Merge pull request #24 from stevvooe/breakup-common
Breakup common package
This commit is contained in:
commit
fdea60af05
@ -4,7 +4,6 @@ import (
|
||||
"net/http"
|
||||
"regexp"
|
||||
|
||||
"github.com/docker/distribution/common"
|
||||
"github.com/docker/distribution/digest"
|
||||
)
|
||||
|
||||
@ -12,7 +11,7 @@ var (
|
||||
nameParameterDescriptor = ParameterDescriptor{
|
||||
Name: "name",
|
||||
Type: "string",
|
||||
Format: common.RepositoryNameRegexp.String(),
|
||||
Format: RepositoryNameRegexp.String(),
|
||||
Required: true,
|
||||
Description: `Name of the target repository.`,
|
||||
}
|
||||
@ -20,7 +19,7 @@ var (
|
||||
tagParameterDescriptor = ParameterDescriptor{
|
||||
Name: "tag",
|
||||
Type: "string",
|
||||
Format: common.TagNameRegexp.String(),
|
||||
Format: TagNameRegexp.String(),
|
||||
Required: true,
|
||||
Description: `Tag of the target manifiest.`,
|
||||
}
|
||||
@ -377,7 +376,7 @@ var routeDescriptors = []RouteDescriptor{
|
||||
},
|
||||
{
|
||||
Name: RouteNameTags,
|
||||
Path: "/v2/{name:" + common.RepositoryNameRegexp.String() + "}/tags/list",
|
||||
Path: "/v2/{name:" + RepositoryNameRegexp.String() + "}/tags/list",
|
||||
Entity: "Tags",
|
||||
Description: "Retrieve information about tags.",
|
||||
Methods: []MethodDescriptor{
|
||||
@ -448,7 +447,7 @@ var routeDescriptors = []RouteDescriptor{
|
||||
},
|
||||
{
|
||||
Name: RouteNameManifest,
|
||||
Path: "/v2/{name:" + common.RepositoryNameRegexp.String() + "}/manifests/{tag:" + common.TagNameRegexp.String() + "}",
|
||||
Path: "/v2/{name:" + RepositoryNameRegexp.String() + "}/manifests/{tag:" + TagNameRegexp.String() + "}",
|
||||
Entity: "Manifest",
|
||||
Description: "Create, update and retrieve manifests.",
|
||||
Methods: []MethodDescriptor{
|
||||
@ -693,7 +692,7 @@ var routeDescriptors = []RouteDescriptor{
|
||||
|
||||
{
|
||||
Name: RouteNameBlob,
|
||||
Path: "/v2/{name:" + common.RepositoryNameRegexp.String() + "}/blobs/{digest:" + digest.DigestRegexp.String() + "}",
|
||||
Path: "/v2/{name:" + RepositoryNameRegexp.String() + "}/blobs/{digest:" + digest.DigestRegexp.String() + "}",
|
||||
Entity: "Blob",
|
||||
Description: "Fetch the blob identified by `name` and `digest`. Used to fetch layers by tarsum digest.",
|
||||
Methods: []MethodDescriptor{
|
||||
@ -852,7 +851,7 @@ var routeDescriptors = []RouteDescriptor{
|
||||
|
||||
{
|
||||
Name: RouteNameBlobUpload,
|
||||
Path: "/v2/{name:" + common.RepositoryNameRegexp.String() + "}/blobs/uploads/",
|
||||
Path: "/v2/{name:" + RepositoryNameRegexp.String() + "}/blobs/uploads/",
|
||||
Entity: "Intiate Blob Upload",
|
||||
Description: "Initiate a blob upload. This endpoint can be used to create resumable uploads or monolithic uploads.",
|
||||
Methods: []MethodDescriptor{
|
||||
@ -964,7 +963,7 @@ var routeDescriptors = []RouteDescriptor{
|
||||
|
||||
{
|
||||
Name: RouteNameBlobUploadChunk,
|
||||
Path: "/v2/{name:" + common.RepositoryNameRegexp.String() + "}/blobs/uploads/{uuid}",
|
||||
