// LegacyLoadFromReader reads the non-nested configuration data given and sets up the // auth config information with given directory and populates the receiver object func (configFile *ConfigFile) LegacyLoadFromReader(configData io.Reader) error { b, err := ioutil.ReadAll(configData) if err != nil { return err } if err := json.Unmarshal(b, &configFile.AuthConfigs); err != nil { arr := strings.Split(string(b), "\n") if len(arr) < 2 { return fmt.Errorf("The Auth config file is empty") } authConfig := types.AuthConfig{} origAuth := strings.Split(arr[0], " = ") if len(origAuth) != 2 { return fmt.Errorf("Invalid Auth config file") } authConfig.Username, authConfig.Password, err = decodeAuth(origAuth[1]) if err != nil { return err } authConfig.ServerAddress = defaultIndexserver configFile.AuthConfigs[defaultIndexserver] = authConfig } else { for k, authConfig := range configFile.AuthConfigs { authConfig.Username, authConfig.Password, err = decodeAuth(authConfig.Auth) if err != nil { return err } authConfig.Auth = "" authConfig.ServerAddress = k configFile.AuthConfigs[k] = authConfig } } return nil }
// getCredentialsFromStore executes the command to get the credentials from the native store. func (c *nativeStore) getCredentialsFromStore(serverAddress string) (types.AuthConfig, error) { var ret types.AuthConfig cmd := c.commandFn("get") cmd.Input(strings.NewReader(serverAddress)) out, err := cmd.Output() if err != nil { t := strings.TrimSpace(string(out)) // do not return an error if the credentials are not // in the keyckain. Let docker ask for new credentials. if t == errCredentialsNotFound.Error() { return ret, nil } logrus.Debugf("error getting credentials - err: %v, out: `%s`", err, t) return ret, fmt.Errorf(t) } var resp credentialsGetResponse if err := json.NewDecoder(bytes.NewReader(out)).Decode(&resp); err != nil { return ret, err } ret.Username = resp.Username ret.Password = resp.Password ret.ServerAddress = serverAddress return ret, nil }
// Store saves the given credentials in the file store. func (c *nativeStore) Store(authConfig types.AuthConfig) error { if err := c.storeCredentialsInStore(authConfig); err != nil { return err } authConfig.Username = "" authConfig.Password = "" // Fallback to old credential in plain text to save only the email return c.fileStore.Store(authConfig) }
// getCredentialsFromStore executes the command to get the credentials from the native store. func (c *nativeStore) getCredentialsFromStore(serverAddress string) (types.AuthConfig, error) { var ret types.AuthConfig creds, err := client.Get(c.programFunc, serverAddress) if err != nil { if credentials.IsErrCredentialsNotFound(err) { // do not return an error if the credentials are not // in the keyckain. Let docker ask for new credentials. return ret, nil } return ret, err } if creds.Username == tokenUsername { ret.IdentityToken = creds.Secret } else { ret.Password = creds.Secret ret.Username = creds.Username } ret.ServerAddress = serverAddress return ret, nil }
// Auth contacts the public registry with the provided credentials, // and returns OK if authentication was successful. // It can be used to verify the validity of a client's credentials. func (s *Service) Auth(authConfig *types.AuthConfig, userAgent string) (string, error) { addr := authConfig.ServerAddress if addr == "" { // Use the official registry address if not specified. addr = IndexServer } index, err := s.ResolveIndex(addr) if err != nil { return "", err } endpointVersion := APIVersion(APIVersionUnknown) if V2Only { // Override the endpoint to only attempt a v2 ping endpointVersion = APIVersion2 } endpoint, err := NewEndpoint(index, userAgent, nil, endpointVersion) if err != nil { return "", err } authConfig.ServerAddress = endpoint.String() return Login(authConfig, endpoint) }