Add base transport to interface

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2024-10-14 11:35:12 +00:00 · 2015-05-12 12:04:18 -07:00 · 2015-05-12 12:04:18 -07:00 · a15806ed9c
commit a15806ed9c
parent c6b51970cd
2 changed files with 33 additions and 22 deletions
--- a/registry/client/session.go
+++ b/registry/client/session.go
@ -37,16 +37,15 @@ type RepositoryConfig struct {
 	Header     http.Header
 	AuthSource Authorizer
-	//TODO(dmcgowan): Add tls config
+	BaseTransport http.RoundTripper
 }
 // HTTPClient returns a new HTTP client configured for this configuration
 func (rc *RepositoryConfig) HTTPClient() (*http.Client, error) {
 	// TODO(dmcgowan): create base http.Transport with proper TLS configuration
 	transport := &Transport{
 		ExtraHeader: rc.Header,
 		AuthSource:  rc.AuthSource,
 		Base:        rc.BaseTransport,
 	}
 	client := &http.Client{
@ -62,25 +61,27 @@ func (rc *RepositoryConfig) HTTPClient() (*http.Client, error) {
 // requested. Basic authentication may either be done to the token source or
 // directly with the requested endpoint depending on the endpoint's
 // WWW-Authenticate header.
-func NewTokenAuthorizer(creds CredentialStore, header http.Header, scope TokenScope) Authorizer {
+func NewTokenAuthorizer(creds CredentialStore, transport http.RoundTripper, header http.Header, scope TokenScope) Authorizer {
 	return &tokenAuthorizer{
 		header:     header,
 		challenges: map[string]map[string]authorizationChallenge{},
 		handlers: []AuthenticationHandler{
-			NewTokenHandler(creds, scope, header),
+			NewTokenHandler(transport, creds, scope, header),
 			NewBasicHandler(creds),
 		},
 		transport: transport,
 	}
 }
 // NewAuthorizer creates an authorizer which can handle multiple authentication
 // schemes. The handlers are tried in order, the higher priority authentication
 // methods should be first.
-func NewAuthorizer(header http.Header, handlers ...AuthenticationHandler) Authorizer {
+func NewAuthorizer(transport http.RoundTripper, header http.Header, handlers ...AuthenticationHandler) Authorizer {
 	return &tokenAuthorizer{
 		header:     header,
 		challenges: map[string]map[string]authorizationChallenge{},
 		handlers:   handlers,
 		transport:  transport,
 	}
 }
@ -88,11 +89,7 @@ type tokenAuthorizer struct {
 	header     http.Header
 	challenges map[string]map[string]authorizationChallenge
 	handlers   []AuthenticationHandler
-}
+	transport  http.RoundTripper
 func (ta *tokenAuthorizer) client() *http.Client {
 	// TODO(dmcgowan): Use same transport which has properly configured TLS
 	return &http.Client{Transport: &Transport{ExtraHeader: ta.header}}
 }
 func (ta *tokenAuthorizer) ping(endpoint string) (map[string]authorizationChallenge, error) {
@ -101,7 +98,16 @@ func (ta *tokenAuthorizer) ping(endpoint string) (map[string]authorizationChalle
 		return nil, err
 	}
-	resp, err := ta.client().Do(req)
+	client := &http.Client{
 		Transport: &Transport{
 			ExtraHeader: ta.header,
 			Base:        ta.transport,
 		},
 		// Ping should fail fast
 		Timeout: 5 * time.Second,
 	}
 	resp, err := client.Do(req)
 	if err != nil {
 		return nil, err
 	}
@ -171,9 +177,10 @@ func (ta *tokenAuthorizer) Authorize(req *http.Request) error {
 }
 type tokenHandler struct {
-	header http.Header
+	header    http.Header
-	creds  CredentialStore
+	creds     CredentialStore
-	scope  TokenScope
+	scope     TokenScope
 	transport http.RoundTripper
 	tokenLock       sync.Mutex
 	tokenCache      string
@ -190,7 +197,7 @@ type TokenScope struct {
 // NewTokenHandler creates a new AuthenicationHandler which supports
 // fetching tokens from a remote token server.
-func NewTokenHandler(creds CredentialStore, scope TokenScope, header http.Header) AuthenticationHandler {
+func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope TokenScope, header http.Header) AuthenticationHandler {
 	return &tokenHandler{
 		header: header,
 		creds:  creds,
@ -203,8 +210,12 @@ func (ts TokenScope) String() string {
 }
 func (ts *tokenHandler) client() *http.Client {
-	// TODO(dmcgowan): Use same transport which has properly configured TLS
+	return &http.Client{
-	return &http.Client{Transport: &Transport{ExtraHeader: ts.header}}
+		Transport: &Transport{
 			ExtraHeader: ts.header,
 			Base:        ts.transport,
 		},
 	}
 }
 func (ts *tokenHandler) Scheme() string {
--- a/registry/client/session_test.go
+++ b/registry/client/session_test.go
@ -117,7 +117,7 @@ func TestEndpointAuthorizeToken(t *testing.T) {
 	defer c()
 	repo1Config := &RepositoryConfig{
-		AuthSource: NewTokenAuthorizer(nil, nil, tokenScope1),
+		AuthSource: NewTokenAuthorizer(nil, nil, nil, tokenScope1),
 	}
 	client, err := repo1Config.HTTPClient()
@ -142,7 +142,7 @@ func TestEndpointAuthorizeToken(t *testing.T) {
 	defer c2()
 	repo2Config := &RepositoryConfig{
-		AuthSource: NewTokenAuthorizer(nil, nil, tokenScope2),
+		AuthSource: NewTokenAuthorizer(nil, nil, nil, tokenScope2),
 	}
 	client2, err := repo2Config.HTTPClient()
 	if err != nil {
@ -221,7 +221,7 @@ func TestEndpointAuthorizeTokenBasic(t *testing.T) {
 		password: password,
 	}
 	repoConfig := &RepositoryConfig{
-		AuthSource: NewTokenAuthorizer(creds, nil, tokenScope),
+		AuthSource: NewTokenAuthorizer(creds, nil, nil, tokenScope),
 	}
 	client, err := repoConfig.HTTPClient()
@ -266,7 +266,7 @@ func TestEndpointAuthorizeBasic(t *testing.T) {
 		password: password,
 	}
 	repoConfig := &RepositoryConfig{
-		AuthSource: NewTokenAuthorizer(creds, nil, TokenScope{}),
+		AuthSource: NewTokenAuthorizer(creds, nil, nil, TokenScope{}),
 	}
 	client, err := repoConfig.HTTPClient()