2018-07-26 17:13:58 -04:00
|
|
|
package registry
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
2018-11-14 10:01:36 -05:00
|
|
|
"strings"
|
2018-07-26 17:13:58 -04:00
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/docker/docker/api/types"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestErrBasicAuth(t *testing.T) {
|
|
|
|
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if r.URL.Path == "/" {
|
|
|
|
w.Header().Set("www-authenticate", `Basic realm="Registry Realm",service="Docker registry"`)
|
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
} else {
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
}
|
|
|
|
}))
|
|
|
|
defer ts.Close()
|
|
|
|
|
|
|
|
authConfig := types.AuthConfig{
|
|
|
|
Username: "j3ss",
|
|
|
|
Password: "ss3j",
|
|
|
|
ServerAddress: ts.URL,
|
|
|
|
}
|
2018-11-14 10:18:18 -05:00
|
|
|
r, err := New(authConfig, Opt{Insecure: true, Debug: true})
|
2018-07-26 17:13:58 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("expected no error creating client, got %v", err)
|
|
|
|
}
|
|
|
|
token, err := r.Token(ts.URL)
|
|
|
|
if err != ErrBasicAuth {
|
|
|
|
t.Fatalf("expected ErrBasicAuth getting token, got %v", err)
|
|
|
|
}
|
|
|
|
if token != "" {
|
|
|
|
t.Fatalf("expected empty token, got %v", err)
|
|
|
|
}
|
|
|
|
}
|
2018-11-14 10:01:36 -05:00
|
|
|
|
|
|
|
var authURI string
|
|
|
|
|
|
|
|
func oauthFlow(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if strings.HasPrefix(r.URL.Path, "/oauth2/accesstoken") {
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
w.Write([]byte(`{"access_token":"abcdef1234"}`))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if strings.HasPrefix(r.URL.Path, "/oauth2/token") {
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
w.Write([]byte(`{"token":"abcdef1234"}`))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
auth := r.Header.Get("authorization")
|
|
|
|
if !strings.HasPrefix(auth, "Bearer") {
|
|
|
|
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
|
|
|
if authURI != "" {
|
|
|
|
w.Header().Set("www-authenticate", `Bearer realm="`+authURI+`/oauth2/token",service="my.endpoint.here"`)
|
|
|
|
}
|
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
w.Write([]byte(`{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}`))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestBothTokenAndAccessTokenWork(t *testing.T) {
|
|
|
|
ts := httptest.NewServer(http.HandlerFunc(oauthFlow))
|
|
|
|
defer ts.Close()
|
|
|
|
|
|
|
|
for _, which := range []string{"token", "accesstoken"} {
|
|
|
|
authURI = ts.URL + "/oauth2/" + which + "?service=my.endpoint.here"
|
|
|
|
authConfig := types.AuthConfig{
|
|
|
|
Username: "abc",
|
|
|
|
Password: "123",
|
|
|
|
ServerAddress: ts.URL,
|
|
|
|
}
|
|
|
|
authConfig.Email = "me@email.com"
|
2018-11-14 10:18:18 -05:00
|
|
|
r, err := New(authConfig, Opt{Insecure: true, Debug: true})
|
2018-11-14 10:01:36 -05:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("expected no error creating client, got %v", err)
|
|
|
|
}
|
|
|
|
token, err := r.Token(ts.URL)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err getting token from url: %v err: %v", ts.URL, err)
|
|
|
|
}
|
|
|
|
if token == "" {
|
|
|
|
t.Fatalf("error got empty token")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|