Documentation ¶
Overview ¶
Package auth is used for HTTP authentication
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrEmptyChallenge indicates an issue with the received challenge in the WWW-Authenticate header // // Deprecated: replace with [errs.ErrEmptyChallenge]. ErrEmptyChallenge = errs.ErrEmptyChallenge // ErrInvalidChallenge indicates an issue with the received challenge in the WWW-Authenticate header // // Deprecated: replace with [errs.ErrInvalidChallenge]. ErrInvalidChallenge = errs.ErrInvalidChallenge // ErrNoNewChallenge indicates a challenge update did not result in any change // // Deprecated: replace with [errs.ErrNoNewChallenge]. ErrNoNewChallenge = errs.ErrNoNewChallenge // ErrNotFound indicates no credentials found for basic auth // // Deprecated: replace with [errs.ErrNotFound]. ErrNotFound = errs.ErrNotFound // ErrNotImplemented returned when method has not been implemented yet // // Deprecated: replace with [errs.ErrNotImplemented]. ErrNotImplemented = errs.ErrNotImplemented // ErrParseFailure indicates the WWW-Authenticate header could not be parsed // // Deprecated: replace with [errs.ErrParseFailure]. ErrParseFailure = errs.ErrParsingFailed // // Deprecated: replace with [errs.ErrUnauthorized]. ErrUnauthorized = errs.ErrHTTPUnauthorized // ErrUnsupported indicates the request was unsupported // // Deprecated: replace with [errs.ErrUnsupported]. ErrUnsupported = errs.ErrUnsupported )
Functions ¶
This section is empty.
Types ¶
type Auth ¶
type Auth interface { AddScope(host, scope string) error HandleResponse(*http.Response) error UpdateRequest(*http.Request) error }
Auth manages authorization requests/responses for http requests
type BasicHandler ¶
type BasicHandler struct {
// contains filtered or unexported fields
}
BasicHandler supports Basic auth type requests
func (*BasicHandler) AddScope ¶
func (b *BasicHandler) AddScope(scope string) error
AddScope is not valid for BasicHandler
func (*BasicHandler) GenerateAuth ¶
func (b *BasicHandler) GenerateAuth() (string, error)
GenerateAuth for BasicHandler generates base64 encoded user/pass for a host
func (*BasicHandler) ProcessChallenge ¶
func (b *BasicHandler) ProcessChallenge(c Challenge) error
ProcessChallenge for BasicHandler is a noop
type BearerHandler ¶
type BearerHandler struct {
// contains filtered or unexported fields
}
BearerHandler supports Bearer auth type requests
func (*BearerHandler) AddScope ¶
func (b *BearerHandler) AddScope(scope string) error
AddScope appends a new scope if it doesn't already exist
func (*BearerHandler) GenerateAuth ¶
func (b *BearerHandler) GenerateAuth() (string, error)
GenerateAuth for BasicHandler generates base64 encoded user/pass for a host
func (*BearerHandler) ProcessChallenge ¶
func (b *BearerHandler) ProcessChallenge(c Challenge) error
ProcessChallenge handles WWW-Authenticate header for bearer tokens Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:samalba/my-app:pull,push"
type BearerToken ¶
type BearerToken struct { Token string `json:"token"` AccessToken string `json:"access_token"` ExpiresIn int `json:"expires_in"` IssuedAt time.Time `json:"issued_at"` RefreshToken string `json:"refresh_token"` Scope string `json:"scope"` }
BearerToken is the json response to the Bearer request
type Challenge ¶
type Challenge struct {
// contains filtered or unexported fields
}
Challenge is the extracted contents of the WWW-Authenticate header
func ParseAuthHeader ¶
ParseAuthHeader parses a single header line for WWW-Authenticate Example values: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:samalba/my-app:pull,push" Basic realm="GitHub Package Registry"
func ParseAuthHeaders ¶
ParseAuthHeaders extracts the scheme and realm from WWW-Authenticate headers
type Cred ¶
type Cred struct {
User, Password, Token string
}
Cred is returned by the CredsFn
func DefaultCredsFn ¶
DefaultCredsFn is used to return no credentials when auth is not configured with a CredsFn This avoids the need to check for nil pointers
type CredsFn ¶
CredsFn is passed to lookup credentials for a given hostname, response is a username and password or empty strings
type Handler ¶
type Handler interface { AddScope(scope string) error ProcessChallenge(Challenge) error GenerateAuth() (string, error) }
Handler handles a challenge for a host to return an auth header
func NewBasicHandler ¶
func NewBasicHandler(client *http.Client, clientID, host string, credsFn CredsFn, log *logrus.Logger) Handler
NewBasicHandler creates a new BasicHandler
type HandlerBuild ¶
type HandlerBuild func(client *http.Client, clientID, host string, credFn CredsFn, log *logrus.Logger) Handler
HandlerBuild is used to make a new handler for a specific authType and URL
type JWTHubHandler ¶
type JWTHubHandler struct {
// contains filtered or unexported fields
}
JWTHubHandler supports JWT auth type requests
func (*JWTHubHandler) AddScope ¶
func (j *JWTHubHandler) AddScope(scope string) error
AddScope is not valid for JWTHubHandler
func (*JWTHubHandler) GenerateAuth ¶
func (j *JWTHubHandler) GenerateAuth() (string, error)
GenerateAuth for JWTHubHandler adds JWT header
func (*JWTHubHandler) ProcessChallenge ¶
func (j *JWTHubHandler) ProcessChallenge(c Challenge) error
ProcessChallenge handles WWW-Authenticate header for JWT auth on Docker Hub
type Opts ¶
type Opts func(*auth)
Opts configures options for NewAuth
func WithClientID ¶
WithClientID uses a client ID with request headers
func WithDefaultHandlers ¶
func WithDefaultHandlers() Opts
WithDefaultHandlers includes a Basic and Bearer handler, this is automatically added with "WithHandler" is not called
func WithHTTPClient ¶
WithHTTPClient uses a specific http client with requests
func WithHandler ¶
func WithHandler(authType string, hb HandlerBuild) Opts
WithHandler includes a handler for a specific auth type