mirror of
https://github.com/containers/podman
synced 2024-10-21 01:34:37 +00:00
Add unit tests for multiAuthHeader
Also rename it to parseMultiAuthHeader. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
parent
47f4f149bd
commit
b162d8868c
|
@ -21,7 +21,7 @@ type HeaderAuthName string
|
|||
func (h HeaderAuthName) String() string { return string(h) }
|
||||
|
||||
// XRegistryAuthHeader is the key to the encoded registry authentication configuration in an http-request header.
|
||||
// This header supports one registry per header occurrence. To support N registries provided N headers, one per registry.
|
||||
// This header supports one registry per header occurrence. To support N registries provide N headers, one per registry.
|
||||
// As of Docker API 1.40 and Libpod API 1.0.0, this header is supported by all endpoints.
|
||||
const XRegistryAuthHeader HeaderAuthName = "X-Registry-Auth"
|
||||
|
||||
|
@ -108,7 +108,7 @@ func getConfigCredentials(r *http.Request) (*types.DockerAuthConfig, string, err
|
|||
// should be removed after usage.
|
||||
func getAuthCredentials(r *http.Request) (*types.DockerAuthConfig, string, error) {
|
||||
// First look for a multi-auth header (i.e., a map).
|
||||
authConfigs, err := multiAuthHeader(r)
|
||||
authConfigs, err := parseMultiAuthHeader(r)
|
||||
if err == nil {
|
||||
authfile, err := authConfigsToAuthFile(authConfigs)
|
||||
return nil, authfile, err
|
||||
|
@ -327,9 +327,9 @@ func singleAuthHeader(r *http.Request) (map[string]types.DockerAuthConfig, error
|
|||
return authConfigs, nil
|
||||
}
|
||||
|
||||
// multiAuthHeader extracts a DockerAuthConfig from the request's header.
|
||||
// parseMultiAuthHeader extracts a DockerAuthConfig from the request's header.
|
||||
// The header content is a map[string]DockerAuthConfigs.
|
||||
func multiAuthHeader(r *http.Request) (map[string]types.DockerAuthConfig, error) {
|
||||
func parseMultiAuthHeader(r *http.Request) (map[string]types.DockerAuthConfig, error) {
|
||||
authHeader := r.Header.Get(string(XRegistryAuthHeader))
|
||||
// Accept "null" and handle it as empty value for compatibility reason with Docker.
|
||||
// Some java docker clients pass this value, e.g. this one used in Eclipse.
|
||||
|
|
|
@ -1,11 +1,14 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"testing"
|
||||
|
||||
"github.com/containers/image/v5/types"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestAuthConfigsToAuthFile(t *testing.T) {
|
||||
|
@ -64,3 +67,39 @@ func TestAuthConfigsToAuthFile(t *testing.T) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestParseMultiAuthHeader(t *testing.T) {
|
||||
for _, tc := range []struct {
|
||||
input string
|
||||
shouldErr bool
|
||||
expected map[string]types.DockerAuthConfig
|
||||
}{
|
||||
// Empty header
|
||||
{input: "", expected: nil},
|
||||
// "null"
|
||||
{input: "null", expected: nil},
|
||||
// Invalid JSON
|
||||
{input: "@", shouldErr: true},
|
||||
// Success
|
||||
{
|
||||
input: base64.URLEncoding.EncodeToString([]byte(
|
||||
`{"https://index.docker.io/v1/":{"username":"u1","password":"p1"},` +
|
||||
`"quay.io/libpod":{"username":"u2","password":"p2"}}`)),
|
||||
expected: map[string]types.DockerAuthConfig{
|
||||
"https://index.docker.io/v1/": {Username: "u1", Password: "p1"},
|
||||
"quay.io/libpod": {Username: "u2", Password: "p2"},
|
||||
},
|
||||
},
|
||||
} {
|
||||
req, err := http.NewRequest(http.MethodPost, "/", nil)
|
||||
require.NoError(t, err, tc.input)
|
||||
req.Header.Set(XRegistryAuthHeader.String(), tc.input)
|
||||
res, err := parseMultiAuthHeader(req)
|
||||
if tc.shouldErr {
|
||||
assert.Error(t, err, tc.input)
|
||||
} else {
|
||||
require.NoError(t, err, tc.input)
|
||||
assert.Equal(t, tc.expected, res, tc.input)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue