Add token pass-thru for AuthConfig

This change allows API clients to retrieve an authentication token from a registry, and then pass that token directly to the API. Example usage: REPO_USER=dhiltgen read -s PASSWORD REPO=privateorg/repo AUTH_URL=https://auth.docker.io/token TOKEN=$(curl -s -u "${REPO_USER}:${PASSWORD}" "${AUTH_URL}?scope=repository:${REPO}:pull&service=registry.docker.io" | jq -r ".token") HEADER=$(echo "{\"registrytoken\":\"${TOKEN}\"}"|base64 -w 0 ) curl -s -D - -H "X-Registry-Auth: ${HEADER}" -X POST "http://localhost:2376/images/create?fromImage=${REPO}" Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com> Upstream-commit: 8dce8e9901501863a80caf47d71713d4d36925a3 Component: engine
2015-11-03 21:03:12 -08:00
parent fb9a8a9552
commit a263d7120f
5 changed files with 156 additions and 7 deletions
--- a/components/engine/docs/reference/api/docker_remote_api.md
+++ b/components/engine/docs/reference/api/docker_remote_api.md
@ -101,6 +101,7 @@ This section lists each version from latest to oldest.  Each listing includes a
 * `GET /networks/(name)` now returns a `Name` field for each container attached to the network.
 * `GET /version` now returns the `BuildTime` field in RFC3339Nano format to make it 
  consistent with other date/time values returned by the API.
+* `AuthConfig` now supports a `registrytoken` for token based authentication

 ### v1.21 API changes

--- a/components/engine/docs/reference/api/docker_remote_api_v1.22.md
+++ b/components/engine/docs/reference/api/docker_remote_api_v1.22.md
@ -1532,7 +1532,24 @@ Query Parameters:

    Request Headers:

-   **X-Registry-Auth** – base64-encoded AuthConfig object
+-   **X-Registry-Auth** – base64-encoded AuthConfig object, containing either login information, or a token
+    - Credential based login:
+
+        ```
+    {
+            "username": "jdoe",
+            "password": "secret",
+            "email": "jdoe@acme.com",
+    }
+        ```
+
+    - Token based login:
+
+        ```
+    {
+            "registrytoken": "9cbaf023786cd7..."
+    }
+        ```

 Status Codes:

@ -1741,8 +1758,24 @@ Query Parameters:

 Request Headers:

-   **X-Registry-Auth** – Include a base64-encoded AuthConfig.
-        object.
+-   **X-Registry-Auth** – base64-encoded AuthConfig object, containing either login information, or a token
+    - Credential based login:
+
+        ```
+    {
+            "username": "jdoe",
+            "password": "secret",
+            "email": "jdoe@acme.com",
+    }
+        ```
+
+    - Token based login:
+
+        ```
+    {
+            "registrytoken": "9cbaf023786cd7..."
+    }
+        ```

 Status Codes: