Add credential authenticator interface

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2025-09-25 06:11:25 +00:00 · 2016-02-12 17:15:19 -08:00
parent bf991fec01
commit 98620458e3
3 changed files with 25 additions and 14 deletions
--- a/registry/auth/htpasswd/access.go
+++ b/registry/auth/htpasswd/access.go
@@ -6,7 +6,6 @@
 package htpasswd

 import (
-	"errors"
 	"fmt"
 	"net/http"
 	"os"
@@ -15,14 +14,6 @@ import (
 	"github.com/docker/distribution/registry/auth"
 )

-var (
-	// ErrInvalidCredential is returned when the auth token does not authenticate correctly.
-	ErrInvalidCredential = errors.New("invalid authorization credential")
-
-	// ErrAuthenticationFailure returned when authentication failure to be presented to agent.
-	ErrAuthenticationFailure = errors.New("authentication failure")
-)
-
 type accessController struct {
 	realm    string
 	htpasswd *htpasswd
@@ -65,21 +56,25 @@ func (ac *accessController) Authorized(ctx context.Context, accessRecords ...aut
 	if !ok {
 		return nil, &challenge{
 			realm: ac.realm,
-			err:   ErrInvalidCredential,
+			err:   auth.ErrInvalidCredential,
 		}
 	}

-	if err := ac.htpasswd.authenticateUser(username, password); err != nil {
+	if err := ac.AuthenticateUser(username, password); err != nil {
 		context.GetLogger(ctx).Errorf("error authenticating user %q: %v", username, err)
 		return nil, &challenge{
 			realm: ac.realm,
-			err:   ErrAuthenticationFailure,
+			err:   auth.ErrAuthenticationFailure,
 		}
 	}

 	return auth.WithUser(ctx, auth.UserInfo{Name: username}), nil
 }

+func (ac *accessController) AuthenticateUser(username, password string) error {
+	return ac.htpasswd.authenticateUser(username, password)
+}
+
 // challenge implements the auth.Challenge interface.
 type challenge struct {
 	realm string