public Factory(
IEventHandlers eventHandlers,
RegistryEndpointRequestProperties registryEndpointRequestProperties)
{
this.eventHandlers = eventHandlers;
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
}
public BlobChecker(
RegistryEndpointRequestProperties registryEndpointRequestProperties,
BlobDescriptor blobDigest)
{
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
blobDescriptor = blobDigest;
}
public ManifestPusher(
RegistryEndpointRequestProperties registryEndpointRequestProperties,
IBuildableManifestTemplate manifestTemplate,
string imageTag,
IEventHandlers eventHandlers)
{
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
this.manifestTemplate = manifestTemplate;
this.imageTag = imageTag;
this.eventHandlers = eventHandlers;
}
public BlobPusher(
RegistryEndpointRequestProperties registryEndpointRequestProperties,
DescriptorDigest blobDigest,
IBlob blob,
string sourceRepository)
{
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
this.blobDigest = blobDigest;
this.blob = blob;
this.sourceRepository = sourceRepository;
}
private RegistryAuthenticator(
string realm,
string service,
RegistryEndpointRequestProperties registryEndpointRequestProperties,
IEnumerable <ProductInfoHeaderValue> userAgent)
{
this.realm = realm;
this.service = service;
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
this.userAgent = userAgent;
}
/**
* Instantiate with {@link #factory}.
*
* @param eventHandlers the event handlers used for dispatching log events
* @param authorization the {@link Authorization} to access the registry/repository
* @param registryEndpointRequestProperties properties of registry endpoint requests
* @param allowInsecureRegistries if {@code true}, insecure connections will be allowed
*/
private RegistryClient(
IEventHandlers eventHandlers,
Authorization authorization,
RegistryEndpointRequestProperties registryEndpointRequestProperties,
bool allowInsecureRegistries,
IEnumerable <ProductInfoHeaderValue> userAgent)
{
this.eventHandlers = eventHandlers;
this.authorization = authorization;
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
this.allowInsecureRegistries = allowInsecureRegistries;
this.userAgent = userAgent;
}
public BlobPuller(
RegistryEndpointRequestProperties registryEndpointRequestProperties,
DescriptorDigest blobDigest,
Stream destinationOutputStream,
Action <long> blobSizeListener,
Action <long> writtenByteCountListener)
{
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
this.blobDigest = blobDigest;
this.destinationOutputStream = destinationOutputStream;
this.blobSizeListener = blobSizeListener;
this.writtenByteCountListener = writtenByteCountListener;
}
// TODO: Replace with a WWW-Authenticate header parser.
/**
* Instantiates from parsing a {@code WWW-Authenticate} header.
*
* @param authenticationMethod the {@code WWW-Authenticate} header value
* @param registryEndpointRequestProperties the registry request properties
* @param userAgent the {@code User-Agent} header value to use in later authentication calls
* @return a new {@link RegistryAuthenticator} for authenticating with the registry service
* @throws RegistryAuthenticationFailedException if authentication fails
* @see <a
* href="https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate">https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate</a>
*/
public static RegistryAuthenticator FromAuthenticationMethod(
AuthenticationHeaderValue authenticationMethod,
RegistryEndpointRequestProperties registryEndpointRequestProperties,
IEnumerable <ProductInfoHeaderValue> userAgent)
{
authenticationMethod =
authenticationMethod ?? throw new ArgumentNullException(nameof(authenticationMethod));
registryEndpointRequestProperties =
registryEndpointRequestProperties ??
throw new ArgumentNullException(nameof(registryEndpointRequestProperties));
// If the authentication method starts with 'basic ' (case insensitive), no registry
// authentication is needed.
if (string.Equals(authenticationMethod.Scheme, "basic", StringComparison.OrdinalIgnoreCase))
{
return(null);
}
// Checks that the authentication method starts with 'bearer ' (case insensitive).
if (!string.Equals(authenticationMethod.Scheme, "bearer", StringComparison.OrdinalIgnoreCase))
{
throw NewRegistryAuthenticationFailedException(
registryEndpointRequestProperties.GetRegistry(),
registryEndpointRequestProperties.GetImageName(),
authenticationMethod.Scheme,
"Bearer");
}
Regex realmPattern = new Regex("realm=\"(.*?)\"");
Match realmMatcher = realmPattern.Match(authenticationMethod.Parameter);
if (!realmMatcher.Success)
{
throw NewRegistryAuthenticationFailedException(
registryEndpointRequestProperties.GetRegistry(),
registryEndpointRequestProperties.GetImageName(),
authenticationMethod.Parameter,
"realm");
}
string realm = realmMatcher.Groups[1].Value;
Regex servicePattern = new Regex("service=\"(.*?)\"");
Match serviceMatcher = servicePattern.Match(authenticationMethod.Parameter);
// use the provided registry location when missing service (e.g., for OpenShift)
string service =
serviceMatcher.Success
? serviceMatcher.Groups[1].Value
: registryEndpointRequestProperties.GetRegistry();
return(new RegistryAuthenticator(realm, service, registryEndpointRequestProperties, userAgent));
}
public ManifestPuller(RegistryEndpointRequestProperties registryEndpointRequestProperties, string imageTag) : base(registryEndpointRequestProperties, imageTag)
{
}
public AuthenticationMethodRetriever(
RegistryEndpointRequestProperties registryEndpointRequestProperties, IEnumerable <ProductInfoHeaderValue> userAgent)
{
this.registryEndpointRequestProperties = registryEndpointRequestProperties;
this.userAgent = userAgent;
}
