diff --git a/api/client/client.go b/api/client/client.go index f452ad6187..a3193f89d8 100644 --- a/api/client/client.go +++ b/api/client/client.go @@ -9,7 +9,6 @@ import ( "github.com/docker/docker/api/client/lib" "github.com/docker/docker/api/types" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/pkg/parsers/filters" "github.com/docker/docker/registry" "github.com/docker/docker/runconfig" @@ -67,7 +66,7 @@ type apiClient interface { NetworkInspect(networkID string) (types.NetworkResource, error) NetworkList() ([]types.NetworkResource, error) NetworkRemove(networkID string) error - RegistryLogin(auth cliconfig.AuthConfig) (types.AuthResponse, error) + RegistryLogin(auth types.AuthConfig) (types.AuthResponse, error) ServerVersion() (types.Version, error) VolumeCreate(options types.VolumeCreateRequest) (types.Volume, error) VolumeInspect(volumeID string) (types.Volume, error) diff --git a/api/client/lib/login.go b/api/client/lib/login.go index 56ee18481c..c896d67ef2 100644 --- a/api/client/lib/login.go +++ b/api/client/lib/login.go @@ -6,12 +6,11 @@ import ( "net/url" "github.com/docker/docker/api/types" - "github.com/docker/docker/cliconfig" ) // RegistryLogin authenticates the docker server with a given docker registry. // It returns UnauthorizerError when the authentication fails. -func (cli *Client) RegistryLogin(auth cliconfig.AuthConfig) (types.AuthResponse, error) { +func (cli *Client) RegistryLogin(auth types.AuthConfig) (types.AuthResponse, error) { resp, err := cli.post("/auth", url.Values{}, auth, nil) if resp != nil && resp.statusCode == http.StatusUnauthorized { diff --git a/api/client/login.go b/api/client/login.go index 31022919c9..8cd28a0abe 100644 --- a/api/client/login.go +++ b/api/client/login.go @@ -10,7 +10,6 @@ import ( "github.com/docker/docker/api/client/lib" Cli "github.com/docker/docker/cli" - "github.com/docker/docker/cliconfig" flag "github.com/docker/docker/pkg/mflag" "github.com/docker/docker/pkg/term" "github.com/docker/docker/registry" @@ -63,7 +62,7 @@ func (cli *DockerCli) CmdLogin(args ...string) error { authconfig, ok := cli.configFile.AuthConfigs[serverAddress] if !ok { - authconfig = cliconfig.AuthConfig{} + authconfig = types.AuthConfig{} } if username == "" { diff --git a/api/client/pull.go b/api/client/pull.go index 260737bd99..ac5c132037 100644 --- a/api/client/pull.go +++ b/api/client/pull.go @@ -76,9 +76,9 @@ func (cli *DockerCli) CmdPull(args ...string) error { return cli.imagePullPrivileged(authConfig, distributionRef.String(), "", requestPrivilege) } -func (cli *DockerCli) imagePullPrivileged(authConfig cliconfig.AuthConfig, imageID, tag string, requestPrivilege lib.RequestPrivilegeFunc) error { +func (cli *DockerCli) imagePullPrivileged(authConfig types.AuthConfig, imageID, tag string, requestPrivilege lib.RequestPrivilegeFunc) error { - encodedAuth, err := authConfig.EncodeToBase64() + encodedAuth, err := cliconfig.EncodeAuthToBase64(authConfig) if err != nil { return err } diff --git a/api/client/push.go b/api/client/push.go index 77fb001464..ed096f96bc 100644 --- a/api/client/push.go +++ b/api/client/push.go @@ -65,8 +65,8 @@ func (cli *DockerCli) CmdPush(args ...string) error { return cli.imagePushPrivileged(authConfig, ref.Name(), tag, cli.out, requestPrivilege) } -func (cli *DockerCli) imagePushPrivileged(authConfig cliconfig.AuthConfig, imageID, tag string, outputStream io.Writer, requestPrivilege lib.RequestPrivilegeFunc) error { - encodedAuth, err := authConfig.EncodeToBase64() +func (cli *DockerCli) imagePushPrivileged(authConfig types.AuthConfig, imageID, tag string, outputStream io.Writer, requestPrivilege lib.RequestPrivilegeFunc) error { + encodedAuth, err := cliconfig.EncodeAuthToBase64(authConfig) if err != nil { return err } diff --git a/api/client/search.go b/api/client/search.go index 25937d4554..afe556f7df 100644 --- a/api/client/search.go +++ b/api/client/search.go @@ -9,6 +9,7 @@ import ( "github.com/docker/docker/api/types" Cli "github.com/docker/docker/cli" + "github.com/docker/docker/cliconfig" flag "github.com/docker/docker/pkg/mflag" "github.com/docker/docker/pkg/stringutils" "github.com/docker/docker/registry" @@ -38,7 +39,7 @@ func (cli *DockerCli) CmdSearch(args ...string) error { authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, indexInfo) requestPrivilege := cli.registryAuthenticationPrivilegedFunc(indexInfo, "search") - encodedAuth, err := authConfig.EncodeToBase64() + encodedAuth, err := cliconfig.EncodeAuthToBase64(authConfig) if err != nil { return err } diff --git a/api/client/trust.go b/api/client/trust.go index 9928a945e8..5c5d7213cd 100644 --- a/api/client/trust.go +++ b/api/client/trust.go @@ -97,14 +97,14 @@ func trustServer(index *registry.IndexInfo) (string, error) { } type simpleCredentialStore struct { - auth cliconfig.AuthConfig + auth types.AuthConfig } func (scs simpleCredentialStore) Basic(u *url.URL) (string, string) { return scs.auth.Username, scs.auth.Password } -func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, authConfig cliconfig.AuthConfig) (*client.NotaryRepository, error) { +func (cli *DockerCli) getNotaryRepository(repoInfo *registry.RepositoryInfo, authConfig types.AuthConfig) (*client.NotaryRepository, error) { server, err := trustServer(repoInfo.Index) if err != nil { return nil, err @@ -279,7 +279,7 @@ func notaryError(err error) error { return err } -func (cli *DockerCli) trustedPull(repoInfo *registry.RepositoryInfo, ref registry.Reference, authConfig cliconfig.AuthConfig, requestPrivilege lib.RequestPrivilegeFunc) error { +func (cli *DockerCli) trustedPull(repoInfo *registry.RepositoryInfo, ref registry.Reference, authConfig types.AuthConfig, requestPrivilege lib.RequestPrivilegeFunc) error { var refs []target notaryRepo, err := cli.getNotaryRepository(repoInfo, authConfig) @@ -380,7 +380,7 @@ func targetStream(in io.Writer) (io.WriteCloser, <-chan []target) { return ioutils.NewWriteCloserWrapper(out, w.Close), targetChan } -func (cli *DockerCli) trustedPush(repoInfo *registry.RepositoryInfo, tag string, authConfig cliconfig.AuthConfig, requestPrivilege lib.RequestPrivilegeFunc) error { +func (cli *DockerCli) trustedPush(repoInfo *registry.RepositoryInfo, tag string, authConfig types.AuthConfig, requestPrivilege lib.RequestPrivilegeFunc) error { streamOut, targetChan := targetStream(cli.out) reqError := cli.imagePushPrivileged(authConfig, repoInfo.LocalName.Name(), tag, streamOut, requestPrivilege) diff --git a/api/client/utils.go b/api/client/utils.go index 0b44b15bba..15543f2df3 100644 --- a/api/client/utils.go +++ b/api/client/utils.go @@ -1,6 +1,8 @@ package client import ( + "encoding/base64" + "encoding/json" "fmt" "os" gosignal "os/signal" @@ -15,9 +17,18 @@ import ( "github.com/docker/docker/registry" ) +// encodeAuthToBase64 serializes the auth configuration as JSON base64 payload +func encodeAuthToBase64(authConfig AuthConfig) (string, error) { + buf, err := json.Marshal(authConfig) + if err != nil { + return "", err + } + return base64.URLEncoding.EncodeToString(buf), nil +} + func (cli *DockerCli) encodeRegistryAuth(index *registry.IndexInfo) (string, error) { authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, index) - return authConfig.EncodeToBase64() + return cliconfig.EncodeAuthToBase64(authConfig) } func (cli *DockerCli) registryAuthenticationPrivilegedFunc(index *registry.IndexInfo, cmdName string) lib.RequestPrivilegeFunc { diff --git a/api/server/router/local/image.go b/api/server/router/local/image.go index 3bba34a0d3..db60162c26 100644 --- a/api/server/router/local/image.go +++ b/api/server/router/local/image.go @@ -17,7 +17,6 @@ import ( "github.com/docker/docker/api/types" "github.com/docker/docker/builder" "github.com/docker/docker/builder/dockerfile" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/daemon/daemonbuilder" derr "github.com/docker/docker/errors" "github.com/docker/docker/pkg/archive" @@ -91,13 +90,13 @@ func (s *router) postImagesCreate(ctx context.Context, w http.ResponseWriter, r message = r.Form.Get("message") ) authEncoded := r.Header.Get("X-Registry-Auth") - authConfig := &cliconfig.AuthConfig{} + authConfig := &types.AuthConfig{} if authEncoded != "" { authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded)) if err := json.NewDecoder(authJSON).Decode(authConfig); err != nil { // for a pull it is not an error if no auth was given // to increase compatibility with the existing api it is defaulting to be empty - authConfig = &cliconfig.AuthConfig{} + authConfig = &types.AuthConfig{} } } @@ -195,7 +194,7 @@ func (s *router) postImagesPush(ctx context.Context, w http.ResponseWriter, r *h if err := httputils.ParseForm(r); err != nil { return err } - authConfig := &cliconfig.AuthConfig{} + authConfig := &types.AuthConfig{} authEncoded := r.Header.Get("X-Registry-Auth") if authEncoded != "" { @@ -203,7 +202,7 @@ func (s *router) postImagesPush(ctx context.Context, w http.ResponseWriter, r *h authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded)) if err := json.NewDecoder(authJSON).Decode(authConfig); err != nil { // to increase compatibility to existing api it is defaulting to be empty - authConfig = &cliconfig.AuthConfig{} + authConfig = &types.AuthConfig{} } } else { // the old format is supported for compatibility if there was no authConfig header @@ -303,7 +302,7 @@ func (s *router) getImagesByName(ctx context.Context, w http.ResponseWriter, r * func (s *router) postBuild(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { var ( - authConfigs = map[string]cliconfig.AuthConfig{} + authConfigs = map[string]types.AuthConfig{} authConfigsEncoded = r.Header.Get("X-Registry-Config") buildConfig = &dockerfile.Config{} ) @@ -560,7 +559,7 @@ func (s *router) getImagesSearch(ctx context.Context, w http.ResponseWriter, r * return err } var ( - config *cliconfig.AuthConfig + config *types.AuthConfig authEncoded = r.Header.Get("X-Registry-Auth") headers = map[string][]string{} ) @@ -570,7 +569,7 @@ func (s *router) getImagesSearch(ctx context.Context, w http.ResponseWriter, r * if err := json.NewDecoder(authJSON).Decode(&config); err != nil { // for a search it is not an error if no auth was given // to increase compatibility with the existing api it is defaulting to be empty - config = &cliconfig.AuthConfig{} + config = &types.AuthConfig{} } } for k, v := range r.Header { diff --git a/api/server/router/system/backend.go b/api/server/router/system/backend.go index e04241e69f..a67f351f3e 100644 --- a/api/server/router/system/backend.go +++ b/api/server/router/system/backend.go @@ -2,7 +2,6 @@ package system import ( "github.com/docker/docker/api/types" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/pkg/jsonmessage" "github.com/docker/docker/pkg/parsers/filters" ) @@ -14,5 +13,5 @@ type Backend interface { SystemVersion() types.Version SubscribeToEvents(since, sinceNano int64, ef filters.Args) ([]*jsonmessage.JSONMessage, chan interface{}) UnsubscribeFromEvents(chan interface{}) - AuthenticateToRegistry(authConfig *cliconfig.AuthConfig) (string, error) + AuthenticateToRegistry(authConfig *types.AuthConfig) (string, error) } diff --git a/api/server/router/system/system_routes.go b/api/server/router/system/system_routes.go index e93d0c0d38..0ebe171c9c 100644 --- a/api/server/router/system/system_routes.go +++ b/api/server/router/system/system_routes.go @@ -9,7 +9,6 @@ import ( "github.com/docker/docker/api" "github.com/docker/docker/api/server/httputils" "github.com/docker/docker/api/types" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/jsonmessage" "github.com/docker/docker/pkg/parsers/filters" @@ -116,7 +115,7 @@ func (s *systemRouter) getEvents(ctx context.Context, w http.ResponseWriter, r * } func (s *systemRouter) postAuth(ctx context.Context, w http.ResponseWriter, r *http.Request, vars map[string]string) error { - var config *cliconfig.AuthConfig + var config *types.AuthConfig err := json.NewDecoder(r.Body).Decode(&config) r.Body.Close() if err != nil { diff --git a/api/types/auth.go b/api/types/auth.go new file mode 100644 index 0000000000..6cd4c36a83 --- /dev/null +++ b/api/types/auth.go @@ -0,0 +1,11 @@ +package types + +// AuthConfig contains authorization information for connecting to a Registry +type AuthConfig struct { + Username string `json:"username,omitempty"` + Password string `json:"password,omitempty"` + Auth string `json:"auth"` + Email string `json:"email"` + ServerAddress string `json:"serveraddress,omitempty"` + RegistryToken string `json:"registrytoken,omitempty"` +} diff --git a/api/types/client.go b/api/types/client.go