From 98659f46f331f1a9e968044aabdf322231517248 Mon Sep 17 00:00:00 2001 From: Shane Canon Date: Wed, 14 Nov 2018 22:43:59 -0600 Subject: [PATCH 1/2] Fixes to work with nvcr.io --- imagegw/shifter_imagegw/dockerv2.py | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/imagegw/shifter_imagegw/dockerv2.py b/imagegw/shifter_imagegw/dockerv2.py index 01bc1b6a..a2545360 100755 --- a/imagegw/shifter_imagegw/dockerv2.py +++ b/imagegw/shifter_imagegw/dockerv2.py @@ -372,7 +372,7 @@ def do_token_auth(self, auth_loc_str, creds=False): # TODO, figure out what mode was for (_, auth_data_str) = auth_loc_str.split(' ', 2) - auth_data = {} + auth_data = {'service':'', 'scope':'pull'} for item in auth_data_str.split(','): (key, val) = item.split('=', 2) auth_data[key] = val.replace('"', '') @@ -383,7 +383,10 @@ def do_token_auth(self, auth_loc_str, creds=False): 'failed to get auth connection') headers = {} - if creds and self.username is not None and self.password is not None: + if self.username=='$oauthtoken': + self.private = True + headers['Authoriation'] = 'Bearer %s' % (self.password) + elif creds and self.username is not None and self.password is not None: self.private = True auth = '%s:%s' % (self.username, self.password) headers['Authorization'] = 'Basic %s' % base64.b64encode(auth) @@ -400,8 +403,6 @@ def do_token_auth(self, auth_loc_str, creds=False): if resp.status != 200: raise ValueError('Bad response getting token: %d', resp.status) - if resp.getheader('content-type') != 'application/json': - raise ValueError('Invalid response getting token, not json') auth_resp = json.loads(resp.read()) self.token = auth_resp['token'] @@ -527,7 +528,13 @@ def save_layer(self, layer, cachedir='./'): # there was a checksum mismatch, nuke the file os.unlink(filename) - conn.request("GET", path, None, self.headers) + # If the redirect path includes a verify in the path + # then we don't need the header. If we try to use the + # header, we may get back a 400. + headers = self.headers + if path.find('verify') > 0 or path.find('X-Amz-Algorithm')>0: + headers = {} + conn.request("GET", path, None, headers) resp1 = conn.getresponse() location = resp1.getheader('location') if resp1.status == 200: From fddfe3482f278a634f14250f1770399a35296ee5 Mon Sep 17 00:00:00 2001 From: Shane Canon Date: Sat, 3 Aug 2019 08:23:09 -0700 Subject: [PATCH 2/2] Fix typo --- imagegw/shifter_imagegw/dockerv2.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/imagegw/shifter_imagegw/dockerv2.py b/imagegw/shifter_imagegw/dockerv2.py index 156b9c53..ba103d50 100755 --- a/imagegw/shifter_imagegw/dockerv2.py +++ b/imagegw/shifter_imagegw/dockerv2.py @@ -385,7 +385,7 @@ def do_token_auth(self, auth_loc_str, creds=False): headers = {} if self.username=='$oauthtoken': self.private = True - headers['Authoriation'] = 'Bearer %s' % (self.password) + headers['Authorization'] = 'Bearer %s' % (self.password) elif creds and self.username is not None and self.password is not None: self.private = True auth = '%s:%s' % (self.username, self.password)