1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

Pass auth config through headers rather than as URL param

This commit is contained in:
shin- 2013-08-30 21:46:19 +02:00 committed by Marco Hennings
parent a2603477dd
commit d04beb7f43
2 changed files with 34 additions and 24 deletions

23
api.go
View file

@ -2,7 +2,6 @@ package docker
import (
"code.google.com/p/go.net/websocket"
"encoding/base64"
"encoding/json"
"fmt"
"github.com/dotcloud/docker/auth"
@ -395,13 +394,12 @@ func postImagesCreate(srv *Server, version float64, w http.ResponseWriter, r *ht
tag := r.Form.Get("tag")
repo := r.Form.Get("repo")
authEncoded := r.Form.Get("authConfig")
authJson := r.Header.Get("X-Registry-Auth")
authConfig := &auth.AuthConfig{}
if authEncoded != "" {
authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
if authJson != "" {
if err := json.NewDecoder(strings.NewReader(authJson)).Decode(authConfig); err != nil {
// for a pull it is not an error if no auth was given
// to increase compatibilit to existing api it is defaulting to be empty
// to increase compatibility with the existing api it is defaulting to be empty
authConfig = &auth.AuthConfig{}
}
}
@ -495,17 +493,14 @@ func postImagesPush(srv *Server, version float64, w http.ResponseWriter, r *http
}
authConfig := &auth.AuthConfig{}
authEncoded := r.Form.Get("authConfig")
if authEncoded != "" {
// the new format is to handle the authConfg as a parameter
authJson := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
if err := json.NewDecoder(authJson).Decode(authConfig); err != nil {
// for a pull it is not an error if no auth was given
// to increase compatibilit to existing api it is defaulting to be empty
authJson := r.Header.Get("X-Registry-Auth")
if authJson != "" {
if err := json.NewDecoder(strings.NewReader(authJson)).Decode(authConfig); err != nil {
// to increase compatibility with the existing api it is defaulting to be empty
authConfig = &auth.AuthConfig{}
}
} else {
// the old format is supported for compatibility if there was no authConfig parameter
// the old format is supported for compatibility if there was no authConfig header
if err := json.NewDecoder(r.Body).Decode(authConfig); err != nil {
return err
}

View file

@ -128,7 +128,7 @@ func (cli *DockerCli) CmdInsert(args ...string) error {
v.Set("url", cmd.Arg(1))
v.Set("path", cmd.Arg(2))
if err := cli.stream("POST", "/images/"+cmd.Arg(0)+"/insert?"+v.Encode(), nil, cli.out); err != nil {
if err := cli.stream("POST", "/images/"+cmd.Arg(0)+"/insert?"+v.Encode(), nil, cli.out, nil); err != nil {
return err
}
return nil
@ -795,7 +795,7 @@ func (cli *DockerCli) CmdImport(args ...string) error {
v.Set("tag", tag)
v.Set("fromSrc", src)
err := cli.stream("POST", "/images/create?"+v.Encode(), cli.in, cli.out)
err := cli.stream("POST", "/images/create?"+v.Encode(), cli.in, cli.out, nil)
if err != nil {
return err
}
@ -841,9 +841,13 @@ func (cli *DockerCli) CmdPush(args ...string) error {
if err != nil {
return err
}
v.Set("authConfig", base64.URLEncoding.EncodeToString(buf))
registryAuthHeader := []string{
string(buf),
}
return cli.stream("POST", "/images/"+name+"/push?"+v.Encode(), nil, cli.out)
return cli.stream("POST", "/images/"+name+"/push?"+v.Encode(), nil, cli.out, map[string][]string{
"X-Registry-Auth": registryAuthHeader,
})
}
if err := push(authConfig); err != nil {
@ -896,9 +900,13 @@ func (cli *DockerCli) CmdPull(args ...string) error {
if err != nil {
return err
}
v.Set("authConfig", base64.URLEncoding.EncodeToString(buf))
registryAuthHeader := []string{
string(buf),
}
return cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.out)
return cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.out, map[string][]string{
"X-Registry-Auth": registryAuthHeader,
})
}
if err := pull(authConfig); err != nil {
@ -1143,7 +1151,7 @@ func (cli *DockerCli) CmdEvents(args ...string) error {
v.Set("since", *since)
}
if err := cli.stream("GET", "/events?"+v.Encode(), nil, cli.out); err != nil {
if err := cli.stream("GET", "/events?"+v.Encode(), nil, cli.out, nil); err != nil {
return err
}
return nil
@ -1160,7 +1168,7 @@ func (cli *DockerCli) CmdExport(args ...string) error {
return nil
}
if err := cli.stream("GET", "/containers/"+cmd.Arg(0)+"/export", nil, cli.out); err != nil {
if err := cli.stream("GET", "/containers/"+cmd.Arg(0)+"/export", nil, cli.out, nil); err != nil {
return err
}
return nil
@ -1451,7 +1459,7 @@ func (cli *DockerCli) CmdRun(args ...string) error {
}
v.Set("authConfig", base64.URLEncoding.EncodeToString(buf))
err = cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.err)
err = cli.stream("POST", "/images/create?"+v.Encode(), nil, cli.err, nil)
if err != nil {
return err
}
@ -1628,7 +1636,7 @@ func (cli *DockerCli) call(method, path string, data interface{}) ([]byte, int,
return body, resp.StatusCode, nil
}
func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) error {
func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer, headers map[string][]string) error {
if (method == "POST" || method == "PUT") && in == nil {
in = bytes.NewReader([]byte{})
}
@ -1641,6 +1649,13 @@ func (cli *DockerCli) stream(method, path string, in io.Reader, out io.Writer) e
if method == "POST" {
req.Header.Set("Content-Type", "plain/text")
}
if headers != nil {
for k, v := range headers {
req.Header[k] = v
}
}
dial, err := net.Dial(cli.proto, cli.addr)
if err != nil {
if strings.Contains(err.Error(), "connection refused") {