Skip to content

Commit

Permalink
compat: /auth: parse server address correctly
Browse files Browse the repository at this point in the history
Use `auth.Login` as `podman login` does which parses and normalizes the
input addresses correctly, especially for docker.io.

[NO NEW TESTS NEEDED] as we do not have means to test logging into
docker.io in CI.

Fixes: containers#17571
Signed-off-by: Valentin Rothberg <[email protected]>
  • Loading branch information
vrothberg committed Mar 22, 2023
1 parent 0a897f0 commit d6ea398
Showing 1 changed file with 9 additions and 10 deletions.
19 changes: 9 additions & 10 deletions pkg/api/handlers/compat/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,11 @@ import (
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"strings"

"github.com/containers/common/pkg/auth"
DockerClient "github.com/containers/image/v5/docker"
"github.com/containers/image/v5/types"
"github.com/containers/podman/v4/libpod"
Expand All @@ -16,13 +18,6 @@ import (
docker "github.com/docker/docker/api/types"
)

func stripAddressOfScheme(address string) string {
for _, s := range []string{"https", "http"} {
address = strings.TrimPrefix(address, s+"://")
}
return address
}

func Auth(w http.ResponseWriter, r *http.Request) {
var authConfig docker.AuthConfig
err := json.NewDecoder(r.Body).Decode(&authConfig)
Expand All @@ -41,9 +36,13 @@ func Auth(w http.ResponseWriter, r *http.Request) {
sysCtx := runtime.SystemContext()
sysCtx.DockerInsecureSkipTLSVerify = skipTLS

fmt.Println("Authenticating with existing credentials...")
registry := stripAddressOfScheme(authConfig.ServerAddress)
if err := DockerClient.CheckAuth(r.Context(), sysCtx, authConfig.Username, authConfig.Password, registry); err == nil {
loginOpts := &auth.LoginOptions{
Username: authConfig.Username,
Password: authConfig.Password,
Stdout: io.Discard,
NoWriteBack: true, // to prevent credentials to be written on disk
}
if err := auth.Login(r.Context(), sysCtx, loginOpts, []string{authConfig.ServerAddress}); err == nil {
utils.WriteResponse(w, http.StatusOK, entities.AuthReport{
IdentityToken: "",
Status: "Login Succeeded",
Expand Down

0 comments on commit d6ea398

Please sign in to comment.