From 9251b6c8cfaa5db738212c467c79f8c3aceb5b7d Mon Sep 17 00:00:00 2001
From: troyready <troy@troyready.com>
Date: Tue, 2 Mar 2021 18:12:29 -0800
Subject: add /auth for docker compatibility

This endpoint just validates credentials:
https://github.com/moby/moby/blob/v20.10.4/api/swagger.yaml#L7936-L7977

Fixes: #9564
Signed-off-by: troyready <troy@troyready.com>
---
 pkg/api/handlers/compat/auth.go | 51 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 pkg/api/handlers/compat/auth.go

(limited to 'pkg/api/handlers')

diff --git a/pkg/api/handlers/compat/auth.go b/pkg/api/handlers/compat/auth.go
new file mode 100644
index 000000000..e914301f4
--- /dev/null
+++ b/pkg/api/handlers/compat/auth.go
@@ -0,0 +1,51 @@
+package compat
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+
+	DockerClient "github.com/containers/image/v5/docker"
+	"github.com/containers/image/v5/types"
+	"github.com/containers/podman/v3/pkg/api/handlers/utils"
+	"github.com/containers/podman/v3/pkg/domain/entities"
+	"github.com/containers/podman/v3/pkg/registries"
+	docker "github.com/docker/docker/api/types"
+	"github.com/pkg/errors"
+)
+
+func Auth(w http.ResponseWriter, r *http.Request) {
+	var authConfig docker.AuthConfig
+	err := json.NewDecoder(r.Body).Decode(&authConfig)
+	if err != nil {
+		utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse request"))
+		return
+	}
+
+	skipTLS := types.NewOptionalBool(false)
+	if strings.HasPrefix(authConfig.ServerAddress, "http://localhost/") || strings.HasPrefix(authConfig.ServerAddress, "http://localhost:") {
+		// support for local testing
+		skipTLS = types.NewOptionalBool(true)
+	}
+
+	fmt.Println("Authenticating with existing credentials...")
+	sysCtx := types.SystemContext{
+		AuthFilePath:                "",
+		DockerCertPath:              "",
+		DockerInsecureSkipTLSVerify: skipTLS,
+		SystemRegistriesConfPath:    registries.SystemRegistriesConfPath(),
+	}
+	if err := DockerClient.CheckAuth(context.Background(), &sysCtx, authConfig.Username, authConfig.Password, authConfig.ServerAddress); err == nil {
+		utils.WriteResponse(w, http.StatusOK, entities.AuthReport{
+			IdentityToken: "",
+			Status:        "Login Succeeded",
+		})
+	} else {
+		utils.WriteResponse(w, http.StatusBadRequest, entities.AuthReport{
+			IdentityToken: "",
+			Status:        "login attempt to " + authConfig.ServerAddress + " failed with status: " + err.Error(),
+		})
+	}
+}
-- 
cgit v1.2.3-54-g00ecf