| 124 | } |
| 125 | |
| 126 | func applyPluginStoreAuth(headers http.Header, auth []AuthConfig, requestURL string, kind string) error { |
| 127 | item, ok := matchingAuthConfig(auth, requestURL, kind) |
| 128 | if !ok { |
| 129 | return nil |
| 130 | } |
| 131 | switch strings.ToLower(strings.TrimSpace(item.Type)) { |
| 132 | case "", AuthTypeNone: |
| 133 | return nil |
| 134 | case AuthTypeBearer: |
| 135 | token, errToken := envValueRequired(item.TokenEnv, "token-env") |
| 136 | if errToken != nil { |
| 137 | return errToken |
| 138 | } |
| 139 | headers.Set("Authorization", "Bearer "+token) |
| 140 | case AuthTypeBasic: |
| 141 | username, errUsername := envValueRequired(item.UsernameEnv, "username-env") |
| 142 | if errUsername != nil { |
| 143 | return errUsername |
| 144 | } |
| 145 | password, errPassword := envValueRequired(item.PasswordEnv, "password-env") |
| 146 | if errPassword != nil { |
| 147 | return errPassword |
| 148 | } |
| 149 | encoded := base64.StdEncoding.EncodeToString([]byte(username + ":" + password)) |
| 150 | headers.Set("Authorization", "Basic "+encoded) |
| 151 | case AuthTypeHeader: |
| 152 | if strings.TrimSpace(item.HeaderName) == "" { |
| 153 | return fmt.Errorf("plugin store auth missing header-name") |
| 154 | } |
| 155 | value, errValue := envValueRequired(item.HeaderValueEnv, "header-value-env") |
| 156 | if errValue != nil { |
| 157 | return errValue |
| 158 | } |
| 159 | headers.Set(item.HeaderName, value) |
| 160 | case AuthTypeGitHubToken: |
| 161 | token, errToken := envValueRequired(item.TokenEnv, "token-env") |
| 162 | if errToken != nil { |
| 163 | return errToken |
| 164 | } |
| 165 | headers.Set("Authorization", "Bearer "+token) |
| 166 | default: |
| 167 | return fmt.Errorf("unsupported plugin store auth type %q", item.Type) |
| 168 | } |
| 169 | return nil |
| 170 | } |
| 171 | |
| 172 | func validatePluginStoreRequestURL(auth []AuthConfig, requestURL string, kind string) error { |
| 173 | parsed, errParse := url.Parse(strings.TrimSpace(requestURL)) |