Path: "/v2/{name:" + RepositoryNameRegexp.String() + "}/blobs/uploads/{uuid}",
|
||||
Entity: "Blob Upload",
|
||||
Description: "Interact with blob uploads. Clients should never assemble URLs for this endpoint and should only take it through the `Location` header on related API requests. The `Location` header and its parameters should be preserved by clients, using the latest value returned via upload related API calls.",
|
||||
Methods: []MethodDescriptor{
|
||||
|
@ -1,4 +1,4 @@
|
||||
package common
|
||||
package v2
|
||||
|
||||
import (
|
||||
"fmt"
|
@ -1,4 +1,4 @@
|
||||
package common
|
||||
package v2
|
||||
|
||||
import (
|
||||
"testing"
|
@ -14,11 +14,11 @@ import (
|
||||
"testing"
|
||||
|
||||
"github.com/docker/distribution/api/v2"
|
||||
"github.com/docker/distribution/common/testutil"
|
||||
"github.com/docker/distribution/configuration"
|
||||
"github.com/docker/distribution/digest"
|
||||
"github.com/docker/distribution/manifest"
|
||||
_ "github.com/docker/distribution/storagedriver/inmemory"
|
||||
"github.com/docker/distribution/testutil"
|
||||
"github.com/docker/libtrust"
|
||||
"github.com/gorilla/handlers"
|
||||
)
|
||||
|
@ -14,7 +14,6 @@ import (
|
||||
"github.com/docker/libtrust"
|
||||
|
||||
"github.com/docker/distribution/auth"
|
||||
"github.com/docker/distribution/common"
|
||||
)
|
||||
|
||||
// accessSet maps a typed, named resource to
|
||||
@ -38,7 +37,7 @@ func newAccessSet(accessItems ...auth.Access) accessSet {
|
||||
accessSet[resource] = set
|
||||
}
|
||||
|
||||
set.Add(access.Action)
|
||||
set.add(access.Action)
|
||||
}
|
||||
|
||||
return accessSet
|
||||
@ -48,7 +47,7 @@ func newAccessSet(accessItems ...auth.Access) accessSet {
|
||||
func (s accessSet) contains(access auth.Access) bool {
|
||||
actionSet, ok := s[access.Resource]
|
||||
if ok {
|
||||
return actionSet.Contains(access.Action)
|
||||
return actionSet.contains(access.Action)
|
||||
}
|
||||
|
||||
return false
|
||||
@ -61,7 +60,7 @@ func (s accessSet) scopeParam() string {
|
||||
scopes := make([]string, 0, len(s))
|
||||
|
||||
for resource, actionSet := range s {
|
||||
actions := strings.Join(actionSet.Keys(), ",")
|
||||
actions := strings.Join(actionSet.keys(), ",")
|
||||
scopes = append(scopes, fmt.Sprintf("%s:%s:%s", resource.Type, resource.Name, actions))
|
||||
}
|
||||
|
||||
@ -241,8 +240,8 @@ func (ac *accessController) Authorized(req *http.Request, accessItems ...auth.Ac
|
||||
}
|
||||
|
||||
verifyOpts := VerifyOptions{
|
||||
TrustedIssuers: common.NewStringSet(ac.issuer),
|
||||
AcceptedAudiences: common.NewStringSet(ac.service),
|
||||
TrustedIssuers: []string{ac.issuer},
|
||||
AcceptedAudiences: []string{ac.service},
|
||||
Roots: ac.rootCerts,
|
||||
TrustedKeys: ac.trustedKeys,
|
||||
}
|
||||
|
@ -1,30 +1,30 @@
|
||||
package common
|
||||
package token
|
||||
|
||||
// StringSet is a useful type for looking up strings.
|
||||
type StringSet map[string]struct{}
|
||||
type stringSet map[string]struct{}
|
||||
|
||||
// NewStringSet creates a new StringSet with the given strings.
