Project

Profile

Help

Issue #8045

closed

Fix the token scope for the catalog endpoint

Added by ipanova@redhat.com about 3 years ago. Updated about 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Sprint/Milestone:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
GalaxyNG
Sprint:
Sprint 91
Quarter:

Description

(pulp) [vagrant@pulp3-source-fedora32 _scripts]$ http GET https://registry-1.docker.io/v2/_catalog
HTTP/1.1 401 Unauthorized
Content-Length: 145
Content-Type: application/json
Date: Thu, 07 Jan 2021 13:56:38 GMT
Docker-Distribution-Api-Version: registry/2.0
Strict-Transport-Security: max-age=31536000
Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="registry:catalog:*"

{
    "errors": [
        {
            "code": "UNAUTHORIZED",
            "detail": [
                {
                    "Action": "*",
                    "Class": "",
                    "Name": "catalog",
                    "Type": "registry"
                }
            ],
            "message": "authentication required"
        }
    ]
}

$ http GET :24817/v2/_catalog --auth ina:goodpassword
HTTP/1.1 401 Unauthorized
Access-Control-Expose-Headers: Correlation-ID
Allow: GET, HEAD, OPTIONS
Connection: close
Content-Length: 106
Content-Type: application/json
Correlation-ID: 5f842cb112974d4ea25e35b533d8527a
Date: Thu, 07 Jan 2021 13:56:23 GMT
Docker-Distribution-Api-Version: registry/2.0
Server: gunicorn/20.0.4
Vary: Accept
WWW-Authenticate: Bearer realm="http://pulp3-source-fedora32.fluffy.example.com/token",service="localhost:24817"
X-Frame-Options: SAMEORIGIN

{
    "errors": [
        {
            "code": "UNAUTHORIZED",
            "detail": {},
            "message": "Authentication credentials were not provided."
        }
    ]
}


Also available in: Atom PDF