diff options
-rw-r--r-- | pkg/auth/auth.go | 16 | ||||
-rw-r--r-- | pkg/auth/auth_test.go | 10 |
2 files changed, 10 insertions, 16 deletions
diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go index b3fd71184..3ecdd99fe 100644 --- a/pkg/auth/auth.go +++ b/pkg/auth/auth.go @@ -113,15 +113,17 @@ func getConfigCredentials(r *http.Request) (*types.DockerAuthConfig, string, err // stored in a temporary auth file (2nd return value). Note that the auth file // should be removed after usage. func getAuthCredentials(r *http.Request) (*types.DockerAuthConfig, string, error) { + authHeader := r.Header.Get(XRegistryAuthHeader.String()) + // First look for a multi-auth header (i.e., a map). - authConfigs, err := parseMultiAuthHeader(r) + authConfigs, err := parseMultiAuthHeader(authHeader) if err == nil { authfile, err := authConfigsToAuthFile(authConfigs) return nil, authfile, err } // Fallback to looking for a single-auth header (i.e., one config). - authConfig, err := parseSingleAuthHeader(r) + authConfig, err := parseSingleAuthHeader(authHeader) if err != nil { return nil, "", err } @@ -313,10 +315,9 @@ func imageAuthToDockerAuth(authConfig types.DockerAuthConfig) dockerAPITypes.Aut } } -// parseSingleAuthHeader extracts a DockerAuthConfig from the request's header. +// parseSingleAuthHeader extracts a DockerAuthConfig from an XRegistryAuthHeader value. // The header content is a single DockerAuthConfig. -func parseSingleAuthHeader(r *http.Request) (types.DockerAuthConfig, error) { - authHeader := r.Header.Get(string(XRegistryAuthHeader)) +func parseSingleAuthHeader(authHeader string) (types.DockerAuthConfig, error) { // Accept "null" and handle it as empty value for compatibility reason with Docker. // Some java docker clients pass this value, e.g. this one used in Eclipse. if len(authHeader) == 0 || authHeader == "null" { @@ -331,10 +332,9 @@ func parseSingleAuthHeader(r *http.Request) (types.DockerAuthConfig, error) { return dockerAuthToImageAuth(authConfig), nil } -// parseMultiAuthHeader extracts a DockerAuthConfig from the request's header. +// parseMultiAuthHeader extracts a DockerAuthConfig from an XRegistryAuthHeader value. // The header content is a map[string]DockerAuthConfigs. -func parseMultiAuthHeader(r *http.Request) (map[string]types.DockerAuthConfig, error) { - authHeader := r.Header.Get(string(XRegistryAuthHeader)) +func parseMultiAuthHeader(authHeader string) (map[string]types.DockerAuthConfig, error) { // Accept "null" and handle it as empty value for compatibility reason with Docker. // Some java docker clients pass this value, e.g. this one used in Eclipse. if len(authHeader) == 0 || authHeader == "null" { diff --git a/pkg/auth/auth_test.go b/pkg/auth/auth_test.go index 0e6bd42ef..6acf1f8fb 100644 --- a/pkg/auth/auth_test.go +++ b/pkg/auth/auth_test.go @@ -320,10 +320,7 @@ func TestParseSingleAuthHeader(t *testing.T) { expected: types.DockerAuthConfig{Username: "u1", Password: "p1"}, }, } { - req, err := http.NewRequest(http.MethodPost, "/", nil) - require.NoError(t, err, tc.input) - req.Header.Set(XRegistryAuthHeader.String(), tc.input) - res, err := parseSingleAuthHeader(req) + res, err := parseSingleAuthHeader(tc.input) if tc.shouldErr { assert.Error(t, err, tc.input) } else { @@ -356,10 +353,7 @@ func TestParseMultiAuthHeader(t *testing.T) { }, }, } { - req, err := http.NewRequest(http.MethodPost, "/", nil) - require.NoError(t, err, tc.input) - req.Header.Set(XRegistryAuthHeader.String(), tc.input) - res, err := parseMultiAuthHeader(req) + res, err := parseMultiAuthHeader(tc.input) if tc.shouldErr { assert.Error(t, err, tc.input) } else { |