mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-23 00:57:44 +01:00
handler from=repo
This commit is contained in:
parent
0a873bc046
commit
bf53ca9a47
@ -75,14 +75,14 @@ func RefreshCatalogCache() error {
|
||||
rc, err = registry.NewRepositoryWithUsername(repo, endpoint, username)
|
||||
if err != nil {
|
||||
log.Errorf("error occurred while initializing repository client used by cache: %s %v", repo, err)
|
||||
return err
|
||||
continue
|
||||
}
|
||||
repositoryClients[repo] = rc
|
||||
}
|
||||
tags, err := rc.ListTag()
|
||||
if err != nil {
|
||||
log.Errorf("error occurred while list tag for %s: %v", repo, err)
|
||||
return err
|
||||
continue
|
||||
}
|
||||
|
||||
if len(tags) != 0 {
|
||||
|
@ -59,8 +59,20 @@ func (t *tokenHandler) Scheme() string {
|
||||
// AuthorizeRequest will add authorization header which contains a token before the request is sent
|
||||
func (t *tokenHandler) AuthorizeRequest(req *http.Request, params map[string]string) error {
|
||||
var scopes []*scope
|
||||
var token string
|
||||
|
||||
// TODO handle additional scope: xxx.xxx.xxx?from=repo
|
||||
hasFrom := false
|
||||
from := req.URL.Query().Get("from")
|
||||
if len(from) != 0 {
|
||||
s := &scope{
|
||||
Type: "repository",
|
||||
Name: from,
|
||||
Actions: []string{"pull"},
|
||||
}
|
||||
scopes = append(scopes, s)
|
||||
// do not cache the token if "from" appears
|
||||
hasFrom = true
|
||||
}
|
||||
|
||||
scopes = append(scopes, t.scope)
|
||||
|
||||
@ -70,7 +82,7 @@ func (t *tokenHandler) AuthorizeRequest(req *http.Request, params map[string]str
|
||||
expired = t.issuedAt.Add(time.Duration(t.expiresIn) * time.Second).Before(time.Now().UTC())
|
||||
}
|
||||
|
||||
if expired {
|
||||
if expired || hasFrom {
|
||||
scopeStrs := []string{}
|
||||
for _, scope := range scopes {
|
||||
scopeStrs = append(scopeStrs, scope.string())
|
||||
@ -79,16 +91,19 @@ func (t *tokenHandler) AuthorizeRequest(req *http.Request, params map[string]str
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
t.cache = token
|
||||
t.expiresIn = expiresIn
|
||||
t.issuedAt = issuedAt
|
||||
}
|
||||
|
||||
if !expired {
|
||||
if !hasFrom {
|
||||
t.cache = token
|
||||
t.expiresIn = expiresIn
|
||||
t.issuedAt = issuedAt
|
||||
log.Debug("add token to cache")
|
||||
}
|
||||
} else {
|
||||
token = t.cache
|
||||
log.Debug("get token from cache")
|
||||
}
|
||||
|
||||
req.Header.Add(http.CanonicalHeaderKey("Authorization"), fmt.Sprintf("Bearer %s", t.cache))
|
||||
req.Header.Add(http.CanonicalHeaderKey("Authorization"), fmt.Sprintf("Bearer %s", token))
|
||||
log.Debugf("add token to request: %s %s", req.Method, req.URL.String())
|
||||
|
||||
return nil
|
||||
@ -214,7 +229,6 @@ func NewUsernameTokenHandler(username string, scopeType, scopeName string, scope
|
||||
}
|
||||
|
||||
func (u *usernameTokenHandler) generateToken(realm, service string, scopes []string) (token string, expiresIn int, issuedAt *time.Time, err error) {
|
||||
// TODO
|
||||
token, expiresIn, issuedAt, err = token_util.GenTokenForUI(u.username, service, scopes)
|
||||
log.Debug("get token by calling GenTokenForUI directly")
|
||||
return
|
||||
|
@ -73,6 +73,8 @@ func NewRegistryWithUsername(endpoint, username string) (*Registry, error) {
|
||||
client: client,
|
||||
}
|
||||
|
||||
log.Debugf("initialized a registry client with username: %s %s", endpoint, username)
|
||||
|
||||
return registry, nil
|
||||
}
|
||||
|
||||
|
@ -103,7 +103,7 @@ func NewRepositoryWithUsername(name, endpoint, username string) (*Repository, er
|
||||
client: client,
|
||||
}
|
||||
|
||||
log.Debugf("initialized a repository client with username: %s %s", endpoint, name)
|
||||
log.Debugf("initialized a repository client with username: %s %s", endpoint, name, username)
|
||||
|
||||
return repository, nil
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user