Commit Graph

28 Commits

Author SHA1 Message Date
Laura Brehm 13754f6776
deps: update `go-jose/go-jose` to `v4`
See: https://github.com/go-jose/go-jose

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-11-05 14:12:16 +00:00
Sebastiaan van Stijn 51f320ff62
Merge pull request #5376 from laurazard/fix-oauth-login-timer
oauth/api: drain timer channel on each iteration
2024-09-03 13:14:54 +02:00
Laura Brehm 60d0450287
oauth/api: drain timer channel on each iteration
Previously, if while polling for oauth device-code login results a user
suspended the process (such as with CTRL-Z) and then restored it with
`fg`, an error might occur in the form of:

```
failed waiting for authentication: You are polling faster than the specified interval of 5 seconds.
```

This is due to our use of a `time.Ticker` here - if no receiver drains
the ticker channel (and timers/tickers use a buffered channel behind the
scenes), more than one tick will pile up, causing the program to "tick"
twice, in fast succession, after it is resumed.

The new implementation replaces the `time.Ticker` with a `time.Timer`
(`time.Ticker` is just a nice wrapper) and introduces a helper function
`resetTimer` to ensure that before every `select`, the timer is stopped
and it's channel is drained.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-09-03 11:31:03 +01:00
David Karlsson 81744d7aa8 copynit: s/WEB BASED/WEB-BASED/
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-09-03 11:39:43 +02:00
Laura Brehm c3fe7bc336
fallback to regular login if oauth login fails to start
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-08-14 19:48:09 +01:00
Laura Brehm fcfdd7b91f
auth: add support for oauth device-code login
This commit adds support for the oauth [device-code](https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow)
login flow when authenticating against the official registry.

This is achieved by adding `cli/internal/oauth`, which contains code to manage
interacting with the Docker OAuth tenant (`login.docker.com`), including launching
the device-code flow, refreshing access using the refresh-token, and logging out.

The `OAuthManager` introduced here is also made available through the `command.Cli`
interface method `OAuthManager()`.

In order to maintain compatibility with any clients manually accessing
the credentials through `~/.docker/config.json` or via credential
helpers, the added `OAuthManager` uses the retrieved access token to
automatically generate a PAT with Hub, and store that in the
credentials.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-08-14 19:48:04 +01:00
Daniel Nephin b3f843afe2 Move internal/test package out of cli.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-22 10:14:25 -04:00
Daniel Nephin 505a0fe45f Update volume command tests to use the new golden
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-16 14:23:28 -04:00
Sebastiaan van Stijn ceb18a841a
Fix presentation of published "random" host ports
Ports that were picked from the ephemeral port range
were presented as `*:0->80/tcp`.

This patch changes the presentation to use the
actually assigned port, instead of the port specified
in `Endpoint.Spec` (which is always empty/zero (`0`))

Before this change;

    ID                  NAME                MODE                REPLICAS            IMAGE               PORTS
    5d44i665qj66        with-random-port    replicated          1/1                 nginx:alpine        *:0->80/tcp

After this change;

    ID                  NAME                MODE                REPLICAS            IMAGE               PORTS
    5d44i665qj66        with-random-port    replicated          1/1                 nginx:alpine        *:30000->80/tcp

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-01 19:21:17 +02:00
Daniel Nephin 3da0cbfdd1 Remove unnecessary use of SetConfigfile
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-07-11 14:49:30 -04:00
Daniel Nephin 69b142b52a Update FakeCli to remove duplication in tests.
Use byte buffers by default, since that is what is done most of the time.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-07-11 14:49:30 -04:00
Daniel Nephin 379b762495 Merge pull request #273 from adshmh/add-unit-tests-to-task-package
add unit tests to task package
2017-06-30 11:41:24 -04:00
Arash Deshmeh 244e28f41f add unit tests to task package
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
2017-06-29 17:57:31 -04:00
Daniel Nephin a04aa8fe28 Compress after rewriting the archive.
Write a test showing compress failure.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-06-29 13:18:10 -04:00
Vincent Demeester 105b21d1ab
Rename NewConfigFile to New in configfile package
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-27 16:31:38 +02:00
Daniel Nephin a3cbc70147
Move credential getting functions to the ConfigFile.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-06-27 13:46:47 +02:00
Vincent Demeester d5d0ec56c1 Merge pull request #214 from adshmh/add-unit-tests-to-stack-package
add unit tests to stack package
2017-06-21 10:00:08 +02:00
Arash Deshmeh 535af2d868 add unit tests to stack package
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
2017-06-20 14:31:00 -04:00
Daniel Nephin 3724fb7f37 Add gosimple lint
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-06-14 16:55:08 -07:00
Daniel Nephin 3e3934c19f Add unparam linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-06-14 16:55:08 -07:00
Yong Tang 657457ee2c Use `scope=swarm` for service related network inspect.
This fix use `scope=swarm` for service related network inspect.
The purpose is that, in case multiple networks with the same
name exist in different scopes, it is still possible to obtain
the network for services.

This fix is related to moby/moby#33630 and docker/cli#167

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2017-06-13 20:26:12 +00:00
Daniel Nephin 341703d21e Add tests for verifyExternalNetwork
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-05-26 12:21:04 -04:00
Aaron Lehmann 62567078ff Add --pretty option to "secret inspect" and "config inspect"
This adds a pretty template for both inspect subcommands. For configs,
it's particularly useful because it's a way to expose the config payload
in the CLI in a non-base64-encoded way.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-05-16 15:12:20 -07:00
Aaron Lehmann db5620026d Add support for configs
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-05-11 13:42:49 -07:00
Tibor Vass 57230a7212 rm client and vendor it instead
Signed-off-by: Tibor Vass <tibor@docker.com>
2017-05-08 10:33:56 -07:00
Ignacio Capurro e7793092a2 Unit tests for cli/commands/image (except build and tag)
Signed-off-by: Ignacio Capurro <icapurrofagian@gmail.com>
2017-05-03 18:40:22 -07:00
Daniel Nephin 10641c2aae Update imports.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-04-17 18:07:56 -04:00
Daniel Nephin 1630fc40f8 Import docker/docker/cli
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
2017-04-17 17:40:59 -04:00