Documentation
¶
Index ¶
- Constants
- type AccessTokenResponse
- type CryptoProvider
- type DNSProvider
- type DeviceCodeResponse
- type GitHubATProvider
- type GitHubOIDCProvider
- type HTTPProvider
- type NoneProvider
- type Provider
- func NewDNSProvider(registryURL, domain, hexSeed string) Provider
- func NewGitHubATProvider(forceLogin bool, registryURL string) Provider
- func NewGitHubOIDCProvider(registryURL string) Provider
- func NewHTTPProvider(registryURL, domain, hexSeed string) Provider
- func NewNoneProvider(registryURL string) Provider
- type RegistryTokenResponse
- type ServerHealthResponse
- type StoredRegistryToken
- type TokenResponse
Constants ¶
const ( // GitHub OAuth URLs GitHubDeviceCodeURL = "https://github.com/login/device/code" // #nosec:G101 GitHubAccessTokenURL = "https://github.com/login/oauth/access_token" // #nosec:G101 )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessTokenResponse ¶
type AccessTokenResponse struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
Scope string `json:"scope"`
Error string `json:"error,omitempty"`
}
AccessTokenResponse represents the response from GitHub's access token endpoint
type CryptoProvider ¶
type CryptoProvider struct {
// contains filtered or unexported fields
}
CryptoProvider provides common functionality for DNS and HTTP authentication
func (*CryptoProvider) GetToken ¶
func (c *CryptoProvider) GetToken(ctx context.Context) (string, error)
GetToken retrieves the registry JWT token using cryptographic authentication
func (*CryptoProvider) Login ¶
func (c *CryptoProvider) Login(_ context.Context) error
Login is not needed for cryptographic auth since authentication is cryptographic
func (*CryptoProvider) NeedsLogin ¶
func (c *CryptoProvider) NeedsLogin() bool
NeedsLogin always returns false for cryptographic auth since no interactive login is needed
type DNSProvider ¶
type DNSProvider struct {
*CryptoProvider
}
func (*DNSProvider) Name ¶
func (d *DNSProvider) Name() string
Name returns the name of this auth provider
type DeviceCodeResponse ¶
type DeviceCodeResponse struct {
DeviceCode string `json:"device_code"`
UserCode string `json:"user_code"`
VerificationURI string `json:"verification_uri"`
ExpiresIn int `json:"expires_in"`
Interval int `json:"interval"`
}
DeviceCodeResponse represents the response from GitHub's device code endpoint
type GitHubATProvider ¶
type GitHubATProvider struct {
// contains filtered or unexported fields
}
GitHubATProvider implements the Provider interface using GitHub's device flow
func (*GitHubATProvider) GetToken ¶
func (g *GitHubATProvider) GetToken(ctx context.Context) (string, error)
GetToken retrieves the registry JWT token (exchanges GitHub token if needed)
func (*GitHubATProvider) Login ¶
func (g *GitHubATProvider) Login(ctx context.Context) error
Login performs the GitHub device flow authentication
func (*GitHubATProvider) Name ¶
func (g *GitHubATProvider) Name() string
Name returns the name of this auth provider
func (*GitHubATProvider) NeedsLogin ¶
func (g *GitHubATProvider) NeedsLogin() bool
NeedsLogin checks if a new login is required
type GitHubOIDCProvider ¶
type GitHubOIDCProvider struct {
// contains filtered or unexported fields
}
func (*GitHubOIDCProvider) GetToken ¶
func (o *GitHubOIDCProvider) GetToken(ctx context.Context) (string, error)
GetToken retrieves the registry JWT token using GitHub Actions OIDC token
func (*GitHubOIDCProvider) Login ¶
func (o *GitHubOIDCProvider) Login(_ context.Context) error
Login is not needed for OIDC since tokens are provided by GitHub Actions
func (*GitHubOIDCProvider) Name ¶
func (o *GitHubOIDCProvider) Name() string
Name returns the name of this auth provider
func (*GitHubOIDCProvider) NeedsLogin ¶
func (o *GitHubOIDCProvider) NeedsLogin() bool
NeedsLogin always returns false for OIDC since the token is provided by GitHub Actions
type HTTPProvider ¶
type HTTPProvider struct {
*CryptoProvider
}
func (*HTTPProvider) Name ¶
func (h *HTTPProvider) Name() string
Name returns the name of this auth provider
type NoneProvider ¶
type NoneProvider struct {
// contains filtered or unexported fields
}
func (*NoneProvider) GetToken ¶
func (p *NoneProvider) GetToken(ctx context.Context) (string, error)
func (*NoneProvider) Name ¶
func (p *NoneProvider) Name() string
func (*NoneProvider) NeedsLogin ¶
func (p *NoneProvider) NeedsLogin() bool
type Provider ¶
type Provider interface {
// GetToken retrieves or generates an authentication token
// It returns the token string and any error encountered
GetToken(ctx context.Context) (string, error)
// NeedsLogin checks if a new login is required
// This can check for existing tokens, expiry, etc.
NeedsLogin() bool
// Login performs the authentication flow
// This might involve user interaction, device flows, etc.
Login(ctx context.Context) error
// Name returns the name of the authentication provider
Name() string
}
Provider defines the interface for authentication mechanisms
func NewDNSProvider ¶
NewDNSProvider creates a new DNS-based auth provider
func NewGitHubATProvider ¶
NewGitHubATProvider creates a new GitHub OAuth provider
func NewGitHubOIDCProvider ¶
NewGitHubOIDCProvider creates a new GitHub OIDC provider
func NewHTTPProvider ¶
NewHTTPProvider creates a new HTTP-based auth provider
func NewNoneProvider ¶
type RegistryTokenResponse ¶
type RegistryTokenResponse struct {
RegistryToken string `json:"registry_token"`
ExpiresAt int64 `json:"expires_at"`
}
RegistryTokenResponse represents the response from registry's token exchange endpoint
type ServerHealthResponse ¶
type ServerHealthResponse struct {
Status string `json:"status"`
GitHubClientID string `json:"github_client_id"`
}
ServerHealthResponse represents the response from the health endpoint
type StoredRegistryToken ¶
StoredRegistryToken represents the registry token with expiration stored locally
Source Files