auth

package
v1.7.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 2, 2023 License: Apache-2.0 Imports: 12 Imported by: 16

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNoToken is returned if a request is successful but the body does not
	// contain an authorization token.
	ErrNoToken = errors.New("authorization server did not include a token in the response")
)

Functions

This section is empty.

Types

type AuthenticationScheme

type AuthenticationScheme byte

AuthenticationScheme defines scheme of the authentication method

const (
	// BasicAuth is scheme for Basic HTTP Authentication RFC 7617
	BasicAuth AuthenticationScheme = 1 << iota
	// DigestAuth is scheme for HTTP Digest Access Authentication RFC 7616
	DigestAuth
	// BearerAuth is scheme for OAuth 2.0 Bearer Tokens RFC 6750
	BearerAuth
)

type Challenge

type Challenge struct {
	// scheme is the auth-scheme according to RFC 2617
	Scheme AuthenticationScheme

	// parameters are the auth-params according to RFC 2617
	Parameters map[string]string
}

Challenge carries information from a WWW-Authenticate response header. See RFC 2617.

func ParseAuthHeader

func ParseAuthHeader(header http.Header) []Challenge

ParseAuthHeader parses challenges from WWW-Authenticate header

type FetchTokenResponse

type FetchTokenResponse struct {
	Token        string    `json:"token"`
	AccessToken  string    `json:"access_token"`
	ExpiresIn    int       `json:"expires_in"`
	IssuedAt     time.Time `json:"issued_at"`
	RefreshToken string    `json:"refresh_token"`
}

FetchTokenResponse is response from fetching token with GET request

func FetchToken

func FetchToken(ctx context.Context, client *http.Client, headers http.Header, to TokenOptions) (*FetchTokenResponse, error)

FetchToken fetches a token using a GET request

type OAuthTokenResponse

type OAuthTokenResponse struct {
	AccessToken  string    `json:"access_token"`
	RefreshToken string    `json:"refresh_token"`
	ExpiresIn    int       `json:"expires_in"`
	IssuedAt     time.Time `json:"issued_at"`
	Scope        string    `json:"scope"`
}

OAuthTokenResponse is response from fetching token with a OAuth POST request

func FetchTokenWithOAuth

func FetchTokenWithOAuth(ctx context.Context, client *http.Client, headers http.Header, clientID string, to TokenOptions) (*OAuthTokenResponse, error)

FetchTokenWithOAuth fetches a token using a POST request

type TokenOptions

type TokenOptions struct {
	Realm    string
	Service  string
	Scopes   []string
	Username string
	Secret   string

	// FetchRefreshToken enables fetching a refresh token (aka "identity token", "offline token") along with the bearer token.
	//
	// For HTTP GET mode (FetchToken), FetchRefreshToken sets `offline_token=true` in the request.
	// https://docs.docker.com/registry/spec/auth/token/#requesting-a-token
	//
	// For HTTP POST mode (FetchTokenWithOAuth), FetchRefreshToken sets `access_type=offline` in the request.
	// https://docs.docker.com/registry/spec/auth/oauth/#getting-a-token
	FetchRefreshToken bool
}

TokenOptions are options for requesting a token

func GenerateTokenOptions

func GenerateTokenOptions(ctx context.Context, host, username, secret string, c Challenge) (TokenOptions, error)

GenerateTokenOptions generates options for fetching a token based on a challenge

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL