[Pkg-libvirt-commits] [libvirt-sandbox] 31/42: docker: implement support for oauth

Sat May 27 16:27:09 UTC 2017

This is an automated email from the git hooks/post-receive script.

agx pushed a commit to branch debian/experimental
in repository libvirt-sandbox.

commit 0e1bd373066a1de69cb903ffd4ce8146afbe9169
Author: Daniel P. Berrange <berrange at redhat.com>
Date:   Fri Jul 15 13:50:50 2016 +0100

    docker: implement support for oauth
    
    Latest docker v2 registry uses OAuth for creating tokens,
    identified by the "Bearer" method in the 'WWW-Authenticate'
    header. Add a DockerAuthBearer impl to deal with this.
    
    Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
 libvirt-sandbox/image/sources/docker.py | 49 +++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/libvirt-sandbox/image/sources/docker.py b/libvirt-sandbox/image/sources/docker.py
index 3cc321b..0ca24cb 100644
--- a/libvirt-sandbox/image/sources/docker.py
+++ b/libvirt-sandbox/image/sources/docker.py
@@ -153,6 +153,55 @@ class DockerAuthToken(DockerAuth):
         return False
 
 
+class DockerAuthBearer(DockerAuth):
+
+    def __init__(self):
+        self.token = None
+
+    def prepare_req(self, req):
+        if self.token is not None:
+            req.add_header("Authorization", "Bearer %s" % self.token)
+
+    def process_res(self, res):
+        pass
+
+    def process_err(self, err):
+        method = err.headers.get("WWW-Authenticate", None)
+        if method is None:
+            return False
+
+        if not method.startswith("Bearer "):
+            return False
+
+        challenge = method[7:]
+
+        bits = challenge.split(",")
+        attrs = {}
+        for bit in bits:
+            subbit = bit.split("=")
+            attrs[subbit[0]] = subbit[1][1:-1]
+
+        url = attrs["realm"]
+        del attrs["realm"]
+        if "error" in attrs:
+            del attrs["error"]
+
+        params = "&".join([
+            "%s=%s" % (attr, attrs[attr])
+            for attr in attrs.keys()
+        ])
+        if params != "":
+            url = url + "?" + params
+
+        req = urllib2.Request(url=url)
+        req.add_header("Accept", "application/json")
+
+        res = urllib2.urlopen(req)
+        data = json.loads(res.read())
+        self.token = data["token"]
+        return True
+
+
 class DockerRegistry():
 
     def __init__(self, uri_base):

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libvirt-sandbox.git