index 6841a9a6ca..aab7332e85 100644 --- a/api/types/client.go +++ b/api/types/client.go @@ -5,7 +5,6 @@ import ( "io" "net" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/pkg/parsers/filters" "github.com/docker/docker/pkg/ulimit" "github.com/docker/docker/runconfig" @@ -135,7 +134,7 @@ type ImageBuildOptions struct { Dockerfile string Ulimits []*ulimit.Ulimit BuildArgs []string - AuthConfigs map[string]cliconfig.AuthConfig + AuthConfigs map[string]types.AuthConfig Context io.Reader } diff --git a/cliconfig/config.go b/cliconfig/config.go index f2dab3395f..c35c3f191b 100644 --- a/cliconfig/config.go +++ b/cliconfig/config.go @@ -10,6 +10,7 @@ import ( "path/filepath" "strings" + "github.com/docker/docker/api/types" "github.com/docker/docker/pkg/homedir" ) @@ -44,19 +45,9 @@ func SetConfigDir(dir string) { configDir = dir } -// AuthConfig contains authorization information for connecting to a Registry -type AuthConfig struct { - Username string `json:"username,omitempty"` - Password string `json:"password,omitempty"` - Auth string `json:"auth"` - Email string `json:"email"` - ServerAddress string `json:"serveraddress,omitempty"` - RegistryToken string `json:"registrytoken,omitempty"` -} - -// EncodeToBase64 serializes the auth configuration as JSON base64 payload -func (a AuthConfig) EncodeToBase64() (string, error) { - buf, err := json.Marshal(a) +// EncodeAuthToBase64 serializes the auth configuration as JSON base64 payload +func EncodeAuthToBase64(authConfig AuthConfig) (string, error) { + buf, err := json.Marshal(authConfig) if err != nil { return "", err } @@ -65,16 +56,16 @@ func (a AuthConfig) EncodeToBase64() (string, error) { // ConfigFile ~/.docker/config.json file info type ConfigFile struct { - AuthConfigs map[string]AuthConfig `json:"auths"` - HTTPHeaders map[string]string `json:"HttpHeaders,omitempty"` - PsFormat string `json:"psFormat,omitempty"` - filename string // Note: not serialized - for internal use only + AuthConfigs map[string]types.AuthConfig `json:"auths"` + HTTPHeaders map[string]string `json:"HttpHeaders,omitempty"` + PsFormat string `json:"psFormat,omitempty"` + filename string // Note: not serialized - for internal use only } // NewConfigFile initializes an empty configuration file for the given filename 'fn' func NewConfigFile(fn string) *ConfigFile { return &ConfigFile{ - AuthConfigs: make(map[string]AuthConfig), + AuthConfigs: make(map[string]types.AuthConfig), HTTPHeaders: make(map[string]string), filename: fn, } @@ -93,7 +84,7 @@ func (configFile *ConfigFile) LegacyLoadFromReader(configData io.Reader) error { if len(arr) < 2 { return fmt.Errorf("The Auth config file is empty") } - authConfig := AuthConfig{} + authConfig := types.AuthConfig{} origAuth := strings.Split(arr[0], " = ") if len(origAuth) != 2 { return fmt.Errorf("Invalid Auth config file") @@ -146,7 +137,7 @@ func (configFile *ConfigFile) LoadFromReader(configData io.Reader) error { // a non-nested reader func LegacyLoadFromReader(configData io.Reader) (*ConfigFile, error) { configFile := ConfigFile{ - AuthConfigs: make(map[string]AuthConfig), + AuthConfigs: make(map[string]types.AuthConfig), } err := configFile.LegacyLoadFromReader(configData) return &configFile, err @@ -156,7 +147,7 @@ func LegacyLoadFromReader(configData io.Reader) (*ConfigFile, error) { // a reader func LoadFromReader(configData io.Reader) (*ConfigFile, error) { configFile := ConfigFile{ - AuthConfigs: make(map[string]AuthConfig), + AuthConfigs: make(map[string]types.AuthConfig), } err := configFile.LoadFromReader(configData) return &configFile, err @@ -171,7 +162,7 @@ func Load(configDir string) (*ConfigFile, error) { } configFile := ConfigFile{ - AuthConfigs: make(map[string]AuthConfig), + AuthConfigs: make(map[string]types.AuthConfig), filename: filepath.Join(configDir, ConfigFileName), } @@ -215,7 +206,7 @@ func Load(configDir string) (*ConfigFile, error) { // the given writer func (configFile *ConfigFile) SaveToWriter(writer io.Writer) error { // Encode sensitive data into a new/temp struct - tmpAuthConfigs := make(map[string]AuthConfig, len(configFile.AuthConfigs)) + tmpAuthConfigs := make(map[string]types.AuthConfig, len(configFile.AuthConfigs)) for