Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewAuthorizer ¶
func NewAuthorizer(manager ChallengeManager, handlers ...AuthenticationHandler) transport.RequestModifier
NewAuthorizer creates an authorizer which can handle multiple authentication schemes. The handlers are tried in order, the higher priority authentication methods should be first. The challengeMap holds a list of challenges for a given root API endpoint (for example "https://registry-1.docker.io/v2/").
Types ¶
type APIVersion ¶
type APIVersion struct { // Type refers to the name of a specific API specification // such as "registry" Type string // Version is the version of the API specification implemented, // This may omit the revision number and only include // the major and minor version, such as "2.0" Version string }
APIVersion represents a version of an API including its type and version number.
func APIVersions ¶
func APIVersions(resp *http.Response, versionHeader string) []APIVersion
APIVersions gets the API versions out of an HTTP response using the provided version header as the key for the HTTP header.
func ParseAPIVersion ¶
func ParseAPIVersion(versionStr string) APIVersion
ParseAPIVersion parses an API version string into an APIVersion Format (Expected, not enforced): API version string = <API type> '/' <API version> API type = [a-z][a-z0-9]* API version = [0-9]+(\.[0-9]+)? TODO(dmcgowan): Enforce format, add error condition, remove unknown type
func (APIVersion) String ¶
func (v APIVersion) String() string
String returns the string formatted API Version
type AuthenticationHandler ¶
type AuthenticationHandler interface { // Scheme returns the scheme as expected from the "WWW-Authenicate" header. Scheme() string // AuthorizeRequest adds the authorization header to a request (if needed) // using the parameters from "WWW-Authenticate" method. The parameters // values depend on the scheme. AuthorizeRequest(req *http.Request, params map[string]string) error }
AuthenticationHandler is an interface for authorizing a request from params from a "WWW-Authenicate" header for a single scheme.
func NewBasicHandler ¶
func NewBasicHandler(creds CredentialStore) AuthenticationHandler
NewBasicHandler creaters a new authentiation handler which adds basic authentication credentials to a request.
func NewTokenHandler ¶
func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, actions ...string) AuthenticationHandler
NewTokenHandler creates a new AuthenicationHandler which supports fetching tokens from a remote token server.
type Challenge ¶
type Challenge struct { // Scheme is the auth-scheme according to RFC 2617 Scheme string // Parameters are the auth-params according to RFC 2617 Parameters map[string]string }
Challenge carries information from a WWW-Authenticate response header. See RFC 2617.
type ChallengeManager ¶
type ChallengeManager interface { // GetChallenges returns the challenges for the given // endpoint URL. GetChallenges(endpoint string) ([]Challenge, error) // AddResponse adds the response to the challenge // manager. The challenges will be parsed out of // the WWW-Authenicate headers and added to the // URL which was produced the response. If the // response was authorized, any challenges for the // endpoint will be cleared. AddResponse(resp *http.Response) error }
ChallengeManager manages the challenges for endpoints. The challenges are pulled out of HTTP responses. Only responses which expect challenges should be added to the manager, since a non-unauthorized request will be viewed as not requiring challenges.
func NewSimpleChallengeManager ¶
func NewSimpleChallengeManager() ChallengeManager
NewSimpleChallengeManager returns an instance of ChallengeManger which only maps endpoints to challenges based on the responses which have been added the manager. The simple manager will make no attempt to perform requests on the endpoints or cache the responses to a backend.