o 2.a3@sddlZddlZddlZddlmZddlmZddlmZdZdedZ d Z e e Z d d Zd d ZddZddZddZGdddeZd%ddZddZddZddZd&dd Zd'd!d"Zd#d$ZdS)(N) credentials)errors)configz docker.iozhttps://index.z/v1/zcCsZd|vr td|dt|\}}|ddks|ddkr'td|t||fS)Nz://z)Repository name cannot contain a scheme ()r-z;Invalid index name ({}). Cannot begin or end with a hyphen.)rZInvalidRepositorysplit_repo_nameformatresolve_index_name) repo_name index_nameZ remote_namer-/usr/lib/python3/dist-packages/docker/auth.pyresolve_repository_names   rcCst|}|dtkr t}|S)Nzindex.)convert_to_hostname INDEX_NAME)r rrrr s r cCsftd|jr |jjrtdt|jd|_t|j||jd}|r,tdt|StddS)NzLooking for auth configz2No auth config in memory - loading from filesystem) credstore_envzFound auth configzNo auth config found)logdebugZ _auth_configsis_empty load_configrresolve_authconfig encode_header)ZclientregistryZauthcfgrrrget_config_header&s    rcCsL|dd}t|dksd|dvr"d|dvr"|ddkr"t|fSt|S)N/r.r:Z localhost)splitlenrtuple)r partsrrrr <s     r cCst|ts t|}||SN) isinstance AuthConfigget_credential_store) authconfigrrrrr&Fs  r&c@seZdZdddZedddZedddZed d Zed d Z ed dZ eddZ dddZ ddZ ddZddZddZddZdS)r%NcCs*d|vri|d<||||_i|_dSNauths)update_credstore_env_stores)selfZdctrrrr__init__Ms   zAuthConfig.__init__FcCsi}|D]f\}}t|ts%td||r!td|iSd|vr:td|d|di||<qd|vrKtd|i||<qt|d\}}tdt |t |||| d |d ||<q|S) a  Parses authentication entries Args: entries: Dict of authentication entries. raise_on_error: If set to true, an invalid format will raise InvalidConfigFile Returns: Authentication registry. z*Config entry for key {} is not auth configz%Invalid configuration for registry {}Z identitytokenz,Found an IdentityToken entry for registry {} IdentityTokenauthzNAuth data for {} is absent. Client might be using a credentials store instead.z&Found entry (registry={}, username={})emailusernamepasswordr1Z serveraddress) itemsr$dictrrr rInvalidConfigFile decode_authreprget)clsentriesraise_on_errorconfrentryr3r4rrr parse_authTsT   zAuthConfig.parse_authc CsH|sKt|}|s|i|Szt| }t|}Wdn1s#wYWn!tttfyJ}zt ||t ||WYd}~Sd}~wwi}| drft d| d|j |dddi| drzt d| d|di| drt d | d|di|r|||St d |d| |i|S) a8 Loads authentication data from a Docker configuration file in the given root directory or if config_path is passed use given path. Lookup priority: explicit config_path parameter > DOCKER_CONFIG environment variable > ~/.docker/config.json > ~/.dockercfg Nr)zFound 'auths' sectionT)r= credsStorezFound 'credsStore' section credHelperszFound 'credHelpers' sectionzNCouldn't find auth-related section ; attempting to interpret as auth-only file)rZfind_config_fileopenjsonloadOSErrorKeyError ValueErrorrr_load_legacy_configr:r*r@pop)r; config_path config_dictr config_fileferesrrrrsD             zAuthConfig.load_configcC |diSr(r:r-rrrr) zAuthConfig.authscCs |ddS)NrArRrSrrr creds_storerTzAuthConfig.creds_storecCrQ)NrBrRrSrrr cred_helpersrTzAuthConfig.cred_helperscCs|j o |j o |j Sr#)r)rUrVrSrrrrszAuthConfig.is_emptycCs|js|jr)||}|dur)td|d|||}|dur$|Std|r/t|nt}tdt|||j vrOtdt||j |S|j D]\}}t||krltdt||SqTtddS)a+ Returns the authentication data from the given auth configuration for a specific registry. As with the Docker client, legacy entries in the config with full URLs are stripped down to hostnames before checking for a match. Returns None if no match was found. NzUsing credentials store ""z/No entry in credstore - fetching from auth dictLooking for auth entry for zFound No entry found) rUrVr&rr_resolve_authconfig_credstorer rr9r)r5)r-r store_nameZcfgkeyr>rrrrs,         zAuthConfig.resolve_authconfigc Cs|r|tkrt}tdt|||}z'||}d|i}|dtkr0|d|d<|WS||d|dd|WSt j yNtdYdSt j yd}z t dt|d}~ww) NrXZ ServerAddressUsernameZSecretr/)r]ZPasswordrYzCredentials store error: )r INDEX_URLrrr9_get_store_instancer:TOKEN_USERNAMEr*rZCredentialsNotFoundZ StoreErrorrZDockerException)r-rZcredstore_namestoredatarPrOrrrrZs2       z(AuthConfig._resolve_authconfig_credstorecCs*||jvrtj||jd|j|<|j|S)N)Z environment)r,rZStorer+)r-namerrrr_s  zAuthConfig._get_store_instancecCs"|r|tkrt}|j|p|jSr#)rr^rVr:rU)r-rrrrr&!s zAuthConfig.get_credential_storecCs|j}|jr(||j}|D]}|||j||<|||t|<q|j D]\}}|||||<|||t|<q-|Sr#) r)copyrUr_listkeysrZrrVr5)r-Z auth_datarakregr[rrrget_all_credentials's  zAuthConfig.get_all_credentialscCs||d|<dSr(r)r-rhrbrrradd_auth;szAuthConfig.add_authr#F)__name__ __module__ __qualname__r. classmethodr@rpropertyr)rUrVrrrZr_r&rirjrrrrr%Ls(  D /     # r%cCst|ts t||}||Sr#)r$r%r)r'rrrrrr?s   rcCs |dddddddS)Nzhttp://zhttps://rrr)replacer)ZurlrrrrEs rcCsBt|tr |d}t|}|dd\}}|d|dfS)Nascii:rutf8)r$strencodebase64Z b64decoderdecode)r0sZloginpwdrrrr8Is   r8cCst|d}t|S)Nrs)rDdumpsrwrxZurlsafe_b64encode)r0Z auth_jsonrrrrQs rFcCs t||S)a Parses authentication entries Args: entries: Dict of authentication entries. raise_on_error: If set to true, an invalid format will raise InvalidConfigFile Returns: Authentication registry. )r%r@)r<r=rrrr@Vs r@cCst|||Sr#)r%r)rKrLrrrrrfsrc CstdzJg}t|&}|D]}||ddqt|dkr+t dWdn1s5wYt |d\}}dt |||dt diiWSt yf}z t|WYd}~nd}~wwtd iS) Nz+Attempting to parse legacy auth file formatz = rz$Invalid or empty configuration file!rr)r2z4All parsing attempts failed - returning empty config)rrrC readlinesappendstriprr rr7r8rr^ Exception)rMrbrNliner3r4rOrrrrIjs8        rI)NNrk)NNN)rxrDZloggingrqrrZutilsrrr^r`Z getLoggerrlrrr rr r&r6r%rrr8rr@rrIrrrrs0       t