Comments (3)
This is not currently documented explicitly. It is used for authentication by Docker clients.
https://docs.docker.com/registry/spec/auth/token/
from openapi.
If it's exposed publicly and works (as opposed to the metrics endpoint), I think we should add it to the spec. What do you think @andrewsomething?
from openapi.
Thinking about this some more, I don't think it is useful to include in the spec. It is only meant to be used by Docker clients as part of their JWT flow. While there might be some value in documenting it, I don't think we'd want to include it clients we create. You are much better off using an existing library for working with Docker registries.
When you run a command like docker pull registry.digitalocean.com/asb/static-example:06a447a
, the Docker cli makes a request using basic auth to:
https://registry.digitalocean.com/v2/asb/static-example/manifests/06a447a
The basic auth is a DO API token as both the password and username base64, e.g. echo $DO_TOKEN:$DO_TOKEN | base64 -w 0
. This request will return a 401 with a www-authenticate
header, eg:
www-authenticate: Bearer realm="https://api.digitalocean.com/v2/registry/auth",service="registry.digitalocean.com",scope="repository:asb/static-example:pull"
Using the info from that response, you make a request to /v2/registry/auth
. Again, using basic auth:
curl -X GET -H "Content-Type: application/json" \
-H "Authorization: Basic $(echo $DO_TOKEN:$DO_TOKEN | base64 -w 0)" \
"https://api.digitalocean.com/v2/registry/auth?service=registry.digitalocean.com&scope=repository:asb/doctl:pull"
This will return a token in the JSON body that can then be used repeat the initial request to registry.digitalocean.com
, this time using the token for bearer auth.
So /v2/registry/auth
shouldn't really be accessed unless it is first returned from the registry in the www-authenticate
header. We are not necessarily making a promise to users that that path will always be used. It's dynamic.
from openapi.
Related Issues (20)
- GET /v2/reports/droplet_neighbors HOT 1
- GET /v2/sizes HOT 1
- GET /v2/snapshots HOT 1
- GET /v2/snapshots/:id HOT 1
- DELETE /v2/snapshots/:id HOT 1
- GET /v2/volumes/:volume_id/snapshots HOT 1
- GET /v2/volumes/snapshots
- GET /v2/volumes/snapshots/:id
- GET /v2/kubernetes/clusters/{id}/kubeconfig
- POST /v2/apps/detect
- GET /v2/apps/{app_id}/deployments
- Handle OPTIONS request
- Refactor app_spec.yml
- No 400s or 403s, 404s or 429s in the definition HOT 4
- Postman Public Workspace
- Add monitor entry point HOT 1
- Document Let's Encrypt limits in certificate create operation
- Apps Spec Broken Link HOT 2
- pages in pages for actions.list
- Invalid {{contact}} HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openapi.