private string GetServiceScopeRequestParameters(string scope) { return("service=" + service + "&scope=repository:" + registryEndpointRequestProperties.GetImageName() + ":" + scope); }
// TODO: Replace with a WWW-Authenticate header parser. /** * Instantiates from parsing a {@code WWW-Authenticate} header. * * @param authenticationMethod the {@code WWW-Authenticate} header value * @param registryEndpointRequestProperties the registry request properties * @param userAgent the {@code User-Agent} header value to use in later authentication calls * @return a new {@link RegistryAuthenticator} for authenticating with the registry service * @throws RegistryAuthenticationFailedException if authentication fails * @see <a * href="https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate">https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate</a> */ public static RegistryAuthenticator FromAuthenticationMethod( AuthenticationHeaderValue authenticationMethod, RegistryEndpointRequestProperties registryEndpointRequestProperties, IEnumerable <ProductInfoHeaderValue> userAgent) { authenticationMethod = authenticationMethod ?? throw new ArgumentNullException(nameof(authenticationMethod)); registryEndpointRequestProperties = registryEndpointRequestProperties ?? throw new ArgumentNullException(nameof(registryEndpointRequestProperties)); // If the authentication method starts with 'basic ' (case insensitive), no registry // authentication is needed. if (string.Equals(authenticationMethod.Scheme, "basic", StringComparison.OrdinalIgnoreCase)) { return(null); } // Checks that the authentication method starts with 'bearer ' (case insensitive). if (!string.Equals(authenticationMethod.Scheme, "bearer", StringComparison.OrdinalIgnoreCase)) { throw NewRegistryAuthenticationFailedException( registryEndpointRequestProperties.GetRegistry(), registryEndpointRequestProperties.GetImageName(), authenticationMethod.Scheme, "Bearer"); } Regex realmPattern = new Regex("realm=\"(.*?)\""); Match realmMatcher = realmPattern.Match(authenticationMethod.Parameter); if (!realmMatcher.Success) { throw NewRegistryAuthenticationFailedException( registryEndpointRequestProperties.GetRegistry(), registryEndpointRequestProperties.GetImageName(), authenticationMethod.Parameter, "realm"); } string realm = realmMatcher.Groups[1].Value; Regex servicePattern = new Regex("service=\"(.*?)\""); Match serviceMatcher = servicePattern.Match(authenticationMethod.Parameter); // use the provided registry location when missing service (e.g., for OpenShift) string service = serviceMatcher.Success ? serviceMatcher.Groups[1].Value : registryEndpointRequestProperties.GetRegistry(); return(new RegistryAuthenticator(realm, service, registryEndpointRequestProperties, userAgent)); }
/** * @return the common action description for {@link Initializer}, {@link Writer}, and {@link * Committer} */ private string GetActionDescription() { return("push BLOB for " + registryEndpointRequestProperties.GetRegistry() + "/" + registryEndpointRequestProperties.GetImageName() + " with digest " + blobDigest); }
public Uri GetApiRoute(string apiRouteBase) { return(new Uri( apiRouteBase + registryEndpointRequestProperties.GetImageName() + "/manifests/" + imageTag)); }
public Uri GetApiRoute(string apiRouteBase) { return(new Uri( apiRouteBase + registryEndpointRequestProperties.GetImageName() + "/blobs/" + blobDigest)); }