mirror of
https://github.com/containers/podman.git
synced 2025-06-21 01:19:15 +08:00
fix use with localhost (testing)
Signed-off-by: troyready <troy@troyready.com>
This commit is contained in:
@ -16,6 +16,13 @@ import (
|
|||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func stripAddressOfScheme(address string) string {
|
||||||
|
for _, s := range []string{"https", "http"} {
|
||||||
|
address = strings.TrimPrefix(address, s+"://")
|
||||||
|
}
|
||||||
|
return address
|
||||||
|
}
|
||||||
|
|
||||||
func Auth(w http.ResponseWriter, r *http.Request) {
|
func Auth(w http.ResponseWriter, r *http.Request) {
|
||||||
var authConfig docker.AuthConfig
|
var authConfig docker.AuthConfig
|
||||||
err := json.NewDecoder(r.Body).Decode(&authConfig)
|
err := json.NewDecoder(r.Body).Decode(&authConfig)
|
||||||
@ -25,7 +32,7 @@ func Auth(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
skipTLS := types.NewOptionalBool(false)
|
skipTLS := types.NewOptionalBool(false)
|
||||||
if strings.HasPrefix(authConfig.ServerAddress, "http://localhost/") || strings.HasPrefix(authConfig.ServerAddress, "http://localhost:") {
|
if strings.HasPrefix(authConfig.ServerAddress, "https://localhost/") || strings.HasPrefix(authConfig.ServerAddress, "https://localhost:") || strings.HasPrefix(authConfig.ServerAddress, "localhost:") {
|
||||||
// support for local testing
|
// support for local testing
|
||||||
skipTLS = types.NewOptionalBool(true)
|
skipTLS = types.NewOptionalBool(true)
|
||||||
}
|
}
|
||||||
@ -37,7 +44,8 @@ func Auth(w http.ResponseWriter, r *http.Request) {
|
|||||||
DockerInsecureSkipTLSVerify: skipTLS,
|
DockerInsecureSkipTLSVerify: skipTLS,
|
||||||
SystemRegistriesConfPath: registries.SystemRegistriesConfPath(),
|
SystemRegistriesConfPath: registries.SystemRegistriesConfPath(),
|
||||||
}
|
}
|
||||||
if err := DockerClient.CheckAuth(context.Background(), &sysCtx, authConfig.Username, authConfig.Password, authConfig.ServerAddress); err == nil {
|
registry := stripAddressOfScheme(authConfig.ServerAddress)
|
||||||
|
if err := DockerClient.CheckAuth(context.Background(), &sysCtx, authConfig.Username, authConfig.Password, registry); err == nil {
|
||||||
utils.WriteResponse(w, http.StatusOK, entities.AuthReport{
|
utils.WriteResponse(w, http.StatusOK, entities.AuthReport{
|
||||||
IdentityToken: "",
|
IdentityToken: "",
|
||||||
Status: "Login Succeeded",
|
Status: "Login Succeeded",
|
||||||
|
@ -5,25 +5,19 @@
|
|||||||
|
|
||||||
start_registry
|
start_registry
|
||||||
|
|
||||||
# FIXME FIXME FIXME: remove the 'if false' for use with PR 9589
|
|
||||||
if false; then
|
|
||||||
|
|
||||||
# FIXME FIXME: please forgive the horrible POST params format; I have an
|
|
||||||
# upcoming PR which should fix that.
|
|
||||||
|
|
||||||
# Test with wrong password. Confirm bad status and appropriate error message
|
# Test with wrong password. Confirm bad status and appropriate error message
|
||||||
t POST /v1.40/auth "\"username\":\"${REGISTRY_USERNAME}\",\"password\":\"WrOnGPassWord\",\"serveraddress\":\"localhost:$REGISTRY_PORT/\"" \
|
t POST /v1.40/auth username=$REGISTRY_USERNAME password=WrOnGPassWord serveraddress=localhost:$REGISTRY_PORT/ \
|
||||||
400 \
|
400 \
|
||||||
.Status~'.* invalid username/password'
|
.Status~'.* invalid username/password'
|
||||||
|
|
||||||
# Test with the right password. Confirm status message and reasonable token
|
# Test with the right password. Confirm status message
|
||||||
t POST /v1.40/auth "\"username\":\"${REGISTRY_USERNAME}\",\"password\":\"${REGISTRY_PASSWORD}\",\"serveraddress\":\"localhost:$REGISTRY_PORT/\"" \
|
t POST /v1.40/auth username=$REGISTRY_USERNAME password=$REGISTRY_PASSWORD serveraddress=localhost:$REGISTRY_PORT/ \
|
||||||
200 \
|
200 \
|
||||||
.Status="Login Succeeded" \
|
.Status="Login Succeeded" \
|
||||||
.IdentityToken~[a-zA-Z0-9]
|
.IdentityToken=""
|
||||||
|
|
||||||
# FIXME: now what? Try something-something using that token?
|
# Same test with url scheme provided
|
||||||
token=$(jq -r .IdentityToken <<<"$output")
|
t POST /v1.40/auth username=$REGISTRY_USERNAME password=$REGISTRY_PASSWORD serveraddress=https://localhost:$REGISTRY_PORT/ \
|
||||||
# ...
|
200 \
|
||||||
|
.Status="Login Succeeded" \
|
||||||
fi # FIXME FIXME FIXME: remove when working
|
.IdentityToken=""
|
||||||
|
@ -555,18 +555,6 @@ class TestApi(unittest.TestCase):
|
|||||||
self.assertIn(name, payload["VolumesDeleted"])
|
self.assertIn(name, payload["VolumesDeleted"])
|
||||||
self.assertGreater(payload["SpaceReclaimed"], 0)
|
self.assertGreater(payload["SpaceReclaimed"], 0)
|
||||||
|
|
||||||
# TBD: how to test auth endpoint (which in turn requires a docker registry to connect to)
|
|
||||||
# def test_auth_compat(self):
|
|
||||||
# r = requests.post(
|
|
||||||
# PODMAN_URL + "/v1.40/auth",
|
|
||||||
# json={
|
|
||||||
# "username": "bozo",
|
|
||||||
# "password": "wedontneednopasswords",
|
|
||||||
# "serveraddress": "https://localhost/v1.40/",
|
|
||||||
# },
|
|
||||||
# )
|
|
||||||
# self.assertEqual(r.status_code, 404, r.content)
|
|
||||||
|
|
||||||
def test_version(self):
|
def test_version(self):
|
||||||
r = requests.get(PODMAN_URL + "/v1.40/version")
|
r = requests.get(PODMAN_URL + "/v1.40/version")
|
||||||
self.assertEqual(r.status_code, 200, r.content)
|
self.assertEqual(r.status_code, 200, r.content)
|
||||||
|
Reference in New Issue
Block a user