36 lines
1.3 KiB
Go
36 lines
1.3 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/distribution/distribution/v3/registry/auth"
|
|
)
|
|
|
|
type accessController struct{}
|
|
|
|
var _ auth.AccessController = &accessController{}
|
|
|
|
// Authorized returns a non-nil error if the context is granted access and
|
|
// returns a new authorized context. If one or more Access structs are
|
|
// provided, the requested access will be compared with what is available
|
|
// to the context. The given context will contain a "http.request" key with
|
|
// a `*http.Request` value. If the error is non-nil, access should always
|
|
// be denied. The error may be of type Challenge, in which case the caller
|
|
// may have the Challenge handle the request or choose what action to take
|
|
// based on the Challenge header or response status. The returned context
|
|
// object should have a "auth.user" value set to a UserInfo struct.
|
|
func (a *accessController) Authorized(ctx context.Context, access ...auth.Access) (context.Context, error) {
|
|
return context.WithValue(ctx, "auth.user", &auth.UserInfo{Name: "leet hax0r"}), nil
|
|
}
|
|
|
|
func newAccessController(options map[string]interface{}) (*accessController, error) {
|
|
return &accessController{}, nil
|
|
}
|
|
|
|
func init() {
|
|
f := func(options map[string]interface{}) (auth.AccessController, error) {
|
|
return newAccessController(options)
|
|
}
|
|
auth.Register("absent", auth.InitFunc(f))
|
|
}
|