...

Package auth

import "github.com/docker/distribution/registry/client/auth"
Overview
Index
Subdirectories

Overview ▾

Variables

var (
    // ErrNoBasicAuthCredentials is returned if a request can't be authorized with
    // basic auth due to lack of credentials.
    ErrNoBasicAuthCredentials = errors.New("no basic auth credentials")

    // ErrNoToken is returned if a request is successful but the body does not
    // contain an authorization token.
    ErrNoToken = errors.New("authorization server did not include a token in the response")
)

func NewAuthorizer 

func NewAuthorizer(manager challenge.Manager, handlers ...AuthenticationHandler) transport.RequestModifier

NewAuthorizer creates an authorizer which can handle multiple authentication schemes. The handlers are tried in order, the higher priority authentication methods should be first. The challengeMap holds a list of challenges for a given root API endpoint (for example "https://registry-1.docker.io/v2/").

type APIVersion

APIVersion represents a version of an API including its type and version number. 

type APIVersion struct {
    // Type refers to the name of a specific API specification
    // such as "registry"
    Type string

    // Version is the version of the API specification implemented,
    // This may omit the revision number and only include
    // the major and minor version, such as "2.0"
    Version string
}

func APIVersions 

func APIVersions(resp *http.Response, versionHeader string) []APIVersion

APIVersions gets the API versions out of an HTTP response using the provided version header as the key for the HTTP header.

func ParseAPIVersion 

func ParseAPIVersion(versionStr string) APIVersion

ParseAPIVersion parses an API version string into an APIVersion Format (Expected, not enforced): API version string = <API type> '/' <API version> API type = [a-z][a-z0-9]* API version = [0-9]+(\.[0-9]+)? TODO(dmcgowan): Enforce format, add error condition, remove unknown type

func (APIVersion) String 

func (v APIVersion) String() string

String returns the string formatted API Version

type AuthenticationHandler

AuthenticationHandler is an interface for authorizing a request from params from a "WWW-Authenicate" header for a single scheme. 

type AuthenticationHandler interface {
    // Scheme returns the scheme as expected from the "WWW-Authenicate" header.
    Scheme() string

    // AuthorizeRequest adds the authorization header to a request (if needed)
    // using the parameters from "WWW-Authenticate" method. The parameters
    // values depend on the scheme.
    AuthorizeRequest(req *http.Request, params map[string]string) error
}

func NewBasicHandler 

func NewBasicHandler(creds CredentialStore) AuthenticationHandler

NewBasicHandler creaters a new authentiation handler which adds basic authentication credentials to a request.

func NewTokenHandler 

func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, actions ...string) AuthenticationHandler

NewTokenHandler creates a new AuthenicationHandler which supports fetching tokens from a remote token server.

func NewTokenHandlerWithOptions 

func NewTokenHandlerWithOptions(options TokenHandlerOptions) AuthenticationHandler

NewTokenHandlerWithOptions creates a new token handler using the provided options structure.

type CredentialStore

CredentialStore is an interface for getting credentials for a given URL 

type CredentialStore interface {
    // Basic returns basic auth for the given URL
    Basic(*url.URL) (string, string)

    // RefreshToken returns a refresh token for the
    // given URL and service
    RefreshToken(*url.URL, string) string

    // SetRefreshToken sets the refresh token if none
    // is provided for the given url and service
    SetRefreshToken(realm *url.URL, service, token string)
}

type Logger

Logger defines the injectable logging interface, used on TokenHandlers. 

type Logger interface {
    Debugf(format string, args ...interface{})
}

type RegistryScope

RegistryScope represents a token scope for access to resources in the registry. 

type RegistryScope struct {
    Name    string
    Actions []string
}

func (RegistryScope) String 

func (rs RegistryScope) String() string

String returns the string representation of the user using the scope grammar

type RepositoryScope

RepositoryScope represents a token scope for access to a repository. 

type RepositoryScope struct {
    Repository string
    Class      string
    Actions    []string
}

func (RepositoryScope) String 

func (rs RepositoryScope) String() string

String returns the string representation of the repository using the scope grammar

type Scope

Scope is a type which is serializable to a string using the allow scope grammar. 

type Scope interface {
    String() string
}

type TokenHandlerOptions

TokenHandlerOptions is used to configure a new token handler 

type TokenHandlerOptions struct {
    Transport   http.RoundTripper
    Credentials CredentialStore

    OfflineAccess bool
    ForceOAuth    bool
    ClientID      string
    Scopes        []Scope
    Logger        Logger
}

Subdirectories

Name Synopsis
..
challenge