auth

package

v2.3.0+incompatible Latest Latest Go to latest Published: Feb 4, 2016 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ChristianKniep/distribution

Documentation ¶

Index ¶

func NewAuthorizer(manager ChallengeManager, handlers ...AuthenticationHandler) transport.RequestModifier
type APIVersion
- func APIVersions(resp *http.Response, versionHeader string) []APIVersion
- func ParseAPIVersion(versionStr string) APIVersion
- func (v APIVersion) String() string
type AuthenticationHandler
- func NewBasicHandler(creds CredentialStore) AuthenticationHandler
- func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, ...) AuthenticationHandler
type Challenge
- func ResponseChallenges(resp *http.Response) []Challenge
type ChallengeManager
- func NewSimpleChallengeManager() ChallengeManager
type CredentialStore

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewAuthorizer ¶

func NewAuthorizer(manager ChallengeManager, handlers ...AuthenticationHandler) transport.RequestModifier

NewAuthorizer creates an authorizer which can handle multiple authentication schemes. The handlers are tried in order, the higher priority authentication methods should be first. The challengeMap holds a list of challenges for a given root API endpoint (for example "https://registry-1.docker.io/v2/").

Types ¶

type APIVersion ¶

type APIVersion struct {
	// Type refers to the name of a specific API specification
	// such as "registry"
	Type string

	// Version is the version of the API specification implemented,
	// This may omit the revision number and only include
	// the major and minor version, such as "2.0"
	Version string
}

APIVersion represents a version of an API including its type and version number.

func APIVersions ¶

func APIVersions(resp *http.Response, versionHeader string) []APIVersion

APIVersions gets the API versions out of an HTTP response using the provided version header as the key for the HTTP header.

func ParseAPIVersion ¶

func ParseAPIVersion(versionStr string) APIVersion

ParseAPIVersion parses an API version string into an APIVersion Format (Expected, not enforced): API version string = <API type> '/' <API version> API type = [a-z][a-z0-9]* API version = [0-9]+(\.[0-9]+)? TODO(dmcgowan): Enforce format, add error condition, remove unknown type

func (APIVersion) String ¶

func (v APIVersion) String() string

String returns the string formatted API Version

type AuthenticationHandler ¶

type AuthenticationHandler interface {
	// Scheme returns the scheme as expected from the "WWW-Authenicate" header.
	Scheme() string

	// AuthorizeRequest adds the authorization header to a request (if needed)
	// using the parameters from "WWW-Authenticate" method. The parameters
	// values depend on the scheme.
	AuthorizeRequest(req *http.Request, params map[string]string) error
}

AuthenticationHandler is an interface for authorizing a request from params from a "WWW-Authenicate" header for a single scheme.

func NewBasicHandler ¶

func NewBasicHandler(creds CredentialStore) AuthenticationHandler

NewBasicHandler creaters a new authentiation handler which adds basic authentication credentials to a request.

func NewTokenHandler ¶

func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, actions ...string) AuthenticationHandler

NewTokenHandler creates a new AuthenicationHandler which supports fetching tokens from a remote token server.

type Challenge ¶

type Challenge struct {
	// Scheme is the auth-scheme according to RFC 2617
	Scheme string

	// Parameters are the auth-params according to RFC 2617
	Parameters map[string]string
}

Challenge carries information from a WWW-Authenticate response header. See RFC 2617.

func ResponseChallenges ¶

func ResponseChallenges(resp *http.Response) []Challenge

ResponseChallenges returns a list of authorization challenges for the given http Response. Challenges are only checked if the response status code was a 401.

type ChallengeManager ¶

type ChallengeManager interface {
	// GetChallenges returns the challenges for the given
	// endpoint URL.
	GetChallenges(endpoint string) ([]Challenge, error)

	// AddResponse adds the response to the challenge
	// manager. The challenges will be parsed out of
	// the WWW-Authenicate headers and added to the
	// URL which was produced the response. If the
	// response was authorized, any challenges for the
	// endpoint will be cleared.
	AddResponse(resp *http.Response) error
}

ChallengeManager manages the challenges for endpoints. The challenges are pulled out of HTTP responses. Only responses which expect challenges should be added to the manager, since a non-unauthorized request will be viewed as not requiring challenges.

func NewSimpleChallengeManager ¶

func NewSimpleChallengeManager() ChallengeManager

NewSimpleChallengeManager returns an instance of ChallengeManger which only maps endpoints to challenges based on the responses which have been added the manager. The simple manager will make no attempt to perform requests on the endpoints or cache the responses to a backend.

type CredentialStore ¶

type CredentialStore interface {
	// Basic returns basic auth for the given URL
	Basic(*url.URL) (string, string)
}

CredentialStore is an interface for getting credentials for a given URL

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL