mirror of
https://github.com/rust-lang/cargo
synced 2024-08-28 03:39:31 +00:00
cleanups round 1
This commit is contained in:
parent
c2a1daab63
commit
29ff25f6d9
|
@ -19,7 +19,7 @@ path = "src/cargo/lib.rs"
|
|||
bytesize = "1.0"
|
||||
cargo-platform = { path = "crates/cargo-platform", version = "0.1.2" }
|
||||
cargo-util = { path = "crates/cargo-util", version = "0.2.3" }
|
||||
crates-io = { path = "crates/crates-io", version = "0.35.0" }
|
||||
crates-io = { path = "crates/crates-io", version = "0.35.1" }
|
||||
curl = { version = "0.4.44", features = ["http2"] }
|
||||
curl-sys = "0.4.59"
|
||||
env_logger = "0.10.0"
|
||||
|
|
|
@ -799,7 +799,7 @@ impl HttpServer {
|
|||
// todo: PASETO with challenges
|
||||
// - If the operation is a mutation:
|
||||
if let Some(mutation) = mutation {
|
||||
// - That the operation matches the mutation field an is one of publish, yank, or unyank.
|
||||
// - That the operation matches the mutation field and is one of publish, yank, or unyank.
|
||||
if message.mutation != Some(mutation.mutation) {
|
||||
dbg!(message.mutation);
|
||||
return false;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "crates-io"
|
||||
version = "0.35.0"
|
||||
version = "0.35.1"
|
||||
edition = "2021"
|
||||
license = "MIT OR Apache-2.0"
|
||||
repository = "https://github.com/rust-lang/cargo"
|
||||
|
|
|
@ -11,13 +11,22 @@ pub fn cli() -> Command {
|
|||
.arg_quiet()
|
||||
.arg(Arg::new("token").action(ArgAction::Set))
|
||||
.arg(opt("registry", "Registry to use").value_name("REGISTRY"))
|
||||
.arg(flag("generate-keypair", "Generate a public/secret keypair").conflicts_with("token"))
|
||||
.arg(
|
||||
flag("secret-key", "Prompt for secret key")
|
||||
flag(
|
||||
"generate-keypair",
|
||||
"Generate a public/secret keypair (unstable)",
|
||||
)
|
||||
.conflicts_with("token"),
|
||||
)
|
||||
.arg(
|
||||
flag("secret-key", "Prompt for secret key (unstable)")
|
||||
.conflicts_with_all(&["generate-keypair", "token"]),
|
||||
)
|
||||
.arg(
|
||||
opt("key-subject", "Set the key subject for this registry")
|
||||
opt(
|
||||
"key-subject",
|
||||
"Set the key subject for this registry (unstable)",
|
||||
)
|
||||
.value_name("SUBJECT")
|
||||
.conflicts_with("token"),
|
||||
)
|
||||
|
|
|
@ -807,7 +807,11 @@ pub fn registry_login(
|
|||
let new_token;
|
||||
if generate_keypair || secret_key_required || key_subject.is_some() {
|
||||
if !config.cli_unstable().registry_auth {
|
||||
panic!("-Zregistry_auth required.");
|
||||
// todo use fail_if_stable_opt
|
||||
bail!(
|
||||
"asymmetric token options are unstable and require the \
|
||||
`-Z registry-auth` option on the nightly channel"
|
||||
);
|
||||
}
|
||||
assert!(token.is_none());
|
||||
// we are dealing with asymmetric tokens
|
||||
|
|
|
@ -3,9 +3,9 @@
|
|||
use crate::util::{config, config::ConfigKey, CanonicalUrl, CargoResult, Config, IntoUrl};
|
||||
use anyhow::{bail, format_err, Context as _};
|
||||
use cargo_util::ProcessError;
|
||||
use pasetors::paserk::FormatAsPaserk;
|
||||
use core::fmt;
|
||||
use pasetors::keys::{AsymmetricPublicKey, AsymmetricSecretKey};
|
||||
use pasetors::paserk::FormatAsPaserk;
|
||||
use serde::Deserialize;
|
||||
use std::collections::HashMap;
|
||||
use std::error::Error;
|
||||
|
|
|
@ -903,7 +903,7 @@ This same flag is also used to enable asymmetric authentication tokens.
