github.com/DaoCloud/dao@v0.0.0-20161212064103-c3dbfd13ee36/api/client/registry.go (about)

     1  package client
     2  
     3  import (
     4  	"bufio"
     5  	"encoding/base64"
     6  	"encoding/json"
     7  	"fmt"
     8  	"io"
     9  	"os"
    10  	"runtime"
    11  	"strings"
    12  
    13  	"golang.org/x/net/context"
    14  
    15  	"github.com/docker/docker/pkg/term"
    16  	"github.com/docker/docker/reference"
    17  	"github.com/docker/docker/registry"
    18  	"github.com/docker/engine-api/types"
    19  	registrytypes "github.com/docker/engine-api/types/registry"
    20  )
    21  
    22  // ElectAuthServer returns the default registry to use (by asking the daemon)
    23  func (cli *DockerCli) ElectAuthServer(ctx context.Context) string {
    24  	// The daemon `/info` endpoint informs us of the default registry being
    25  	// used. This is essential in cross-platforms environment, where for
    26  	// example a Linux client might be interacting with a Windows daemon, hence
    27  	// the default registry URL might be Windows specific.
    28  	serverAddress := registry.IndexServer
    29  	if info, err := cli.client.Info(ctx); err != nil {
    30  		fmt.Fprintf(cli.out, "Warning: failed to get default registry endpoint from daemon (%v). Using system default: %s\n", err, serverAddress)
    31  	} else {
    32  		serverAddress = info.IndexServerAddress
    33  	}
    34  	return serverAddress
    35  }
    36  
    37  // EncodeAuthToBase64 serializes the auth configuration as JSON base64 payload
    38  func EncodeAuthToBase64(authConfig types.AuthConfig) (string, error) {
    39  	buf, err := json.Marshal(authConfig)
    40  	if err != nil {
    41  		return "", err
    42  	}
    43  	return base64.URLEncoding.EncodeToString(buf), nil
    44  }
    45  
    46  // RegistryAuthenticationPrivilegedFunc returns a RequestPrivilegeFunc from the specified registry index info
    47  // for the given command.
    48  func (cli *DockerCli) RegistryAuthenticationPrivilegedFunc(index *registrytypes.IndexInfo, cmdName string) types.RequestPrivilegeFunc {
    49  	return func() (string, error) {
    50  		fmt.Fprintf(cli.out, "\nPlease login prior to %s:\n", cmdName)
    51  		indexServer := registry.GetAuthConfigKey(index)
    52  		authConfig, err := cli.ConfigureAuth("", "", indexServer, false)
    53  		if err != nil {
    54  			return "", err
    55  		}
    56  		return EncodeAuthToBase64(authConfig)
    57  	}
    58  }
    59  
    60  func (cli *DockerCli) promptWithDefault(prompt string, configDefault string) {
    61  	if configDefault == "" {
    62  		fmt.Fprintf(cli.out, "%s: ", prompt)
    63  	} else {
    64  		fmt.Fprintf(cli.out, "%s (%s): ", prompt, configDefault)
    65  	}
    66  }
    67  
    68  // ResolveAuthConfig is like registry.ResolveAuthConfig, but if using the
    69  // default index, it uses the default index name for the daemon's platform,
    70  // not the client's platform.
    71  func (cli *DockerCli) ResolveAuthConfig(ctx context.Context, index *registrytypes.IndexInfo) types.AuthConfig {
    72  	configKey := index.Name
    73  	if index.Official {
    74  		configKey = cli.ElectAuthServer(ctx)
    75  	}
    76  
    77  	a, _ := GetCredentials(cli.configFile, configKey)
    78  	return a
    79  }
    80  
    81  // RetrieveAuthConfigs return all credentials.
    82  func (cli *DockerCli) RetrieveAuthConfigs() map[string]types.AuthConfig {
    83  	acs, _ := GetAllCredentials(cli.configFile)
    84  	return acs
    85  }
    86  
    87  // ConfigureAuth returns an AuthConfig from the specified user, password and server.
