auth

package
v0.71.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 26, 2016 License: Apache-2.0, Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAuthorizer

func NewAuthorizer(manager ChallengeManager, handlers ...AuthenticationHandler) transport.RequestModifier

NewAuthorizer creates an authorizer which can handle multiple authentication schemes. The handlers are tried in order, the higher priority authentication methods should be first. The challengeMap holds a list of challenges for a given root API endpoint (for example "https://registry-1.docker.io/v2/").

Types

type APIVersion

type APIVersion struct {
	// Type refers to the name of a specific API specification
	// such as "registry"
	Type string

	// Version is the version of the API specification implemented,
	// This may omit the revision number and only include
	// the major and minor version, such as "2.0"
	Version string
}

APIVersion represents a version of an API including its type and version number.

func APIVersions

func APIVersions(resp *http.Response, versionHeader string) []APIVersion

APIVersions gets the API versions out of an HTTP response using the provided version header as the key for the HTTP header.

func ParseAPIVersion

func ParseAPIVersion(versionStr string) APIVersion

ParseAPIVersion parses an API version string into an APIVersion Format (Expected, not enforced): API version string = <API type> '/' <API version> API type = [a-z][a-z0-9]* API version = [0-9]+(\.[0-9]+)? TODO(dmcgowan): Enforce format, add error condition, remove unknown type

func (APIVersion) String

func (v APIVersion) String() string

String returns the string formatted API Version

type AuthenticationHandler

type AuthenticationHandler interface {
	// Scheme returns the scheme as expected from the "WWW-Authenicate" header.
	Scheme() string

	// AuthorizeRequest adds the authorization header to a request (if needed)
	// using the parameters from "WWW-Authenticate" method. The parameters
	// values depend on the scheme.
	AuthorizeRequest(req *http.Request, params map[string]string) error
}

AuthenticationHandler is an interface for authorizing a request from params from a "WWW-Authenicate" header for a single scheme.

func NewBasicHandler

func NewBasicHandler(creds CredentialStore) AuthenticationHandler

NewBasicHandler creaters a new authentiation handler which adds basic authentication credentials to a request.

func NewTokenHandler

func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, actions ...string) AuthenticationHandler

NewTokenHandler creates a new AuthenicationHandler which supports fetching tokens from a remote token server.

type Challenge

type Challenge struct {
	// Scheme is the auth-scheme according to RFC 2617
	Scheme string

	// Parameters are the auth-params according to RFC 2617
	Parameters map[string]string
}

Challenge carries information from a WWW-Authenticate response header. See RFC 2617.

func ResponseChallenges

func ResponseChallenges(resp *http.Response) []Challenge

ResponseChallenges returns a list of authorization challenges for the given http Response. Challenges are only checked if the response status code was a 401.

type ChallengeManager

type ChallengeManager interface {
	// GetChallenges returns the challenges for the given
	// endpoint URL.
	GetChallenges(endpoint string) ([]Challenge, error)

	// AddResponse adds the response to the challenge
	// manager. The challenges will be parsed out of
	// the WWW-Authenicate headers and added to the
	// URL which was produced the response. If the
	// response was authorized, any challenges for the
	// endpoint will be cleared.
	AddResponse(resp *http.Response) error
}

ChallengeManager manages the challenges for endpoints. The challenges are pulled out of HTTP responses. Only responses which expect challenges should be added to the manager, since a non-unauthorized request will be viewed as not requiring challenges.

func NewSimpleChallengeManager

func NewSimpleChallengeManager() ChallengeManager

NewSimpleChallengeManager returns an instance of ChallengeManger which only maps endpoints to challenges based on the responses which have been added the manager. The simple manager will make no attempt to perform requests on the endpoints or cache the responses to a backend.

type CredentialStore

type CredentialStore interface {
	// Basic returns basic auth for the given URL
	Basic(*url.URL) (string, string)
}

CredentialStore is an interface for getting credentials for a given URL

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL