Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: fix WWW-Authenticate header parsing for Basic authentication #4035

Merged
merged 2 commits into from Jun 8, 2023
Merged

fix: fix WWW-Authenticate header parsing for Basic authentication #4035

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
017a050
fix: fix WWW-Authenticate header parsing for Basic
chanseokoh May 30, 2023
dd883d9
Fix compilation error
chanseokoh May 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 2 additions & 2 deletions jib-core/src/main/java/com/google/cloud/tools/jib/registry/RegistryAuthenticator.java
View file
Open in desktop
Expand Up @@ -72,9 +72,9 @@ static Optional<RegistryAuthenticator> fromAuthenticationMethod(
@Nullable String userAgent,
FailoverHttpClient httpClient)
throws RegistryAuthenticationFailedException {
// If the authentication method starts with 'basic ' (case insensitive), no registry
// If the authentication method starts with 'basic' (case insensitive), no registry
// authentication is needed.
if (authenticationMethod.matches("^(?i)(basic) .*")) {
if (authenticationMethod.matches("^(?i)(basic).*")) {
return Optional.empty();
}

Expand Down
50 changes: 30 additions & 20 deletions jib-core/src/test/java/com/google/cloud/tools/jib/registry/RegistryAuthenticatorTest.java
View file
Open in desktop
Expand Up @@ -16,6 +16,9 @@

package com.google.cloud.tools.jib.registry;

import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth8.assertThat;

import com.google.cloud.tools.jib.api.Credential;
import com.google.cloud.tools.jib.api.RegistryAuthenticationFailedException;
import com.google.cloud.tools.jib.http.FailoverHttpClient;
Expand Down Expand Up @@ -83,10 +86,11 @@ public void testFromAuthenticationMethod_bearer()
"user-agent",
httpClient)
.get();
Assert.assertEquals(
new URL("https://somerealm?service=someservice&scope=repository:someimage:scope"),
registryAuthenticator.getAuthenticationUrl(
null, Collections.singletonMap("someimage", "scope")));
assertThat(
registryAuthenticator.getAuthenticationUrl(
null, Collections.singletonMap("someimage", "scope")))
.isEqualTo(
new URL("https://somerealm?service=someservice&scope=repository:someimage:scope"));

registryAuthenticator =
RegistryAuthenticator.fromAuthenticationMethod(
Expand All @@ -95,10 +99,11 @@ public void testFromAuthenticationMethod_bearer()
"user-agent",
httpClient)
.get();
Assert.assertEquals(
new URL("https://somerealm?service=someservice&scope=repository:someimage:scope"),
registryAuthenticator.getAuthenticationUrl(
null, Collections.singletonMap("someimage", "scope")));
assertThat(
registryAuthenticator.getAuthenticationUrl(
null, Collections.singletonMap("someimage", "scope")))
.isEqualTo(
new URL("https://somerealm?service=someservice&scope=repository:someimage:scope"));
}

@Test
Expand Down Expand Up @@ -155,29 +160,34 @@ public void istAuthenticationUrl_oauth2() throws MalformedURLException {

@Test
public void testFromAuthenticationMethod_basic() throws RegistryAuthenticationFailedException {
Assert.assertFalse(
RegistryAuthenticator.fromAuthenticationMethod(
assertThat(
RegistryAuthenticator.fromAuthenticationMethod(
"Basic", registryEndpointRequestProperties, "user-agent", httpClient))
.isEmpty();

assertThat(
RegistryAuthenticator.fromAuthenticationMethod(
"Basic realm=\"https://somerealm\",service=\"someservice\",scope=\"somescope\"",
registryEndpointRequestProperties,
"user-agent",
httpClient)
.isPresent());
httpClient))
.isEmpty();

Assert.assertFalse(
RegistryAuthenticator.fromAuthenticationMethod(
assertThat(
RegistryAuthenticator.fromAuthenticationMethod(
"BASIC realm=\"https://somerealm\",service=\"someservice\",scope=\"somescope\"",
registryEndpointRequestProperties,
"user-agent",
httpClient)
.isPresent());
httpClient))
.isEmpty();

Assert.assertFalse(
RegistryAuthenticator.fromAuthenticationMethod(
assertThat(
RegistryAuthenticator.fromAuthenticationMethod(
"bASIC realm=\"https://somerealm\",service=\"someservice\",scope=\"somescope\"",
registryEndpointRequestProperties,
"user-agent",
httpClient)
.isPresent());
httpClient))
.isEmpty();
}

@Test
Expand Down