    88  func (cli *DockerCli) ConfigureAuth(flUser, flPassword, serverAddress string, isDefaultRegistry bool) (types.AuthConfig, error) {
    89  	// On Windows, force the use of the regular OS stdin stream. Fixes #14336/#14210
    90  	if runtime.GOOS == "windows" {
    91  		cli.in = os.Stdin
    92  	}
    93  
    94  	authconfig, err := GetCredentials(cli.configFile, serverAddress)
    95  	if err != nil {
    96  		return authconfig, err
    97  	}
    98  
    99  	// Some links documenting this:
   100  	// - https://code.google.com/archive/p/mintty/issues/56
   101  	// - https://github.com/docker/docker/issues/15272
   102  	// - https://mintty.github.io/ (compatibility)
   103  	// Linux will hit this if you attempt `cat | docker login`, and Windows
   104  	// will hit this if you attempt docker login from mintty where stdin
   105  	// is a pipe, not a character based console.
   106  	if flPassword == "" && !cli.isTerminalIn {
   107  		return authconfig, fmt.Errorf("Error: Cannot perform an interactive login from a non TTY device")
   108  	}
   109  
   110  	authconfig.Username = strings.TrimSpace(authconfig.Username)
   111  
   112  	if flUser = strings.TrimSpace(flUser); flUser == "" {
   113  		if isDefaultRegistry {
   114  			// if this is a default registry (docker hub), then display the following message.
   115  			fmt.Fprintln(cli.out, "Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.")
   116  		}
   117  		cli.promptWithDefault("Username", authconfig.Username)
   118  		flUser = readInput(cli.in, cli.out)
   119  		flUser = strings.TrimSpace(flUser)
   120  		if flUser == "" {
   121  			flUser = authconfig.Username
   122  		}
   123  	}
   124  	if flUser == "" {
   125  		return authconfig, fmt.Errorf("Error: Non-null Username Required")
   126  	}
   127  	if flPassword == "" {
   128  		oldState, err := term.SaveState(cli.inFd)
   129  		if err != nil {
   130  			return authconfig, err
   131  		}
   132  		fmt.Fprintf(cli.out, "Password: ")
   133  		term.DisableEcho(cli.inFd, oldState)
   134  
   135  		flPassword = readInput(cli.in, cli.out)
   136  		fmt.Fprint(cli.out, "\n")
   137  
   138  		term.RestoreTerminal(cli.inFd, oldState)
   139  		if flPassword == "" {
   140  			return authconfig, fmt.Errorf("Error: Password Required")
   141  		}
   142  	}
   143  
   144  	authconfig.Username = flUser
   145  	authconfig.Password = flPassword
   146  	authconfig.ServerAddress = serverAddress
   147  	authconfig.IdentityToken = ""
   148  
   149  	return authconfig, nil
   150  }
   151  
   152  // resolveAuthConfigFromImage retrieves that AuthConfig using the image string
   153  func (cli *DockerCli) resolveAuthConfigFromImage(ctx context.Context, image string) (types.AuthConfig, error) {
   154  	registryRef, err := reference.ParseNamed(image)
   155  	if err != nil {
   156  		return types.AuthConfig{}, err
   157  	}
   158  	repoInfo, err := registry.ParseRepositoryInfo(registryRef)
   159  	if err != nil {
   160  		return types.AuthConfig{}, err
   161  	}
   162  	authConfig := cli.ResolveAuthConfig(ctx, repoInfo.Index)
   163  	return authConfig, nil
   164  }
   165  
   166  // RetrieveAuthTokenFromImage retrieves an encoded auth token given a complete image
   167  func (cli *DockerCli) RetrieveAuthTokenFromImage(ctx context.Context, image string) (string, error) {
   168  	// Retrieve encoded auth token from the image reference
   169  	authConfig, err := cli.resolveAuthConfigFromImage(ctx, image)
   170  	if err != nil {
   171  		return "", err
   172  	}
   173  	encodedAuth, err := EncodeAuthToBase64(authConfig)
   174  	if err != nil {
   175  		return "", err
   176  	}
   177  	return encodedAuth, nil
   178  }
   179  
   180  func readInput(in io.Reader, out io.Writer) string {
   181  	reader := bufio.NewReader(in)
   182  	line, _, err := reader.ReadLine()
   183  	if err != nil {
   184  		fmt.Fprintln(out, err.Error())
   185  		os.Exit(1)
   186  	}
   187  	return string(line)
   188  }