fix(registry): ignore empty challenge fields (#1626)

Co-authored-by: caotian <caotian@users.noreply.github.com>
pull/1526/head
nils måsén 2 years ago committed by GitHub
parent 9d6b008b4b
commit 4d661bf63b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -123,10 +123,9 @@ func GetAuthURL(challenge string, img string) (*url.URL, error) {
for _, pair := range pairs {
trimmed := strings.Trim(pair, " ")
kv := strings.Split(trimmed, "=")
key := kv[0]
val := strings.Trim(kv[1], "\"")
values[key] = val
if key, val, ok := strings.Cut(trimmed, "="); ok {
values[key] = strings.Trim(val, `"`)
}
}
logrus.WithFields(logrus.Fields{
"realm": values["realm"],

@ -2,13 +2,14 @@ package auth_test
import (
"fmt"
"github.com/containrrr/watchtower/internal/actions/mocks"
"github.com/containrrr/watchtower/pkg/registry/auth"
"net/url"
"os"
"testing"
"time"
"github.com/containrrr/watchtower/internal/actions/mocks"
"github.com/containrrr/watchtower/pkg/registry/auth"
wtTypes "github.com/containrrr/watchtower/pkg/types"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
@ -79,6 +80,18 @@ var _ = Describe("the auth module", func() {
Expect(err).To(HaveOccurred())
Expect(res).To(BeNil())
})
It("should not crash when an empty field is recieved", func() {
input := `bearer realm="https://ghcr.io/token",service="ghcr.io",scope="repository:user/image:pull",`
res, err := auth.GetAuthURL(input, "containrrr/watchtower")
Expect(err).NotTo(HaveOccurred())
Expect(res).NotTo(BeNil())
})
It("should not crash when a field without a value is recieved", func() {
input := `bearer realm="https://ghcr.io/token",service="ghcr.io",scope="repository:user/image:pull",valuelesskey`
res, err := auth.GetAuthURL(input, "containrrr/watchtower")
Expect(err).NotTo(HaveOccurred())
Expect(res).NotTo(BeNil())
})
})
When("getting a challenge url", func() {
It("should create a valid challenge url object based on the image ref supplied", func() {

Loading…
Cancel
Save