distribution/registry/auth/token
Cory Snider bd80d7590d reg/auth: remove contexts from Authorized method
The details of how request-scoped information is propagated through the
registry server app should be left as private implementation details so
they can be changed without fear of breaking compatibility with
third-party code which imports the distribution module. The
AccessController interface unnecessarily bakes into the public API
details of how authorization grants are propagated through request
contexts. In practice the only values the in-tree authorizers attach to
the request contexts are the UserInfo and Resources for the request.
Change the AccessController interface to return the UserInfo and
Resources directly to allow us to change how request contexts are used
within the app without altering the AccessController interface contract.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-10-27 10:58:37 -04:00
..
accesscontroller.go reg/auth: remove contexts from Authorized method 2023-10-27 10:58:37 -04:00
fuzz_test.go Fuzzing: Move over two fuzzers from cncf-fuzzing 2023-05-02 23:03:57 +02:00
stringset.go Move auth package under registry package 2015-02-10 17:34:04 -08:00
token.go feat: replace docker/libtrust with go-jose/go-jose 2023-10-19 15:32:59 +01:00
token_test.go reg/auth: remove contexts from Authorized method 2023-10-27 10:58:37 -04:00
types.go refactor: rename WeakStringList to AudienceList 2022-10-21 11:11:50 +02:00
types_test.go registry/auth/token: fix the surrounding loop is unconditionally terminate 2023-05-09 16:04:17 +02:00
util.go feat: replace docker/libtrust with go-jose/go-jose 2023-10-19 15:32:59 +01:00