|
|||
|
||||
Add support for Cargo to authenticate the user to registries without sending secrets over the network.
|
||||
|
||||
In [`config.toml`](https://doc.rust-lang.org/cargo/reference/config.html) and `credentials.toml` files there is a field called `private-key`, which is a private key formatted in the secret [subset of `PASERK`](https://github.com/paseto-standard/paserk/blob/master/types/secret.md) and is used to sign asymmetric tokens
|
||||
In [`config.toml`](config.md) and `credentials.toml` files there is a field called `private-key`, which is a private key formatted in the secret [subset of `PASERK`](https://github.com/paseto-standard/paserk/blob/master/types/secret.md) and is used to sign asymmetric tokens
|
||||
|
||||
A keypair can be generated with `cargo login --generate-keypair` which will:
|
||||
- generate a public/private keypair in the currently recommended fashion.
|
||||
|
|
|
@ -153,3 +153,20 @@ fn bad_asymmetric_token_args() {
|
|||
.with_status(1)
|
||||
.run();
|
||||
}
|
||||
|
||||
// todo why do theas hang when run as a test?
|
||||
// #[cargo_test]
|
||||
// fn asymmetric_requires_nightly() {
|
||||
// cargo_process("login --key-subject=foo")
|
||||
// .with_status(101)
|
||||
// .with_stderr_contains("asymmetric token options are unstable and require the `-Z registry-auth` option on the nightly channel")
|
||||
// .run();
|
||||
// cargo_process("login --generate-keypair")
|
||||
// .with_status(101)
|
||||
// .with_stderr_contains("asymmetric token options are unstable and require the `-Z registry-auth` option on the nightly channel")
|
||||
// .run();
|
||||
// cargo_process("login --secret-key")
|
||||
// .with_status(101)
|
||||
// .with_stderr_contains("asymmetric token options are unstable and require the `-Z registry-auth` option on the nightly channel")
|
||||
// .run();
|
||||
// }
|
||||
|
|
|
@ -115,7 +115,7 @@ fn simple_add_with_asymmetric() {
|
|||
.build();
|
||||
|
||||
// The http_api server will check that the authorization is correct.
|
||||
// If the authorization was not sent then we wuld get an unauthorized error.
|
||||
// If the authorization was not sent then we would get an unauthorized error.
|
||||
p.cargo("owner -a username")
|
||||
.arg("-Zregistry-auth")
|
||||
.masquerade_as_nightly_cargo(&["registry-auth"])
|
||||
|
@ -182,7 +182,7 @@ fn simple_remove_with_asymmetric() {
|
|||
.build();
|
||||
|
||||
// The http_api server will check that the authorization is correct.
|
||||
// If the authorization was not sent then we wuld get an unauthorized error.
|
||||
// If the authorization was not sent then we would get an unauthorized error.
|
||||
p.cargo("owner -r username")
|
||||
.arg("-Zregistry-auth")
|
||||
.replace_crates_io(registry.index_url())
|
||||
|
|
|
@ -1179,7 +1179,7 @@ fn login_with_asymmetric_key_subject_without_key() {
|
|||
.with_status(101)
|
||||
.run();
|
||||
|
||||
// ok so ad a secret_key to the credentials
|
||||
// ok so add a secret_key to the credentials
|
||||
cargo_process("login --secret-key -v -Z registry-auth")
|
||||
.masquerade_as_nightly_cargo(&["registry-auth"])
|
||||
.replace_crates_io(registry.index_url())
|
||||
|
|
|
@ -74,7 +74,7 @@ fn explicit_version_with_asymmetric() {
|
|||
.build();
|
||||
|
||||
// The http_api server will check that the authorization is correct.
|
||||
// If the authorization was not sent then we wuld get an unauthorized error.
|
||||
// If the authorization was not sent then we would get an unauthorized error.
|
||||
p.cargo("yank --version 0.0.1")
|
||||
.arg("-Zregistry-auth")
|
||||
.masquerade_as_nightly_cargo(&["registry-auth"])
|
||||
|
|
Loading…
Reference in a new issue