1 package proxy
2
3 import (
4 "net/http"
5 "net/url"
6 "strings"
7
8 "github.com/docker/distribution/context"
9 "github.com/docker/distribution/registry/client/auth"
10 "github.com/docker/distribution/registry/client/auth/challenge"
11 )
12
13 const challengeHeader = "Docker-Distribution-Api-Version"
14
15 type userpass struct {
16 username string
17 password string
18 }
19
20 type credentials struct {
21 creds map[string]userpass
22 }
23
24 func (c credentials) Basic(u *url.URL) (string, string) {
25 up := c.creds[u.String()]
26
27 return up.username, up.password
28 }
29
30 func (c credentials) RefreshToken(u *url.URL, service string) string {
31 return ""
32 }
33
34 func (c credentials) SetRefreshToken(u *url.URL, service, token string) {
35 }
36
37
38 func configureAuth(username, password, remoteURL string) (auth.CredentialStore, error) {
39 creds := map[string]userpass{}
40
41 authURLs, err := getAuthURLs(remoteURL)
42 if err != nil {
43 return nil, err
44 }
45
46 for _, url := range authURLs {
47 context.GetLogger(context.Background()).Infof("Discovered token authentication URL: %s", url)
48 creds[url] = userpass{
49 username: username,
50 password: password,
51 }
52 }
53
54 return credentials{creds: creds}, nil
55 }
56
57 func getAuthURLs(remoteURL string) ([]string, error) {
58 authURLs := []string{}
59
60 resp, err := http.Get(remoteURL + "/v2/")
61 if err != nil {
62 return nil, err
63 }
64 defer resp.Body.Close()
65
66 for _, c := range challenge.ResponseChallenges(resp) {
67 if strings.EqualFold(c.Scheme, "bearer") {
68 authURLs = append(authURLs, c.Parameters["realm"])
69 }
70 }
71
72 return authURLs, nil
73 }
74
75 func ping(manager challenge.Manager, endpoint, versionHeader string) error {
76 resp, err := http.Get(endpoint)
77 if err != nil {
78 return err
79 }
80 defer resp.Body.Close()
81
82 return manager.AddResponse(resp)
83 }
84
View as plain text