package auth
import "github.com/containerd/containerd/remotes/docker/auth"
Index ¶
- Variables
- type AuthenticationScheme
- type Challenge
- type FetchTokenResponse
- type OAuthTokenResponse
- type TokenOptions
Variables ¶
var ( // ErrNoToken is returned if a request is successful but the body does not // contain an authorization token. ErrNoToken = errors.New("authorization server did not include a token in the response") )
Types ¶
type AuthenticationScheme ¶
type AuthenticationScheme byte
AuthenticationScheme defines scheme of the authentication method
const ( // BasicAuth is scheme for Basic HTTP Authentication RFC 7617 BasicAuth AuthenticationScheme = 1 << iota // DigestAuth is scheme for HTTP Digest Access Authentication RFC 7616 DigestAuth // BearerAuth is scheme for OAuth 2.0 Bearer Tokens RFC 6750 BearerAuth )
type Challenge ¶
type Challenge struct {
// scheme is the auth-scheme according to RFC 2617
Scheme AuthenticationScheme
// parameters are the auth-params according to RFC 2617
Parameters map[string]string
}
Challenge carries information from a WWW-Authenticate response header. See RFC 2617.
func ParseAuthHeader ¶
ParseAuthHeader parses challenges from WWW-Authenticate header
type FetchTokenResponse ¶
type FetchTokenResponse struct {
Token string `json:"token"`
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
IssuedAt time.Time `json:"issued_at"`
RefreshToken string `json:"refresh_token"`
}
FetchTokenResponse is response from fetching token with GET request
func FetchToken ¶
func FetchToken(ctx context.Context, client *http.Client, headers http.Header, to TokenOptions) (*FetchTokenResponse, error)
FetchToken fetches a token using a GET request
type OAuthTokenResponse ¶
type OAuthTokenResponse struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
ExpiresIn int `json:"expires_in"`
IssuedAt time.Time `json:"issued_at"`
Scope string `json:"scope"`
}
OAuthTokenResponse is response from fetching token with a OAuth POST request
func FetchTokenWithOAuth ¶
func FetchTokenWithOAuth(ctx context.Context, client *http.Client, headers http.Header, clientID string, to TokenOptions) (*OAuthTokenResponse, error)
FetchTokenWithOAuth fetches a token using a POST request
type TokenOptions ¶
type TokenOptions struct {
Realm string
Service string
Scopes []string
Username string
Secret string
// FetchRefreshToken enables fetching a refresh token (aka "identity token", "offline token") along with the bearer token.
//
// For HTTP GET mode (FetchToken), FetchRefreshToken sets `offline_token=true` in the request.
// https://docs.docker.com/registry/spec/auth/token/#requesting-a-token
//
// For HTTP POST mode (FetchTokenWithOAuth), FetchRefreshToken sets `access_type=offline` in the request.
// https://docs.docker.com/registry/spec/auth/oauth/#getting-a-token
FetchRefreshToken bool
}
TokenOptions are options for requesting a token
func GenerateTokenOptions ¶
func GenerateTokenOptions(ctx context.Context, host, username, secret string, c Challenge) (TokenOptions, error)
GenerateTokenOptions generates options for fetching a token based on a challenge
Source Files ¶
- Version
- v1.7.27 (latest)
- Published
- Mar 17, 2025
- Platform
- js/wasm
- Imports
- 12 packages
- Last checked
- 5 hours ago –
Tools for package owners.