Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

fix: Use URL-safe base64 encoding for X-Registry-Auth #941

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix: Use URL-safe base64 encoding for X-Registry-Auth #941

wants to merge 3 commits into from

Conversation

dwo
Copy link

@dwo dwo commented Dec 16, 2024
edited
Loading

What do these changes do?

Changes utils.compose_auth_header to use base64.urlsafe_b64encode on the returned string. This aligns with how the Docker CLI encodes the same header.

I discovered this when an application using aiodocker was the only client not authenticating successfully against a private registry after a service user's password was rotated.

Previously raised by me in #761.

Are there changes in behavior for the user?

Will allow authentication to succeed against private registries when the X-Registry-Auth require url-safe substitutions as decribed here: https://docs.python.org/3/library/base64.html#base64.urlsafe_b64encode

Checklist

  • I think the code is well written
  • Unit tests for the changes exist
  • Documentation reflects the changes
  • If you provide code modification, please add yourself to CONTRIBUTORS.txt
    • The format is <Name> <Surname>.
    • Please keep alphabetical order, the file is sorted by names.
  • Add a new news fragment into the changes folder
    • name it <issue_id>.<type> for example (588.bug)
    • if you don't have an issue_id change it to the pr id after creating the pr
    • ensure type is one of the following:
      • .feature: Signifying a new feature.
      • .bugfix: Signifying a bug fix.
      • .doc: Signifying a documentation improvement.
      • .removal: Signifying a deprecation or removal of public API.
      • .misc: A ticket has been closed, but it is not of interest to users.
    • Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."

dwo and others added 2 commits December 16, 2024 09:17
@dwo
Use URL-safe base64 encoding for auth
0ded647 
This aligns with how the Docker CLI encodes the same header.
@pre-commit-ci
[pre-commit.ci] auto fixes from pre-commit.com hooks
a26c011 
for more information, see https://pre-commit.ci
@dwo dwo changed the title fix: Use URL-safe base64 encoding for auth fix: Use URL-safe base64 encoding for X-Registry-Auth Dec 16, 2024
@codecov Codecov
Copy link

codecov bot commented Dec 16, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.73%. Comparing base (1cdac66) to head (f075197).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #941      +/-   ##
==========================================
+ Coverage   80.66%   80.73%   +0.06%     
==========================================
  Files          24       24              
  Lines        1443     1443              
  Branches      206      206              
==========================================
+ Hits         1164     1165       +1     
  Misses        187      187              
+ Partials       92       91       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dwo
Copy link
Author

dwo commented Jan 15, 2025

@asvetlov just bumping this in case you still want to review this fix.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dwo