k, authConfig := range configFile.AuthConfigs { authCopy := authConfig // encode and save the authstring, while blanking out the original fields @@ -261,7 +252,7 @@ func (configFile *ConfigFile) Filename() string { } // EncodeAuth creates a base64 encoded string to containing authorization information -func EncodeAuth(authConfig *AuthConfig) string { +func EncodeAuth(authConfig *types.AuthConfig) string { authStr := authConfig.Username + ":" + authConfig.Password msg := []byte(authStr) encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg))) diff --git a/daemon/daemon.go b/daemon/daemon.go index eec193401c..c9acf69ffd 100644 --- a/daemon/daemon.go +++ b/daemon/daemon.go @@ -22,7 +22,6 @@ import ( "github.com/docker/distribution/reference" "github.com/docker/docker/api" "github.com/docker/docker/api/types" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/container" "github.com/docker/docker/daemon/events" "github.com/docker/docker/daemon/exec" @@ -1069,7 +1068,7 @@ func writeDistributionProgress(cancelFunc func(), outStream io.Writer, progressC // PullImage initiates a pull operation. image is the repository name to pull, and // tag may be either empty, or indicate a specific tag to pull. -func (daemon *Daemon) PullImage(ref reference.Named, metaHeaders map[string][]string, authConfig *cliconfig.AuthConfig, outStream io.Writer) error { +func (daemon *Daemon) PullImage(ref reference.Named, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error { // Include a buffer so that slow client connections don't affect // transfer performance. progressChan := make(chan progress.Progress, 100) @@ -1112,7 +1111,7 @@ func (daemon *Daemon) ExportImage(names []string, outStream io.Writer) error { } // PushImage initiates a push operation on the repository named localName. -func (daemon *Daemon) PushImage(ref reference.Named, metaHeaders map[string][]string, authConfig *cliconfig.AuthConfig, outStream io.Writer) error { +func (daemon *Daemon) PushImage(ref reference.Named, metaHeaders map[string][]string, authConfig *types.AuthConfig, outStream io.Writer) error { // Include a buffer so that slow client connections don't affect // transfer performance. progressChan := make(chan progress.Progress, 100) @@ -1501,14 +1500,14 @@ func configureVolumes(config *Config, rootUID, rootGID int) (*store.VolumeStore, } // AuthenticateToRegistry checks the validity of credentials in authConfig -func (daemon *Daemon) AuthenticateToRegistry(authConfig *cliconfig.AuthConfig) (string, error) { +func (daemon *Daemon) AuthenticateToRegistry(authConfig *types.AuthConfig) (string, error) { return daemon.RegistryService.Auth(authConfig) } // SearchRegistryForImages queries the registry for images matching // term. authConfig is used to login. func (daemon *Daemon) SearchRegistryForImages(term string, - authConfig *cliconfig.AuthConfig, + authConfig *types.AuthConfig, headers map[string][]string) (*registry.SearchResults, error) { return daemon.RegistryService.Search(term, authConfig, headers) } diff --git a/daemon/daemonbuilder/builder.go b/daemon/daemonbuilder/builder.go index 1c8d665d92..116eee9886 100644 --- a/daemon/daemonbuilder/builder.go +++ b/daemon/daemonbuilder/builder.go @@ -30,7 +30,7 @@ import ( type Docker struct { Daemon *daemon.Daemon OutOld io.Writer - AuthConfigs map[string]cliconfig.AuthConfig + AuthConfigs map[string]types.AuthConfig Archiver *archive.Archiver } @@ -58,7 +58,7 @@ func (d Docker) Pull(name string) (*image.Image, error) { } } - pullRegistryAuth := &cliconfig.AuthConfig{} + pullRegistryAuth := &types.AuthConfig{} if len(d.AuthConfigs) > 0 { // The request came with a full auth config file, we prefer to use that repoInfo, err := d.Daemon.RegistryService.ResolveRepository(ref) diff --git a/distribution/pull.go b/distribution/pull.go index dec47e2112..265aeb5b91 100644 --- a/distribution/pull.go +++ b/distribution/pull.go @@ -7,7 +7,6 @@ import ( "github.com/Sirupsen/logrus" "github.com/docker/distribution/reference" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/daemon/events" "github.com/docker/docker/distribution/metadata" "github.com/docker/docker/distribution/xfer" @@ -25,7 +24,7 @@ type ImagePullConfig struct { MetaHeaders map[string][]string // AuthConfig holds authentication credentials for authenticating with // the registry. - AuthConfig *cliconfig.AuthConfig + AuthConfig *types.AuthConfig // ProgressOutput is the interface for showing the status of the pull // operation. ProgressOutput progress.Output diff --git a/distribution/push.go b/distribution/push.go index ba8e4190d1..871e52f608 100644 --- a/distribution/push.go +++ b/distribution/push.go @@ -9,7 +9,6 @@ import ( "github.com/Sirupsen/logrus" "github.com/docker/distribution/digest" "github.com/docker/distribution/reference" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/daemon/events" "github.com/docker/docker/distribution/metadata" "github.com/docker/docker/distribution/xfer" @@ -29,7 +28,7 @@ type ImagePushConfig struct { MetaHeaders map[string][]string // AuthConfig holds authentication credentials for authenticating with // the registry. - AuthConfig *cliconfig.AuthConfig + AuthConfig *types.AuthConfig // ProgressOutput is the interface for showing the status of the push // operation. ProgressOutput progress.Output diff --git a/distribution/registry.go b/distribution/registry.go index bb5b58a3af..4f5a9cf942 100644 --- a/distribution/registry.go +++ b/distribution/registry.go @@ -17,14 +17,13 @@ import ( "github.com/docker/distribution/registry/client" "github.com/docker/distribution/registry/client/auth" "github.com/docker/distribution/registry/client/transport" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/distribution/xfer" "github.com/docker/docker/registry" "golang.org/x/net/context" ) type dumbCredentialStore struct { - auth *cliconfig.AuthConfig + auth *types.AuthConfig } func (dcs dumbCredentialStore) Basic(*url.URL) (string, string) { @@ -34,7 +33,7 @@ func (dcs dumbCredentialStore) Basic(*url.URL) (string, string) { // NewV2Repository returns a repository (v2 only). It creates a HTTP transport // providing timeout settings and authentication support, and also verifies the // remote API version. -func NewV2Repository(repoInfo *registry.RepositoryInfo, endpoint registry.APIEndpoint, metaHeaders http.Header, authConfig *cliconfig.AuthConfig, actions ...string) (distribution.Repository, error) { +func NewV2Repository(repoInfo *registry.RepositoryInfo, endpoint registry.APIEndpoint, metaHeaders http.Header, authConfig *types.AuthConfig, actions ...string) (distribution.Repository, error) { ctx := context.Background() repoName := repoInfo.CanonicalName diff --git a/distribution/registry_unit_test.go b/distribution/registry_unit_test.go index 77d810e25b..bd86fbd667 100644 --- a/distribution/registry_unit_test.go +++ b/distribution/registry_unit_test.go @@ -10,14 +10,13 @@ import ( "github.com/Sirupsen/logrus" "github.com/docker/distribution/reference" "github.com/docker/distribution/registry/client/auth" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/registry" "github.com/docker/docker/utils" "golang.org/x/net/context" ) func TestTokenPassThru(t *testing.T) { - authConfig := &cliconfig.AuthConfig{ + authConfig := &types.AuthConfig{ RegistryToken: "mysecrettoken", } gotToken := false diff --git a/registry/auth.go b/registry/auth.go index 6307768beb..9964b9536f 100644 --- a/registry/auth.go +++ b/registry/auth.go @@ -12,7 +12,7 @@ import ( ) // Login tries to register/login to the registry server. -func Login(authConfig *cliconfig.AuthConfig, registryEndpoint *Endpoint) (string, error) { +func Login(authConfig *types.AuthConfig, registryEndpoint *Endpoint) (string, error) { // Separates the v2 registry login logic from the v1 logic. if registryEndpoint.Version == APIVersion2 { return loginV2(authConfig, registryEndpoint, "" /* scope */) @@ -21,7 +21,7 @@ func Login(authConfig *cliconfig.AuthConfig, registryEndpoint *Endpoint) (string } // loginV1 tries to register/login to the v1 registry server. -func loginV1(authConfig *cliconfig.AuthConfig, registryEndpoint *Endpoint) (string, error) { +func loginV1(authConfig *types.AuthConfig, registryEndpoint *Endpoint) (string, error) { var ( status string respBody []byte @@ -136,7 +136,7 @@ func loginV1(authConfig *cliconfig.AuthConfig, registryEndpoint *Endpoint) (stri // now, users should create their account through other means like directly from a web page // served by the v2 registry service provider. Whether this will be supported in the future // is to be determined. -func loginV2(authConfig *cliconfig.AuthConfig, registryEndpoint *Endpoint, scope string) (string, error) { +func loginV2(authConfig *types.AuthConfig, registryEndpoint *Endpoint, scope string) (string, error) { logrus.Debugf("attempting v2 login to registry endpoint %s", registryEndpoint) var ( err error @@ -173,7 +173,7 @@ func loginV2(authConfig *cliconfig.AuthConfig, registryEndpoint *Endpoint, scope return "", fmt.Errorf("no successful auth challenge for %s - errors: %s", registryEndpoint, allErrors) } -func tryV2BasicAuthLogin(authConfig *cliconfig.AuthConfig, params map[string]string, registryEndpoint *Endpoint) error { +func tryV2BasicAuthLogin(authConfig *types.AuthConfig, params map[string]string, registryEndpoint *Endpoint) error { req, err := http.NewRequest("GET", registryEndpoint.Path(""), nil) if err != nil { return err @@ -194,7 +194,7 @@ func tryV2BasicAuthLogin(authConfig *cliconfig.AuthConfig, params map[string]str return nil } -func tryV2TokenAuthLogin(authConfig *cliconfig.AuthConfig, params map[string]string, registryEndpoint *Endpoint) error { +func tryV2TokenAuthLogin(authConfig *types.AuthConfig, params map[string]string, registryEndpoint *Endpoint) error { token, err := getToken(authConfig.Username, authConfig.Password, params, registryEndpoint) if err != nil { return err @@ -221,7 +221,7 @@ func tryV2TokenAuthLogin(authConfig *cliconfig.AuthConfig, params map[string]str } // ResolveAuthConfig matches an auth configuration to a server address or a URL -func ResolveAuthConfig(authConfigs map[string]cliconfig.AuthConfig, index *IndexInfo) cliconfig.AuthConfig { +func ResolveAuthConfig(authConfigs map[string]types.AuthConfig, index *IndexInfo) types.AuthConfig { configKey := index.GetAuthConfigKey() // First try the happy case if c, found := authConfigs[configKey]; found || index.Official { @@ -250,5 +250,5 @@ func ResolveAuthConfig(authConfigs map[string]cliconfig.AuthConfig, index *Index } // When all else fails, return an empty auth config - return cliconfig.AuthConfig{} + return types.AuthConfig{} } diff --git a/registry/auth_test.go b/registry/auth_test.go index a4085bb9bc..fe59658ea7 100644 --- a/registry/auth_test.go +++ b/registry/auth_test.go @@ -7,9 +7,9 @@ import ( ) func TestEncodeAuth(t *testing.T) { - newAuthConfig := &cliconfig.AuthConfig{Username: "ken", Password: "test", Email: "test@example.com"} + newAuthConfig := &types.AuthConfig{Username: "ken", Password: "test", Email: "test@example.com"} authStr := cliconfig.EncodeAuth(newAuthConfig) - decAuthConfig := &cliconfig.AuthConfig{} + decAuthConfig := &types.AuthConfig{} var err error decAuthConfig.Username, decAuthConfig.Password, err = cliconfig.DecodeAuth(authStr) if err != nil { @@ -30,7 +30,7 @@ func buildAuthConfigs() map[string]cliconfig.AuthConfig { authConfigs := map[string]cliconfig.AuthConfig{} for _, registry := range []string{"testIndex", IndexServer} { - authConfigs[registry] = cliconfig.AuthConfig{ + authConfigs[registry] = types.AuthConfig{ Username: "docker-user", Password: "docker-pass", Email: "docker@docker.io", @@ -78,24 +78,24 @@ func TestResolveAuthConfigIndexServer(t *testing.T) { func TestResolveAuthConfigFullURL(t *testing.T) { authConfigs := buildAuthConfigs() - registryAuth := cliconfig.AuthConfig{ + registryAuth := types.AuthConfig{ Username: "foo-user", Password: "foo-pass", Email: "foo@example.com", } - localAuth := cliconfig.AuthConfig{ + localAuth := types.AuthConfig{ Username: "bar-user", Password: "bar-pass", Email: "bar@example.com", } - officialAuth := cliconfig.AuthConfig{ + officialAuth := types.AuthConfig{ Username: "baz-user", Password: "baz-pass", Email: "baz@example.com", } authConfigs[IndexServer] = officialAuth - expectedAuths := map[string]cliconfig.AuthConfig{ + expectedAuths := map[string]types.AuthConfig{ "registry.example.com": registryAuth, "localhost:8000": localAuth, "registry.com": localAuth, diff --git a/registry/registry_test.go b/registry/registry_test.go index 