-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add the existing moby implementation #6
Add the existing moby implementation #6
Conversation
## API Workflow | ||
|
||
- Ping the v2 endpoint (`GET /v2/`), if 401 (unauthorized status), save values from the `WWW-Authenticate` header | ||
- Manually set scope to `repository:${repo}:${action}` with action = `pull`, `push`, or `pull,push` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what about 'push,pull'?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's worth double checking that last one. I know that it will make separate scopes instead of a single one with two actions if they are added separately. So the multiple action values may only be theoretical.
- `refresh_token`: set if available | ||
- `username`, `password`, `access_type=offline`: for password auth | ||
- Request is set to the `realm` url | ||
- Response is parsed for `access_token`, `refresh_token`, `expires_in`, `issued_at`, and `scope` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is only JWT supported?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't believe JWT is explicitly supported. It's not parsing the content of the access token itself, so it may be JWT or any other opaque value.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
91ba6bb
to
cd660dc
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
This adds a description of the existing moby/docker implementation supported by most registries today.