|
||||
func NewStringSet(keys ...string) StringSet {
|
||||
ss := make(StringSet, len(keys))
|
||||
ss.Add(keys...)
|
||||
func newStringSet(keys ...string) stringSet {
|
||||
ss := make(stringSet, len(keys))
|
||||
ss.add(keys...)
|
||||
return ss
|
||||
}
|
||||
|
||||
// Add inserts the given keys into this StringSet.
|
||||
func (ss StringSet) Add(keys ...string) {
|
||||
func (ss stringSet) add(keys ...string) {
|
||||
for _, key := range keys {
|
||||
ss[key] = struct{}{}
|
||||
}
|
||||
}
|
||||
|
||||
// Contains returns whether the given key is in this StringSet.
|
||||
func (ss StringSet) Contains(key string) bool {
|
||||
func (ss stringSet) contains(key string) bool {
|
||||
_, ok := ss[key]
|
||||
return ok
|
||||
}
|
||||
|
||||
// Keys returns a slice of all keys in this StringSet.
|
||||
func (ss StringSet) Keys() []string {
|
||||
func (ss stringSet) keys() []string {
|
||||
keys := make([]string, 0, len(ss))
|
||||
|
||||
for key := range ss {
|
@ -14,7 +14,6 @@ import (
|
||||
"github.com/docker/libtrust"
|
||||
|
||||
"github.com/docker/distribution/auth"
|
||||
"github.com/docker/distribution/common"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -71,8 +70,8 @@ type Token struct {
|
||||
// VerifyOptions is used to specify
|
||||
// options when verifying a JSON Web Token.
|
||||
type VerifyOptions struct {
|
||||
TrustedIssuers common.StringSet
|
||||
AcceptedAudiences common.StringSet
|
||||
TrustedIssuers []string
|
||||
AcceptedAudiences []string
|
||||
Roots *x509.CertPool
|
||||
TrustedKeys map[string]libtrust.PublicKey
|
||||
}
|
||||
@ -132,13 +131,13 @@ func NewToken(rawToken string) (*Token, error) {
|
||||
// Returns a nil error if the token is valid.
|
||||
func (t *Token) Verify(verifyOpts VerifyOptions) error {
|
||||
// Verify that the Issuer claim is a trusted authority.
|
||||
if !verifyOpts.TrustedIssuers.Contains(t.Claims.Issuer) {
|
||||
if !contains(verifyOpts.TrustedIssuers, t.Claims.Issuer) {
|
||||
log.Errorf("token from untrusted issuer: %q", t.Claims.Issuer)
|
||||
return ErrInvalidToken
|
||||
}
|
||||
|
||||
// Verify that the Audience claim is allowed.
|
||||
if !verifyOpts.AcceptedAudiences.Contains(t.Claims.Audience) {
|
||||
if !contains(verifyOpts.AcceptedAudiences, t.Claims.Audience) {
|
||||
log.Errorf("token intended for another audience: %q", t.Claims.Audience)
|
||||
return ErrInvalidToken
|
||||
}
|
||||
@ -332,7 +331,7 @@ func (t *Token) accessSet() accessSet {
|
||||
}
|
||||
|
||||
for _, action := range resourceActions.Actions {
|
||||
set.Add(action)
|
||||
set.add(action)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -15,10 +15,8 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/docker/libtrust"
|
||||
|
||||
"github.com/docker/distribution/auth"
|
||||
"github.com/docker/distribution/common"
|
||||
"github.com/docker/libtrust"
|
||||
)
|
||||
|
||||
func makeRootKeys(numKeys int) ([]libtrust.PrivateKey, error) {
|
||||
@ -196,8 +194,8 @@ func TestTokenVerify(t *testing.T) {
|
||||
}
|
||||
|
||||
verifyOps := VerifyOptions{
|
||||
TrustedIssuers: common.NewStringSet(issuer),
|
||||
AcceptedAudiences: common.NewStringSet(audience),
|
||||
TrustedIssuers: []string{issuer},
|
||||
AcceptedAudiences: []string{audience},
|
||||
Roots: rootPool,
|
||||
TrustedKeys: trustedKeys,
|
||||
}
|
||||
|
@ -4,8 +4,6 @@ import (
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/distribution/common"
|
||||
)
|
||||
|
||||
// joseBase64UrlEncode encodes the given data using the standard base64 url
|
||||
@ -35,15 +33,26 @@ func joseBase64UrlDecode(s string) ([]byte, error) {
|
||||
|
||||
// actionSet is a special type of stringSet.
