github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 20:38:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

compat: when in "world-readable" mode, return the WWW-Authenticate

Browse Source 
header

containers/image is the dominant client library to interact with
registries.

It detects which authentication to use based on the WWW-Authenticate
header returned when pinging "/v2/" end-point. If we didn't return this
header, then creds are not used for other write-protected end-points.
Hence, the compatibility fix.
This commit is contained in:
Ramkumar Chinchani
2020-05-19 13:17:15 -07:00
parent b2338b4819
commit 026b009dbb
2 changed files with 192 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/api/routes.go
+12
View File
@@ -120,6 +120,18 @@ func (rh *RouteHandler) SetupRoutes() {
// @Success 200 {string} string "ok"
func (rh *RouteHandler) CheckVersionSupport(w http.ResponseWriter, r *http.Request) {
w.Header().Set(DistAPIVersion, "registry/2.0")
// NOTE: compatibility workaround - return this header in "allowed-read" mode to allow for clients to
// work correctly
if rh.c.Config.HTTP.AllowReadAccess {
if rh.c.Config.HTTP.Auth != nil {
if rh.c.Config.HTTP.Auth.Bearer != nil {
w.Header().Set("WWW-Authenticate", fmt.Sprintf("bearer realm=%s", rh.c.Config.HTTP.Auth.Bearer.Realm))
} else {
w.Header().Set("WWW-Authenticate", fmt.Sprintf("basic realm=%s", rh.c.Config.HTTP.Realm))
}
}
}
WriteData(w, http.StatusOK, "application/json", []byte{})
}