Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor auth - add re-auth mechanism #111

Merged
merged 4 commits into from
Feb 7, 2024
Merged

Conversation

aviramha
Copy link
Contributor

Sorry about the spam!
This builds upon the other 2 PRs #109 #110
Just out of comfort assuming if merged I'll work on it serially.
This adds logic to enable token re-creation when needed, and also making the auth API more fluent.
I had a situation where my token got expired mid-upload and there was no place to renew, and if I could break the API I'd have structured it a bit different, but I think is ok.

src/token_cache.rs Outdated Show resolved Hide resolved
@aviramha aviramha force-pushed the re-auth branch 2 times, most recently from f85329c to 9675b12 Compare February 2, 2024 13:27
@flavio
Copy link
Contributor

flavio commented Feb 6, 2024

@aviramha can you please look into the unit tests that are failing? I can reproduce the failures locally, and they are a regression introduced by this PR

…token gen] mechanism when needed

Signed-off-by: Aviram Hassan <[email protected]>
Signed-off-by: Aviram Hassan <[email protected]>
Signed-off-by: Aviram Hassan <[email protected]>
@aviramha
Copy link
Contributor Author

aviramha commented Feb 6, 2024

Sure! I had an assumption those tests require auth. Fixed now.

Copy link
Contributor

@thomastaylor312 thomastaylor312 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few minor changes and discussion points. Nits are optional to address! Thanks for implementing this!

@@ -502,6 +534,38 @@ impl Client {
authentication: &RegistryAuth,
operation: RegistryOperation,
) -> Result<Option<String>> {
self.store_auth_if_needed(image.resolve_registry(), authentication)
.await;
// preserve old caching behavior
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we actually need to preserve the old behavior? I think a call to get_auth_token should do the same logic of fetching the token and doing the auth step, right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't want to break API, and that could be that user wants to do auth and it might not really call auth underneath (because cache) feels a bit vile.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, that makes sense

src/token_cache.rs Outdated Show resolved Hide resolved
src/token_cache.rs Outdated Show resolved Hide resolved
Signed-off-by: Aviram Hassan <[email protected]>
Copy link
Contributor

@thomastaylor312 thomastaylor312 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we're good to go! @flavio leaving merging to you since you started reviewing/conversation on this one

@flavio flavio merged commit 4c80c9c into oras-project:main Feb 7, 2024
5 checks passed
flavio added a commit to flavio/rust-oci-client that referenced this pull request Mar 27, 2024
== What's Changed
* client is now clonable and can be used in concurrent manner by @aviramha in oras-project#109
* fix(*): Fixes our use of deprecated functions by @thomastaylor312 in oras-project#113
* Pull alternative urls by @seanyoung in oras-project#108
* Refactor auth - add re-auth mechanism by @aviramha in oras-project#111
* Implement Client::pull_manifest_raw by @MathiasPius in oras-project#115
* chore(deps): Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in oras-project#117
* chore(deps): update reqwest and http by @flavio in oras-project#119

== New Contributors
* @aviramha made their first contribution in oras-project#109
* @thomastaylor312 made their first contribution in oras-project#113
* @seanyoung made their first contribution in oras-project#108
* @MathiasPius made their first contribution in oras-project#115

**Full Changelog**: oras-project/rust-oci-client@v0.10.0...v0.11.0

Signed-off-by: Flavio Castelli <[email protected]>
@flavio flavio mentioned this pull request Mar 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants