diff options
author | Joffrey F <joffrey@docker.com> | 2015-02-27 11:45:21 -0800 |
---|---|---|
committer | Joffrey F <joffrey@docker.com> | 2015-02-27 11:45:21 -0800 |
commit | a341aa2d268c3773d9988a7a1775441e25a6134b (patch) | |
tree | 3b5f0489a819500d2e4678c7cdac1bf45dbddb32 | |
parent | 5ce02b9f141c2ebe524946f2daeb518b86ce2efc (diff) | |
parent | 86390888d873af3ba1a7e52d3e950ae4ff6ed840 (diff) | |
download | docker-py-a341aa2d268c3773d9988a7a1775441e25a6134b.tar.gz |
Merge branch 'aanand-fix-resolve-authconfig'
-rw-r--r-- | docker/auth/auth.py | 44 | ||||
-rw-r--r-- | docker/client.py | 3 | ||||
-rw-r--r-- | tests/utils_test.py | 12 |
3 files changed, 29 insertions, 30 deletions
diff --git a/docker/auth/auth.py b/docker/auth/auth.py index 8693910..e38f9c7 100644 --- a/docker/auth/auth.py +++ b/docker/auth/auth.py @@ -26,14 +26,6 @@ INDEX_URL = 'https://index.docker.io/v1/' DOCKER_CONFIG_FILENAME = '.dockercfg' -def swap_protocol(url): - if url.startswith('http://'): - return url.replace('http://', 'https://', 1) - if url.startswith('https://'): - return url.replace('https://', 'http://', 1) - return url - - def expand_registry_url(hostname, insecure=False): if hostname.startswith('http:') or hostname.startswith('https:'): return hostname @@ -68,29 +60,27 @@ def resolve_repository_name(repo_name, insecure=False): def resolve_authconfig(authconfig, registry=None): - """Return the authentication data from the given auth configuration for a - specific registry. We'll do our best to infer the correct URL for the - registry, trying both http and https schemes. Returns an empty dictionnary - if no data exists.""" + """ + Returns the authentication data from the given auth configuration for a + specific registry. As with the Docker client, legacy entries in the config + with full URLs are stripped down to hostnames before checking for a match. + Returns None if no match was found. + """ # Default to the public index server - registry = registry or INDEX_URL - - # If it's not the index server there are three cases: - # - # 1. this is a full config url -> it should be used as is - # 2. it could be a full url, but with the wrong protocol - # 3. it can be the hostname optionally with a port - # - # as there is only one auth entry which is fully qualified we need to start - # parsing and matching - if '/v1/' not in registry: - registry = os.path.join(registry, 'v1/') - if not registry.startswith('http:') and not registry.startswith('https:'): - registry = 'https://' + registry + registry = convert_to_hostname(registry) if registry else INDEX_URL if registry in authconfig: return authconfig[registry] - return authconfig.get(swap_protocol(registry), None) + + for key, config in six.iteritems(authconfig): + if convert_to_hostname(key) == registry: + return config + + return None + + +def convert_to_hostname(url): + return url.replace('http://', '').replace('https://', '').split('/', 1)[0] def encode_auth(auth_info): diff --git a/docker/client.py b/docker/client.py index 26adf28..88d435f 100644 --- a/docker/client.py +++ b/docker/client.py @@ -627,8 +627,7 @@ class Client(requests.Session): elif not self._auth_configs: self._auth_configs = auth.load_config() - registry = auth.expand_registry_url(registry, insecure_registry) \ - if registry else auth.INDEX_URL + registry = registry or auth.INDEX_URL authcfg = auth.resolve_authconfig(self._auth_configs, registry) # If we found an existing auth config for this registry and username diff --git a/tests/utils_test.py b/tests/utils_test.py index 9b6461f..75de915 100644 --- a/tests/utils_test.py +++ b/tests/utils_test.py @@ -104,7 +104,8 @@ class UtilsTest(unittest.TestCase): def test_resolve_authconfig(self): auth_config = { 'https://index.docker.io/v1/': {'auth': 'indexuser'}, - 'http://my.registry.net/v1/': {'auth': 'privateuser'} + 'my.registry.net': {'auth': 'privateuser'}, + 'http://legacy.registry.url/v1/': {'auth': 'legacyauth'} } # hostname only self.assertEqual( @@ -154,6 +155,15 @@ class UtilsTest(unittest.TestCase): resolve_authconfig(auth_config, 'http://my.registry.net/v1/'), {'auth': 'privateuser'} ) + # legacy entry in config + self.assertEqual( + resolve_authconfig(auth_config, 'legacy.registry.url'), + {'auth': 'legacyauth'} + ) + # no matching entry + self.assertTrue( + resolve_authconfig(auth_config, 'does.not.exist') is None + ) if __name__ == '__main__': |