|
||||
type actionSet struct {
|
||||
common.StringSet
|
||||
stringSet
|
||||
}
|
||||
|
||||
func newActionSet(actions ...string) actionSet {
|
||||
return actionSet{common.NewStringSet(actions...)}
|
||||
return actionSet{newStringSet(actions...)}
|
||||
}
|
||||
|
||||
// Contains calls StringSet.Contains() for
|
||||
// either "*" or the given action string.
|
||||
func (s actionSet) Contains(action string) bool {
|
||||
return s.StringSet.Contains("*") || s.StringSet.Contains(action)
|
||||
func (s actionSet) contains(action string) bool {
|
||||
return s.stringSet.contains("*") || s.stringSet.contains(action)
|
||||
}
|
||||
|
||||
// contains returns true if q is found in ss.
|
||||
func contains(ss []string, q string) bool {
|
||||
for _, s := range ss {
|
||||
if s == q {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
@ -9,9 +9,9 @@ import (
|
||||
"sync"
|
||||
"testing"
|
||||
|
||||
"github.com/docker/distribution/common/testutil"
|
||||
"github.com/docker/distribution/digest"
|
||||
"github.com/docker/distribution/manifest"
|
||||
"github.com/docker/distribution/testutil"
|
||||
)
|
||||
|
||||
type testBlob struct {
|
||||
|
@ -10,7 +10,6 @@ import (
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/distribution/common"
|
||||
"github.com/docker/docker/pkg/tarsum"
|
||||
)
|
||||
|
||||
@ -105,7 +104,7 @@ func FromBytes(p []byte) (Digest, error) {
|
||||
func (d Digest) Validate() error {
|
||||
s := string(d)
|
||||
// Common case will be tarsum
|
||||
_, err := common.ParseTarSum(s)
|
||||
_, err := ParseTarSum(s)
|
||||
if err == nil {
|
||||
return nil
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
package common
|
||||
package digest
|
||||
|
||||
import (
|
||||
"fmt"
|
@ -1,4 +1,4 @@
|
||||
package common
|
||||
package digest
|
||||
|
||||
import (
|
||||
"reflect"
|
@ -7,7 +7,7 @@ import (
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/docker/distribution/common/testutil"
|
||||
"github.com/docker/distribution/testutil"
|
||||
)
|
||||
|
||||
func TestDigestVerifier(t *testing.T) {
|
||||
|
@ -9,10 +9,10 @@ import (
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/docker/distribution/common/testutil"
|
||||
"github.com/docker/distribution/digest"
|
||||
"github.com/docker/distribution/storagedriver"
|
||||
"github.com/docker/distribution/storagedriver/inmemory"
|
||||
"github.com/docker/distribution/testutil"
|
||||
)
|
||||
|
||||
// TestSimpleLayerUpload covers the layer upload process, exercising common
|
||||
|
@ -5,7 +5,6 @@ import (
|
||||
"path"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/distribution/common"
|
||||
"github.com/docker/distribution/digest"
|
||||
)
|
||||
|
||||
@ -189,7 +188,7 @@ func digestPathComoponents(dgst digest.Digest) ([]string, error) {
|
||||
hex,
|
||||
}
|
||||
|
||||
if tsi, err := common.ParseTarSum(dgst.String()); err == nil {
|
||||
if tsi, err := digest.ParseTarSum(dgst.String()); err == nil {
|
||||
// We have a tarsum!
|
||||
version := tsi.Version
|
||||
if version == "" {
|
||||
|
Loading…
Reference in New Issue
Block a user