" { if username == "" {
username = authConfig.Username username = srv.runtime.authConfig.Username
} }
if username != authConfig.Username { if username != srv.runtime.authConfig.Username {
fmt.Fprint(stdout, "Password: ") fmt.Fprint(stdout, "Password: ")
fmt.Fscanf(stdin, "%s", &password) fmt.Fscanf(stdin, "%s", &password)
@ -87,16 +83,16 @@ func (srv *Server) CmdLogin(stdin io.ReadCloser, stdout io.Writer, args ...strin
return errors.New("Error : Password Required\n") return errors.New("Error : Password Required\n")
} }
fmt.Fprint(stdout, "Email (", authConfig.Email, "): ") fmt.Fprint(stdout, "Email (", srv.runtime.authConfig.Email, "): ")
fmt.Fscanf(stdin, "%s", &email) fmt.Fscanf(stdin, "%s", &email)
if email == "" { if email == "" {
email = authConfig.Email email = srv.runtime.authConfig.Email
} }
} else { } else {
password = authConfig.Password password = srv.runtime.authConfig.Password
email = authConfig.Email email = srv.runtime.authConfig.Email
} }
newAuthConfig := auth.AuthConfig{Username: username, Password: password, Email: email} newAuthConfig := &auth.AuthConfig{Username: username, Password: password, Email: email}
status, err := auth.Login(newAuthConfig) status, err := auth.Login(newAuthConfig)
if err != nil { if err != nil {
fmt.Fprintf(stdout, "Error : %s\n", err) fmt.Fprintf(stdout, "Error : %s\n", err)
@ -473,7 +469,7 @@ func (srv *Server) CmdPull(stdin io.ReadCloser, stdout io.Writer, args ...string
return fmt.Errorf("Not loggin and no user specified\n") return fmt.Errorf("Not loggin and no user specified\n")
} }
// FIXME: Allow pull repo:tag // FIXME: Allow pull repo:tag
return srv.runtime.graph.PullRepository(*user, cmd.Arg(0), "", srv.runtime.repositories) return srv.runtime.graph.PullRepository(*user, cmd.Arg(0), "", srv.runtime.repositories, srv.runtime.authConfig)
} }
func (srv *Server) CmdImages(stdin io.ReadCloser, stdout io.Writer, args ...string) error { func (srv *Server) CmdImages(stdin io.ReadCloser, stdout io.Writer, args ...string) error {
@ -867,9 +863,6 @@ func NewServer() (*Server, error) {
if runtime.GOARCH != "amd64" { if runtime.GOARCH != "amd64" {
log.Fatalf("The docker runtime currently only supports amd64 (not %s). This will change in the future. Aborting.", runtime.GOARCH) log.Fatalf("The docker runtime currently only supports amd64 (not %s). This will change in the future. Aborting.", runtime.GOARCH)
} }
// if err != nil {
// return nil, err
// }
runtime, err := NewRuntime() runtime, err := NewRuntime()
if err != nil { if err != nil {
return nil, err return nil, err

8
registry.go
View file

@ -129,19 +129,15 @@ func (graph *Graph) PullImage(imgId string) error {
} }
// FIXME: Handle the askedTag parameter // FIXME: Handle the askedTag parameter
func (graph *Graph) PullRepository(user, repoName, askedTag string, repositories *TagStore) error { func (graph *Graph) PullRepository(user, repoName, askedTag string, repositories *TagStore, authConfig *auth.AuthConfig) error {
client := &http.Client{} client := &http.Client{}
req, err := http.NewRequest("GET", REGISTRY_ENDPOINT+"/users/"+user+"/"+repoName, nil) req, err := http.NewRequest("GET", REGISTRY_ENDPOINT+"/users/"+user+"/"+repoName, nil)
if err != nil { if err != nil {
return err return err
} }
authStruct, err := auth.LoadConfig()
if err != nil {
return err
}
req.SetBasicAuth(authStruct.Username, authStruct.Password) req.SetBasicAuth(authConfig.Username, authConfig.Password)
res, err := client.Do(req) res, err := client.Do(req)
if err != nil { if err != nil {
return err return err

8
runtime.go
View file

@ -3,6 +3,7 @@ package docker
import ( import (
"container/list" "container/list"
"fmt" "fmt"
"github.com/dotcloud/docker/auth"
"io" "io"
"io/ioutil" "io/ioutil"
"log" "log"
@ -20,6 +21,7 @@ type Runtime struct {
networkManager *NetworkManager networkManager *NetworkManager
graph *Graph graph *Graph
repositories *TagStore repositories *TagStore
authConfig *auth.AuthConfig
} }
var sysInitPath string var sysInitPath string
@ -246,6 +248,11 @@ func NewRuntimeFromDirectory(root string) (*Runtime, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
authConfig, err := auth.LoadConfig(root)
if err != nil && authConfig == nil {
// If the auth file does not exist, keep going
return nil, err
}
runtime := &Runtime{ runtime := &Runtime{
root: root, root: root,
@ -254,6 +261,7 @@ func NewRuntimeFromDirectory(root string) (*Runtime, error) {
networkManager: netManager, networkManager: netManager,
graph: g, graph: g,
repositories: repositories, repositories: repositories,
authConfig: authConfig,
} }
if err := runtime.restore(); err != nil { if err := runtime.restore(); err != nil {