mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Pass auth config through headers rather than as URL param
This commit is contained in:
parent
a2603477dd
commit
d04beb7f43
2 changed files with 34 additions and 24 deletions
23
api.go
23
api.go
|
@ -2,7 +2,6 @@ package docker
|
|||
|
||||
import (
|
||||
"code.google.com/p/go.net/websocket"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"github.com/dotcloud/docker/auth"
|
||||
|
@ -395,13 +394,12 @@ func postImagesCreate(srv *Server, version float64, w http.ResponseWriter, r *ht
|
|||
tag := r.Form.Get("tag")
|
||||
repo := r.Form.Get("repo")
|
||||
|
||||
authEncoded := r.Form.Get("authConfig")
|
||||
authJson := r.Header.Get("X-Registry-Auth")
|
||||
authConfig := &auth.AuthConfig{}
|
||||
if authEncoded != "" {
|
||||
authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
|
||||
if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
|
||||
if authJson != "" {
|
||||
if err := json.NewDecoder(strings.NewReader(authJson)).Decode(authConfig); err != nil {
|
||||
// for a pull it is not an error if no auth was given
|
||||
// to increase compatibilit to existing api it is defaulting to be empty
|
||||
// to increase compatibility with the existing api it is defaulting to be empty
|
||||
authConfig = &auth.AuthConfig{}
|
||||
}
|
||||
}
|
||||
|
@ -495,17 +493,14 @@ func postImagesPush(srv *Server, version float64, w http.ResponseWriter, r *http
|
|||
}
|
||||
authConfig := &auth.AuthConfig{}
|
||||
|
||||
authEncoded := r.Form.Get("authConfig")
|
||||
if authEncoded != "" {
|
||||
// the new format is to handle the authConfg as a parameter
|
||||
authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
|
||||
if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
|
||||
// for a pull it is not an error if no auth was given
|
||||
// to increase compatibilit to existing api it is defaulting to be empty
|
||||
authJson := r.Header.Get("X-Registry-Auth")
|
||||
if authJson != "" {
|
||||
if err := json.NewDecoder(strings.NewReader(authJson)).Decode(authConfig); err != nil {
|
||||
// to increase compatibility with the existing api it is defaulting to be empty
|
||||
authConfig = &auth.AuthConfig{}
|
||||
}
|
||||
} else {
|
||||
// the old format is supported for compatibility if there was no authConfig parameter
|
||||
// the old format is supported for compatibility if there was no authConfig header
|
||||
if err := json.NewDecoder(r.Body).Decode(authConfig); err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
35
commands.go
35
commands.go
|
@ -128,7 +128,7 @@ func (cli *DockerCli) CmdInsert(args ...string) error {
|
|||
v.Set("url", cmd.Arg(1))
|
||||
v.Set("path", cmd.Arg(2))
|
||||
|
||||
if err := cli.stream("POST", "/images/"+cmd.Arg(0)+"/insert?"+v.Encode(), nil, cli.out); err != nil {
|
||||
if err := cli.stream("POST", "/images/"+cmd.Arg(0)+"/insert?"+v.Encode(), nil, cli.out, nil); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
|
@ -795,7 +795,7 @@ func (cli *DockerCli) CmdImport(args ...string) error {
|
|||
v.Set("tag", tag)
|
||||
v.Set("fromSrc", src)
|
||||
|
||||
err := cli.stream("POST", "/images/create?"+v.Encode(), cli.in, cli.out)
|
||||
err := cli.stream("POST", "/images/create?"+v.Encode(), cli.in, cli.out, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -841,9 +841,13 @@ func (cli *DockerCli) CmdPush(args ...string) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
v.Set("authConfig", base64.URLEncoding.EncodeToString(buf))
|
||||
registryAuthHeader := []string{
|
||||
string(buf),
|
||||
}
|
||||
|
||||
return cli.stream("POST", "/images/"+name+"/push?"+v.Encode(), nil, cli.out)
|
||||
return cli.stream("POST", "/images/"+name+"/push?"+v.Encode(), nil, cli.out, map[string][]string{
|
||||
"X-Registry-Auth": registryAuthHeader,
|
||||
})
|
||||
}
|
||||
|
||||
if err := push(authConfig); err != nil {
|
||||
|
@ -896,9 +900,13 @@ func (cli *DockerCli) CmdPull(args ...string) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
v.Set("authConfig", base64.URLEncoding.EncodeToString(buf))
|
||||
registryAuthHeader := []string{
|
||||
string(buf),
|
||||
}
|
||||
|
||||
return cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.out)
|
||||
return cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.out, map[string][]string{
|
||||
"X-Registry-Auth": registryAuthHeader,
|
||||
})
|
||||
}
|
||||
|
||||
if err := pull(authConfig); err != nil {
|
||||
|
@ -1143,7 +1151,7 @@ func (cli *DockerCli) CmdEvents(args ...string) error {
|
|||
v.Set("since", *since)
|
||||
}
|
||||
|
||||
if err := cli.stream("GET", "/events?"+v.Encode(), nil, cli.out); err != nil {
|
||||
if err := cli.stream("GET", "/events?"+v.Encode(), nil, cli.out, nil); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
|
@ -1160,7 +1168,7 @@ func (cli *DockerCli) CmdExport(args ...string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
if err := cli.stream("GET", "/containers/"+cmd.Arg(0)+"/export", nil, cli.out); err != nil {
|
||||
if err := cli.stream("GET", "/containers/"+cmd.Arg(0)+"/export", nil, cli.out, nil); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
|
@ -1451,7 +1459,7 @@ func (cli *DockerCli) CmdRun(args ...string) error {
|
|||
}
|
||||
v.Set("authConfig", base64.URLEncoding.EncodeToString(buf))
|
||||
|
||||
err = cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.err)
|
||||
err = cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.err, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -1628,7 +1636,7 @@ func (cli *DockerCli) call(method, path string, data interface{}) ([]byte, int,
|
|||
return body, resp.StatusCode, nil
|
||||
}
|
||||
|
||||
func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) error {
|
||||
func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer, headers map[string][]string) error {
|
||||
if (method == "POST" || method == "PUT") && in == nil {
|
||||
in = bytes.NewReader([]byte{})
|
||||
}
|
||||
|
@ -1641,6 +1649,13 @@ func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) e
|
|||
if method == "POST" {
|
||||
req.Header.Set("Content-Type", "plain/text")
|
||||
}
|
||||
|
||||
if headers != nil {
|
||||
for k, v := range headers {
|
||||
req.Header[k] = v
|
||||
}
|
||||
}
|
||||
|
||||
dial, err := net.Dial(cli.proto, cli.addr)
|
||||
if err != nil {
|
||||
if strings.Contains(err.Error(), "connection refused") {
|
||||
|
|
Loading…
Reference in a new issue