diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-03-16 11:26:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-16 11:26:32 +0100 |
| commit | d9f84692c13406f7e4e22d4bb16db4e8a7d086ab (patch) | |
| tree | da6d920ab48dd4ca5a8da8302d13ec33b6cb5ecc /pkg/api/handlers | |
| parent | 72ddf2fb96332ea70cb7fa126410ab6b6ed44941 (diff) | |
| parent | 955aaccc55218cd0022a1180df4c15bb27674a8f (diff) | |
| download | podman-d9f84692c13406f7e4e22d4bb16db4e8a7d086ab.tar.gz podman-d9f84692c13406f7e4e22d4bb16db4e8a7d086ab.tar.bz2 podman-d9f84692c13406f7e4e22d4bb16db4e8a7d086ab.zip | |
Merge pull request #9589 from troyready/add_compat_auth_endpoint
add /auth for docker compatibility
Diffstat (limited to 'pkg/api/handlers')
| -rw-r--r-- | pkg/api/handlers/compat/auth.go | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/pkg/api/handlers/compat/auth.go b/pkg/api/handlers/compat/auth.go new file mode 100644 index 000000000..2c152fbc2 --- /dev/null +++ b/pkg/api/handlers/compat/auth.go @@ -0,0 +1,59 @@ +package compat + +import ( + "context" + "encoding/json" + "fmt" + "net/http" + "strings" + + DockerClient "github.com/containers/image/v5/docker" + "github.com/containers/image/v5/types" + "github.com/containers/podman/v3/pkg/api/handlers/utils" + "github.com/containers/podman/v3/pkg/domain/entities" + "github.com/containers/podman/v3/pkg/registries" + docker "github.com/docker/docker/api/types" + "github.com/pkg/errors" +) + +func stripAddressOfScheme(address string) string { + for _, s := range []string{"https", "http"} { + address = strings.TrimPrefix(address, s+"://") + } + return address +} + +func Auth(w http.ResponseWriter, r *http.Request) { + var authConfig docker.AuthConfig + err := json.NewDecoder(r.Body).Decode(&authConfig) + if err != nil { + utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse request")) + return + } + + skipTLS := types.NewOptionalBool(false) + if strings.HasPrefix(authConfig.ServerAddress, "https://localhost/") || strings.HasPrefix(authConfig.ServerAddress, "https://localhost:") || strings.HasPrefix(authConfig.ServerAddress, "localhost:") { + // support for local testing + skipTLS = types.NewOptionalBool(true) + } + + fmt.Println("Authenticating with existing credentials...") + sysCtx := types.SystemContext{ + AuthFilePath: "", + DockerCertPath: "", + DockerInsecureSkipTLSVerify: skipTLS, + SystemRegistriesConfPath: registries.SystemRegistriesConfPath(), + } + registry := stripAddressOfScheme(authConfig.ServerAddress) + if err := DockerClient.CheckAuth(context.Background(), &sysCtx, authConfig.Username, authConfig.Password, registry); err == nil { + utils.WriteResponse(w, http.StatusOK, entities.AuthReport{ + IdentityToken: "", + Status: "Login Succeeded", + }) + } else { + utils.WriteResponse(w, http.StatusBadRequest, entities.AuthReport{ + IdentityToken: "", + Status: "login attempt to " + authConfig.ServerAddress + " failed with status: " + err.Error(), + }) + } +} |