github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #3662 from cpuguy83/set_custom_scopes_for_authorizer

Browse Source 
Add function to set custom auth scope in context
This commit is contained in:
Michael Crosby 2019-09-18 15:10:51 -04:00 committed by GitHub
commit 6fafc8a724
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
remotes/docker/scope.go
View File

@ -51,19 +51,25 @@ func contextWithRepositoryScope(ctx context.Context, refspec reference.Spec, pus
if err != nil {
return nil, err
}
return context.WithValue(ctx, tokenScopesKey{}, []string{s}), nil
return WithScope(ctx, s), nil
}
// WithScope appends a custom registry auth scope to the context.
func WithScope(ctx context.Context, scope string) context.Context {
var scopes []string
if v := ctx.Value(tokenScopesKey{}); v != nil {
scopes = v.([]string)
scopes = append(scopes, scope)
} else {
scopes = []string{scope}
}
return context.WithValue(ctx, tokenScopesKey{}, scopes)
}
// contextWithAppendPullRepositoryScope is used to append repository pull
// scope into existing scopes indexed by the tokenScopesKey{}.
func contextWithAppendPullRepositoryScope(ctx context.Context, repo string) context.Context {
var scopes []string
if v := ctx.Value(tokenScopesKey{}); v != nil {
scopes = append(scopes, v.([]string)...)
}
scopes = append(scopes, fmt.Sprintf("repository:%s:pull", repo))
return context.WithValue(ctx, tokenScopesKey{}, scopes)
return WithScope(ctx, fmt.Sprintf("repository:%s:pull", repo))
}
// getTokenScopes returns deduplicated and sorted scopes from ctx.Value(tokenScopesKey{}) and common scopes.

12
remotes/docker/scope_test.go
View File

@ -22,6 +22,7 @@ import (
"github.com/containerd/containerd/reference"
"gotest.tools/assert"
"gotest.tools/assert/cmp"
)
func TestRepositoryScope(t *testing.T) {
@ -94,3 +95,14 @@ func TestGetTokenScopes(t *testing.T) {
assert.DeepEqual(t, tc.expected, actual)
}
}
func TestCustomScope(t *testing.T) {
scope := "whatever:foo/bar:pull"
ctx := WithScope(context.Background(), scope)
ctx = contextWithAppendPullRepositoryScope(ctx, "foo/bar")
scopes := getTokenScopes(ctx, []string{})
assert.Assert(t, cmp.Len(scopes, 2))
assert.Check(t, cmp.Equal(scopes[0], "repository:foo/bar:pull"))
assert.Check(t, cmp.Equal(scopes[1], scope))
}