Handle 401 response in auth.Login() for authed private registries

author: shin- <joffrey@dotcloud.com> 2013-11-07 19:36:02 +0100
committer: shin- <joffrey@dotcloud.com> 2013-12-03 16:32:13 +0100
commit: 9be5db8704be5bda02484c374f4bd9b197d5701b (patch)
tree: 92bc53c2758c2d9ef8439e0f5755b9e93c5e4e9a /auth
parent: 3f921639894d3eca72c9ae105d3ad4f386651caa (diff)
download: docker-9be5db8704be5bda02484c374f4bd9b197d5701b.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/auth/auth.go b/auth/auth.go
index 62d8e7f522..85844a5472 100644
--- a/auth/auth.go
+++ b/auth/auth.go
@@ -223,6 +223,28 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
 		} else {
 			return "", fmt.Errorf("Registration: %s", reqBody)
 		}
+	} else if reqStatusCode == 401 {
+		// This case would happen with private registries where /v1/users is
+		// protected, so people can use `docker login` as an auth check.
+		req, err := factory.NewRequest("GET", serverAddress+"users/", nil)
+		req.SetBasicAuth(authConfig.Username, authConfig.Password)
+		resp, err := client.Do(req)
+		if err != nil {
+			return "", err
+		}
+		defer resp.Body.Close()
+		body, err := ioutil.ReadAll(resp.Body)
+		if err != nil {
+			return "", err
+    	}
+		if resp.StatusCode == 200 {
+			status = "Login Succeeded"
+		} else if resp.StatusCode == 401 {
+			return "", fmt.Errorf("Wrong login/password, please try again")
+		} else {
+			return "", fmt.Errorf("Login: %s (Code: %d; Headers: %s)", body,
+				resp.StatusCode, resp.Header)
+		}
 	} else {
 		return "", fmt.Errorf("Unexpected status code [%d] : %s", reqStatusCode, reqBody)
 	}
author	shin- <joffrey@dotcloud.com>	2013-11-07 19:36:02 +0100
committer	shin- <joffrey@dotcloud.com>	2013-12-03 16:32:13 +0100
commit	9be5db8704be5bda02484c374f4bd9b197d5701b (patch)
tree	92bc53c2758c2d9ef8439e0f5755b9e93c5e4e9a /auth
parent	3f921639894d3eca72c9ae105d3ad4f386651caa (diff)
download	docker-9be5db8704be5bda02484c374f4bd9b197d5701b.tar.gz