From d05817c8a2017dd5868074bbfbb07f8ce80429d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wenkai=20Yin=28=E5=B0=B9=E6=96=87=E5=BC=80=29?= Date: Wed, 25 Mar 2020 01:19:11 +0800 Subject: [PATCH] Update the URL checking logic of auth proxy security generator (#11180) As we don't support bearer token in Harbor 2.0, the URL checking logic in auth proxy security generator should be updated Signed-off-by: Wenkai Yin --- src/server/middleware/security/auth_proxy.go | 2 +- src/server/middleware/security/auth_proxy_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/server/middleware/security/auth_proxy.go b/src/server/middleware/security/auth_proxy.go index c0a0e79aba..7d07f7eea9 100644 --- a/src/server/middleware/security/auth_proxy.go +++ b/src/server/middleware/security/auth_proxy.go @@ -38,7 +38,7 @@ func (a *authProxy) Generate(req *http.Request) security.Context { return nil } // only support docker login - if req.URL.Path != "/service/token" { + if !strings.HasPrefix(req.URL.Path, "/v2") { return nil } proxyUserName, proxyPwd, ok := req.BasicAuth() diff --git a/src/server/middleware/security/auth_proxy_test.go b/src/server/middleware/security/auth_proxy_test.go index f364a5ba2d..32b4ed0684 100644 --- a/src/server/middleware/security/auth_proxy_test.go +++ b/src/server/middleware/security/auth_proxy_test.go @@ -60,7 +60,7 @@ func TestAuthProxy(t *testing.T) { }) // No onboard - req, err := http.NewRequest(http.MethodGet, "http://127.0.0.1/service/token", nil) + req, err := http.NewRequest(http.MethodGet, "http://127.0.0.1/v2", nil) require.Nil(t, err) req = req.WithContext(lib.WithAuthMode(req.Context(), common.HTTPAuth)) req.SetBasicAuth("tokenreview$administrator@vsphere.local", "reviEwt0k3n")