2bc1edff73..95f575930d 100644 --- a/registry/registry_test.go +++ b/registry/registry_test.go @@ -10,7 +10,6 @@ import ( "github.com/docker/distribution/reference" "github.com/docker/distribution/registry/client/transport" - "github.com/docker/docker/cliconfig" ) var ( @@ -23,7 +22,7 @@ const ( ) func spawnTestRegistrySession(t *testing.T) *Session { - authConfig := &cliconfig.AuthConfig{} + authConfig := &types.AuthConfig{} endpoint, err := NewEndpoint(makeIndex("/v1/"), nil, APIVersionUnknown) if err != nil { t.Fatal(err) diff --git a/registry/service.go b/registry/service.go index 1ef9682785..e5f79af16a 100644 --- a/registry/service.go +++ b/registry/service.go @@ -8,7 +8,6 @@ import ( "github.com/docker/distribution/reference" "github.com/docker/distribution/registry/client/auth" - "github.com/docker/docker/cliconfig" ) // Service is a registry service. It tracks configuration data such as a list @@ -28,7 +27,7 @@ func NewService(options *Options) *Service { // Auth contacts the public registry with the provided credentials, // and returns OK if authentication was successful. // It can be used to verify the validity of a client's credentials. -func (s *Service) Auth(authConfig *cliconfig.AuthConfig) (string, error) { +func (s *Service) Auth(authConfig *types.AuthConfig) (string, error) { addr := authConfig.ServerAddress if addr == "" { // Use the official registry address if not specified. @@ -72,7 +71,7 @@ func splitReposSearchTerm(reposName string) (string, string) { // Search queries the public registry for images matching the specified // search terms, and returns the results. -func (s *Service) Search(term string, authConfig *cliconfig.AuthConfig, headers map[string][]string) (*SearchResults, error) { +func (s *Service) Search(term string, authConfig *types.AuthConfig, headers map[string][]string) (*SearchResults, error) { if err := validateNoSchema(term); err != nil { return nil, err } diff --git a/registry/session.go b/registry/session.go index cecf936b26..774b1f5b07 100644 --- a/registry/session.go +++ b/registry/session.go @@ -20,7 +20,6 @@ import ( "github.com/Sirupsen/logrus" "github.com/docker/distribution/reference" - "github.com/docker/docker/cliconfig" "github.com/docker/docker/pkg/httputils" "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/stringid" @@ -39,13 +38,13 @@ type Session struct { indexEndpoint *Endpoint client *http.Client // TODO(tiborvass): remove authConfig - authConfig *cliconfig.AuthConfig + authConfig *types.AuthConfig id string } type authTransport struct { http.RoundTripper - *cliconfig.AuthConfig + *types.AuthConfig alwaysSetBasicAuth bool token []string @@ -67,7 +66,7 @@ type authTransport struct { // If the server sends a token without the client having requested it, it is ignored. // // This RoundTripper also has a CancelRequest method important for correct timeout handling. -func AuthTransport(base http.RoundTripper, authConfig *cliconfig.AuthConfig, alwaysSetBasicAuth bool) http.RoundTripper { +func AuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) http.RoundTripper { if base == nil { base = http.DefaultTransport } @@ -162,7 +161,7 @@ func (tr *authTransport) CancelRequest(req *http.Request) { // NewSession creates a new session // TODO(tiborvass): remove authConfig param once registry client v2 is vendored -func NewSession(client *http.Client, authConfig *cliconfig.AuthConfig, endpoint *Endpoint) (r *Session, err error) { +func NewSession(client *http.Client, authConfig *types.AuthConfig, endpoint *Endpoint) (r *Session, err error) { r = &Session{ authConfig: authConfig, client: client, @@ -743,12 +742,12 @@ func (r *Session) SearchRepositories(term string) (*SearchResults, error) { // GetAuthConfig returns the authentication settings for a session // TODO(tiborvass): remove this once registry client v2 is vendored -func (r *Session) GetAuthConfig(withPasswd bool) *cliconfig.AuthConfig { +func (r *Session) GetAuthConfig(withPasswd bool) *types.AuthConfig { password := "" if withPasswd { password = r.authConfig.Password } - return &cliconfig.AuthConfig{ + return &types.AuthConfig{ Username: r.authConfig.Username, Password: password, Email: r.authConfig.Email,