github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-17 04:48:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

Upgraded build pipeline

Browse Source 
Go version changed to 1.14.4
Golangci-lint changed to 1.26.0
Bazel version changed to 3.0.0
Bazel rules_go version changed to 0.23.3
Bazel gazelle version changed to v0.21.0
Bazel build tools version changed to 0.25.1
Bazel skylib version changed to 1.0.2
This commit is contained in:
Shivam Mishra
2020-05-11 15:13:24 -07:00
parent ff4a300057
commit af77876306
22 changed files with 143 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/api/auth.go
+15 -2
View File
@@ -71,12 +71,13 @@ func bearerAuthHandler(c *Controller) mux.MiddlewareFunc {
}
}
// nolint (gocyclo) - we use closure making this a complex subroutine
// nolint:gocyclo // we use closure making this a complex subroutine
func basicAuthHandler(c *Controller) mux.MiddlewareFunc {
realm := c.Config.HTTP.Realm
if realm == "" {
realm = "Authorization Required"
}
realm = "Basic realm=" + strconv.Quote(realm)
// no password based authN, if neither LDAP nor HTTP BASIC is enabled
@@ -97,7 +98,9 @@ func basicAuthHandler(c *Controller) mux.MiddlewareFunc {
}
credMap := make(map[string]string)
delay := c.Config.HTTP.Auth.FailDelay
var ldapClient *LDAPClient
if c.Config.HTTP.Auth != nil {
@@ -117,27 +120,36 @@ func basicAuthHandler(c *Controller) mux.MiddlewareFunc {
Log: c.Log,
SubtreeSearch: l.SubtreeSearch,
}
if c.Config.HTTP.Auth.LDAP.CACert != "" {
caCert, err := ioutil.ReadFile(c.Config.HTTP.Auth.LDAP.CACert)
if err != nil {
panic(err)
}
caCertPool := x509.NewCertPool()
if !caCertPool.AppendCertsFromPEM(caCert) {
panic(errors.ErrBadCACert)
}
ldapClient.ClientCAs = caCertPool
} else {
// default to system cert pool
caCertPool, err := x509.SystemCertPool()
if err != nil {
panic(errors.ErrBadCACert)
}
ldapClient.ClientCAs = caCertPool
}
}
if c.Config.HTTP.Auth.HTPasswd.Path != "" {
f, err := os.Open(c.Config.HTTP.Auth.HTPasswd.Path)
if err != nil {
panic(err)
}
@@ -170,6 +182,7 @@ func basicAuthHandler(c *Controller) mux.MiddlewareFunc {
}
s := strings.SplitN(basicAuth, " ", 2)
if len(s) != 2 || strings.ToLower(s[0]) != "basic" {
authFail(w, realm, delay)
return
@@ -182,6 +195,7 @@ func basicAuthHandler(c *Controller) mux.MiddlewareFunc {
}
pair := strings.SplitN(string(b), ":", 2)
// nolint:gomnd
if len(pair) != 2 {
authFail(w, realm, delay)
return
@@ -211,7 +225,6 @@ func basicAuthHandler(c *Controller) mux.MiddlewareFunc {
}
authFail(w, realm, delay)
return
})
}
}