this repo has no description
internal/registrytest: satisfy staticcheck and gopls
authnHandler has been unused since https://cuelang.org/cl/1191618,
and the auth logic now lives in the serveDirectAuth method.
Perhaps this func was left behind as part of a refactor.
Remove a few other unused parameters and declarations,
and actually check an error in the test code.
Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Change-Id: I9e445f71a94cebe76356fedbd9126cdcd0657f52
Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/1194857
TryBot-Result: CUEcueckoo <cueckoo@cuelang.org>
Reviewed-by: Paul Jolly <paul@myitcv.io>
Unity-Result: CUE porcuepine <cue.porcuepine@gmail.com>
+6
-48
+3
-48
internal/registrytest/registry.go
+3
-48
internal/registrytest/registry.go
···
20
20
"cuelabs.dev/go/oci/ociregistry/ociserver"
21
21
"golang.org/x/tools/txtar"
22
22
23
-
"cuelang.org/go/cue"
24
-
"cuelang.org/go/cue/cuecontext"
25
23
"cuelang.org/go/mod/modfile"
26
24
"cuelang.org/go/mod/modregistry"
27
25
"cuelang.org/go/mod/module"
···
330
328
})
331
329
}
332
330
333
-
// authnHandler wraps the given handler with logic that checks
334
-
// that the incoming requests fulfil the authenticiation requirements defined
335
-
// in cfg. If cfg is nil or there are no auth requirements, it returns handler
336
-
// unchanged.
337
-
func authnHandler(cfg *AuthConfig, handler http.Handler) http.Handler {
338
-
if cfg == nil || (*cfg == AuthConfig{}) {
339
-
return handler
340
-
}
341
-
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
342
-
auth := req.Header.Get("Authorization")
343
-
if auth == "" {
344
-
if cfg.BearerToken != "" {
345
-
// Note that this lacks information like the realm,
346
-
// but we don't need it for our test cases yet.
347
-
w.Header().Set("Www-Authenticate", "Bearer service=registry")
348
-
} else {
349
-
w.Header().Set("Www-Authenticate", "Basic service=registry")
350
-
}
351
-
writeError(w, fmt.Errorf("%w: no credentials", ociregistry.ErrUnauthorized))
352
-
return
353
-
}
354
-
if cfg.BearerToken != "" {
355
-
token, ok := strings.CutPrefix(auth, "Bearer ")
356
-
if !ok || token != cfg.BearerToken {
357
-
writeError(w, fmt.Errorf("%w: invalid bearer credentials", ociregistry.ErrUnauthorized))
358
-
return
359
-
}
360
-
} else {
361
-
username, password, ok := req.BasicAuth()
362
-
if !ok || username != cfg.Username || password != cfg.Password {
363
-
writeError(w, fmt.Errorf("%w: invalid user-password credentials", ociregistry.ErrUnauthorized))
364
-
return
365
-
}
366
-
}
367
-
handler.ServeHTTP(w, req)
368
-
})
369
-
}
370
-
371
331
func writeError(w http.ResponseWriter, err error) {
372
332
data, httpStatus := ociregistry.MarshalError(err)
373
333
w.Header().Set("Content-Type", "application/json")
···
452
412
return r.host
453
413
}
454
414
455
-
type handler struct {
456
-
modules []*moduleContent
457
-
}
458
-
459
415
func getModules(fsys fs.FS) (map[module.Version]*moduleContent, []byte, error) {
460
416
var authConfig []byte
461
-
ctx := cuecontext.New()
462
417
modules := make(map[string]*moduleContent)
463
418
if err := fs.WalkDir(fsys, ".", func(path string, d fs.DirEntry, err error) error {
464
419
if err != nil {
···
501
456
return nil, nil, err
502
457
}
503
458
for modver, content := range modules {
504
-
if err := content.init(ctx, modver); err != nil {
459
+
if err := content.init(modver); err != nil {
505
460
return nil, nil, fmt.Errorf("cannot initialize module %q: %v", modver, err)
506
461
}
507
462
}
···
519
474
}
520
475
521
476
func (c *moduleContent) writeZip(w io.Writer) error {
522
-
return modzip.Create[txtar.File](w, c.version, c.files, txtarFileIO{})
477
+
return modzip.Create(w, c.version, c.files, txtarFileIO{})
523
478
}
524
479
525
-
func (c *moduleContent) init(ctx *cue.Context, versDir string) error {
480
+
func (c *moduleContent) init(versDir string) error {
526
481
found := false
527
482
for _, f := range c.files {
528
483
if f.Name != "cue.mod/module.cue" {