mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-25 10:07:43 +01:00
08f9ffa000
Docker CLI fails if it's not logged in upon seeing "basic" realm challenging while pinging the "/v2" endpoint. (#11266) Some CLI will send HEAD to artifact endpoint before pushing (#11188)(#11271) To fix such problems, this commit re-introduce the token auth flow to the CLIs. For a HEAD request to "/v2/xxx" with no "Authoirzation" header, the v2_auth middleware populates the "Www-Authenticate" header to redirect it to token endpoint with proper requested scope. It also adds security context to based on the content of the JWT which has the claims of the registry. So a request from CLI carrying a token signed by the "/service/token" will have proper permissions. Signed-off-by: Daniel Jiang <jiangd@vmware.com> |
||
---|---|---|
.. | ||
error | ||
middleware | ||
registry | ||
router | ||
v2.0 | ||
route.go | ||
server.go |