auth

package
v2.8.2+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 11, 2023 License: Apache-2.0 Imports: 11 Imported by: 1,115

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNoBasicAuthCredentials is returned if a request can't be authorized with
	// basic auth due to lack of credentials.
	ErrNoBasicAuthCredentials = errors.New("no basic auth credentials")

	// ErrNoToken is returned if a request is successful but the body does not
	// contain an authorization token.
	ErrNoToken = errors.New("authorization server did not include a token in the response")
)

Functions

func NewAuthorizer

func NewAuthorizer(manager challenge.Manager, handlers ...AuthenticationHandler) transport.RequestModifier

NewAuthorizer creates an authorizer which can handle multiple authentication schemes. The handlers are tried in order, the higher priority authentication methods should be first. The challengeMap holds a list of challenges for a given root API endpoint (for example "https://registry-1.docker.io/v2/").

Types

type APIVersion

type APIVersion struct {
	// Type refers to the name of a specific API specification
	// such as "registry"
	Type string

	// Version is the version of the API specification implemented,
	// This may omit the revision number and only include
	// the major and minor version, such as "2.0"
	Version string
}

APIVersion represents a version of an API including its type and version number.

func APIVersions

func APIVersions(resp *http.Response, versionHeader string) []APIVersion

APIVersions gets the API versions out of an HTTP response using the provided version header as the key for the HTTP header.

func ParseAPIVersion

func ParseAPIVersion(versionStr string) APIVersion

ParseAPIVersion parses an API version string into an APIVersion Format (Expected, not enforced): API version string = <API type> '/' <API version> API type = [a-z][a-z0-9]* API version = [0-9]+(\.[0-9]+)? TODO(dmcgowan): Enforce format, add error condition, remove unknown type

func (APIVersion) String

func (v APIVersion) String() string

String returns the string formatted API Version

type AuthenticationHandler

type AuthenticationHandler interface {
	// Scheme returns the scheme as expected from the "WWW-Authenicate" header.
	Scheme() string

	// AuthorizeRequest adds the authorization header to a request (if needed)
	// using the parameters from "WWW-Authenticate" method. The parameters
	// values depend on the scheme.
	AuthorizeRequest(req *http.Request, params map[string]string) error
}

AuthenticationHandler is an interface for authorizing a request from params from a "WWW-Authenicate" header for a single scheme.

func NewBasicHandler

func NewBasicHandler(creds CredentialStore) AuthenticationHandler

NewBasicHandler creaters a new authentiation handler which adds basic authentication credentials to a request.

func NewTokenHandler

func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, actions ...string) AuthenticationHandler

NewTokenHandler creates a new AuthenicationHandler which supports fetching tokens from a remote token server.

func NewTokenHandlerWithOptions

func NewTokenHandlerWithOptions(options TokenHandlerOptions) AuthenticationHandler

NewTokenHandlerWithOptions creates a new token handler using the provided options structure.

type CredentialStore

type CredentialStore interface {
	// Basic returns basic auth for the given URL
	Basic(*url.URL) (string, string)

	// RefreshToken returns a refresh token for the
	// given URL and service
	RefreshToken(*url.URL, string) string

	// SetRefreshToken sets the refresh token if none
	// is provided for the given url and service
	SetRefreshToken(realm *url.URL, service, token string)
}

CredentialStore is an interface for getting credentials for a given URL

type Logger

type Logger interface {
	Debugf(format string, args ...interface{})
}

Logger defines the injectable logging interface, used on TokenHandlers.

type RegistryScope

type RegistryScope struct {
	Name    string
	Actions []string
}

RegistryScope represents a token scope for access to resources in the registry.

func (RegistryScope) String

func (rs RegistryScope) String() string

String returns the string representation of the user using the scope grammar

type RepositoryScope

type RepositoryScope struct {
	Repository string
	Class      string
	Actions    []string
}

RepositoryScope represents a token scope for access to a repository.

func (RepositoryScope) String

func (rs RepositoryScope) String() string

String returns the string representation of the repository using the scope grammar

type Scope

type Scope interface {
	String() string
}

Scope is a type which is serializable to a string using the allow scope grammar.

type TokenHandlerOptions

type TokenHandlerOptions struct {
	Transport   http.RoundTripper
	Credentials CredentialStore

	OfflineAccess bool
	ForceOAuth    bool
	ClientID      string
	Scopes        []Scope
	Logger        Logger
}

TokenHandlerOptions is used to configure a new token handler

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL