MCPcopy
hub / github.com/containerd/containerd / withBasicAuthServer

Function withBasicAuthServer

core/remotes/docker/resolver_test.go:1007–1036  ·  view source on GitHub ↗
(creds func(string) (string, string, error))

Source from the content-addressed store, hash-verified

1005}
1006
1007func withBasicAuthServer(creds func(string) (string, string, error)) func(h http.Handler) (string, ResolverOptions, func()) {
1008 return func(h http.Handler) (string, ResolverOptions, func()) {
1009 // Wrap with basic auth
1010 wrapped := http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
1011 user, password, ok := r.BasicAuth()
1012 if ok {
1013 if user != "totallyvaliduser" || password != "totallyvalidpassword" {
1014 rw.WriteHeader(http.StatusForbidden)
1015 rw.Write([]byte(`{"errors":[{"code":"DENIED"}]}`))
1016 return
1017 }
1018 } else {
1019 authHeader := "Basic realm=\"testserver\""
1020 rw.Header().Set("WWW-Authenticate", authHeader)
1021 rw.WriteHeader(http.StatusUnauthorized)
1022 return
1023 }
1024 h.ServeHTTP(rw, r)
1025 })
1026
1027 base, options, close := tlsServer(wrapped)
1028 options.Hosts = ConfigureDefaultRegistries(
1029 WithClient(options.Client),
1030 WithAuthorizer(NewDockerAuthorizer(
1031 WithAuthCreds(creds),
1032 )),
1033 )
1034 return base, options, close
1035 }
1036}
1037
1038func tlsServer(h http.Handler) (string, ResolverOptions, func()) {
1039 s := httptest.NewUnstartedServer(h)

Callers 3

TestBasicAuthResolverFunction · 0.85

Calls 10

tlsServerFunction · 0.85
WithClientFunction · 0.85
WithAuthorizerFunction · 0.85
NewDockerAuthorizerFunction · 0.85
WithAuthCredsFunction · 0.85
HeaderMethod · 0.80
WriteMethod · 0.65
SetMethod · 0.65
ServeHTTPMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…