summaryrefslogtreecommitdiff
path: root/pkg/auth
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/auth')
-rw-r--r--pkg/auth/auth.go6
-rw-r--r--pkg/auth/auth_test.go37
2 files changed, 40 insertions, 3 deletions
diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
index 73822eecf..60c40a40b 100644
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@@ -115,7 +115,7 @@ func getAuthCredentials(r *http.Request) (*types.DockerAuthConfig, string, error
}
// Fallback to looking for a single-auth header (i.e., one config).
- authConfigs, err = singleAuthHeader(r)
+ authConfigs, err = parseSingleAuthHeader(r)
if err != nil {
return nil, "", err
}
@@ -309,9 +309,9 @@ func imageAuthToDockerAuth(authConfig types.DockerAuthConfig) dockerAPITypes.Aut
}
}
-// singleAuthHeader extracts a DockerAuthConfig from the request's header.
+// parseSingleAuthHeader extracts a DockerAuthConfig from the request's header.
// The header content is a single DockerAuthConfig.
-func singleAuthHeader(r *http.Request) (map[string]types.DockerAuthConfig, error) {
+func parseSingleAuthHeader(r *http.Request) (map[string]types.DockerAuthConfig, error) {
authHeader := r.Header.Get(string(XRegistryAuthHeader))
authConfig := dockerAPITypes.AuthConfig{}
// Accept "null" and handle it as empty value for compatibility reason with Docker.
diff --git a/pkg/auth/auth_test.go b/pkg/auth/auth_test.go
index 97e7fe1ec..a0b97b106 100644
--- a/pkg/auth/auth_test.go
+++ b/pkg/auth/auth_test.go
@@ -68,6 +68,43 @@ func TestAuthConfigsToAuthFile(t *testing.T) {
}
}
+func TestParseSingleAuthHeader(t *testing.T) {
+ for _, tc := range []struct {
+ input string
+ shouldErr bool
+ expected map[string]types.DockerAuthConfig
+ }{
+ {
+ input: "", // An empty (or missing) header
+ expected: map[string]types.DockerAuthConfig{"0": {}},
+ },
+ {
+ input: "null",
+ expected: map[string]types.DockerAuthConfig{"0": {}},
+ },
+ // Invalid JSON
+ {input: "@", shouldErr: true},
+ // Success
+ {
+ input: base64.URLEncoding.EncodeToString([]byte(`{"username":"u1","password":"p1"}`)),
+ expected: map[string]types.DockerAuthConfig{
+ "0": {Username: "u1", Password: "p1"},
+ },
+ },
+ } {
+ req, err := http.NewRequest(http.MethodPost, "/", nil)
+ require.NoError(t, err, tc.input)
+ req.Header.Set(XRegistryAuthHeader.String(), tc.input)
+ res, err := parseSingleAuthHeader(req)
+ if tc.shouldErr {
+ assert.Error(t, err, tc.input)
+ } else {
+ require.NoError(t, err, tc.input)
+ assert.Equal(t, tc.expected, res, tc.input)
+ }
+ }
+}
+
func TestParseMultiAuthHeader(t *testing.T) {
for _, tc := range []struct {
input string