auth() method should be updated for new API · spotify/docker-client#629

2017-02-16T16:21:48.000Z

In docker API versions = 1.23, the `POST /auth` endpoint changed. It now returns a JSON body: ``` { "Status": "Login Succeeded", "IdentityToken": "9cbaf023786cd7..." } ``` We should update `DockerClient.auth()` to read this JSON body into a message class. However, I'm not exactly sure how the implementation will work. Questions: * What should we do with the `Auth` class that gets parsed from the message? We could just return it from the `DockerClient.auth()` method. But that is maybe sub-optimal because: 1. The `"Status"` message is redundant with the HTTP status code, at least for now; and 2. The `"IdentityToken"` is empty for the public Docker Hub, which does not use identity tokens (even though they should). So is it worth returning this almost worthless object? * If we don't return the `Auth` object, what will `DockerClient.auth()` return? It could still return an `int` for the status. But that seems sort of dumb to me. At the very least it should be a `boolean` for whether you are authorized or not.

(5 comments) (0 reactions) (0 assignees)Java (1,430 stars) (551 forks)batch import

help wantedpinnedquestion

Description

In docker API versions < 1.23, POSTing registry credentials to /auth would return a 200 if you could log in, and that's all. DockerClient.auth() reflects that, returning only an int.

For API versions >= 1.23, the POST /auth endpoint changed. It now returns a JSON body:

{
     "Status": "Login Succeeded",
     "IdentityToken": "9cbaf023786cd7..."
}

We should update DockerClient.auth() to read this JSON body into a message class. However, I'm not exactly sure how the implementation will work.

Questions:

What should we do with the Auth class that gets parsed from the message? We could just return it from the DockerClient.auth() method. But that is maybe sub-optimal because: 1. The "Status" message is redundant with the HTTP status code, at least for now; and 2. The "IdentityToken" is empty for the public Docker Hub, which does not use identity tokens (even though they should). So is it worth returning this almost worthless object?
If we don't return the Auth object, what will DockerClient.auth() return? It could still return an int for the status. But that seems sort of dumb to me. At the very least it should be a boolean for whether you are authorized or not.

Contributor guide

Tech stack: java
Domain: apibackend
Issue type: feature
Difficulty: 3
Estimated time: 1-3 hours
Activity status: stale
Clarity: needs investigation
Prerequisites: Docker API basicsJava
Newbie friendliness: 30
Research direction: Investigate the Docker API version 1.23 changes for POST /auth. Review the current DockerClient.auth() implementation and the Auth class. Decide on return type (e.g., boolean or custom AuthResponse) and implement accordingly. Consult maintainers for design decisions.