Skip to content

Commit 1dccddf

Browse files
author
Stephan Lukas
committed
fix: Fixed auth handling
1 parent 6eb4b36 commit 1dccddf

File tree

1 file changed

+20
-19
lines changed

1 file changed

+20
-19
lines changed

src/docker/docker.go

Lines changed: 20 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -19,22 +19,23 @@ type ImageIdentifiers struct {
1919
Tag string
2020
}
2121

22-
// This function parses the Www-Authenticate header provided in the challenge
23-
// It has the following format
24-
// Bearer realm="https://gitlab.com/jwt/auth",service="container_registry",scope="repository:andrew18/container-test:pull"
25-
func parseBearer(bearer []string) map[string]string {
22+
func parseBearer(bearer string) map[string]string {
2623
out := make(map[string]string)
27-
for _, b := range bearer {
28-
for _, s := range strings.Split(b, " ") {
29-
if s == "Bearer" {
24+
25+
for _, s := range strings.Split(bearer, " ") {
26+
if s == "Bearer" {
27+
continue
28+
}
29+
for _, params := range strings.Split(s, ",") {
30+
fields := strings.Split(params, "=")
31+
if len(fields) < 2 || fields[0] == "" {
3032
continue
3133
}
32-
for _, params := range strings.Split(s, ",") {
33-
fields := strings.Split(params, "=")
34-
key := fields[0]
35-
val := strings.Replace(fields[1], "\"", "", -1)
36-
out[key] = val
37-
}
34+
35+
key := fields[0]
36+
val := strings.Replace(fields[1], "\"", "", -1)
37+
38+
out[key] = val
3839
}
3940
}
4041
return out
@@ -121,20 +122,20 @@ func (d *DockerClient) GetAuthToken() (string, error) {
121122
}
122123

123124
// This has the various things we'll need to parse and use in the request
124-
wwwAuthenticate, ok := resp.Header["Www-Authenticate"]
125-
if !ok || len(wwwAuthenticate) == 0 {
125+
wwwAuthenticate := resp.Header.Get("Www-Authenticate")
126+
if wwwAuthenticate == "" {
126127
// No authentication required
127128

128129
return "", nil
129130
}
130131

131-
if strings.HasPrefix(strings.ToUpper(wwwAuthenticate[0]), "BASIC") {
132+
if strings.HasPrefix(strings.ToUpper(wwwAuthenticate), "BASIC") {
132133
credentials := fmt.Sprintf("%s:%s", *flagDockerUsername, *flagDockerPassword)
133134
credentialsBase64 := base64.StdEncoding.EncodeToString([]byte(credentials))
134135

135136
return fmt.Sprintf("Basic %s", credentialsBase64), nil
136-
} else if strings.HasPrefix(strings.ToUpper(wwwAuthenticate[0]), "BEARER") {
137-
params := parseBearer(resp.Header["Www-Authenticate"])
137+
} else if strings.HasPrefix(strings.ToUpper(wwwAuthenticate), "BEARER") {
138+
params := parseBearer(wwwAuthenticate)
138139

139140
// Get the token
140141
urlRealmStr := fmt.Sprintf("%s?", params["realm"])
@@ -184,6 +185,6 @@ func (d *DockerClient) GetAuthToken() (string, error) {
184185

185186
return fmt.Sprintf("Bearer %s", token), nil
186187
} else {
187-
return "", fmt.Errorf("unsupported auth method %s", wwwAuthenticate[0])
188+
return "", fmt.Errorf("unsupported auth method %s", wwwAuthenticate)
188189
}
189190
}

0 commit comments

Comments
 (0)