Fix BASIC challenge (#191)

* Fix BASIC challenge Java people like to yell, which `strings.Title` doesn't handle well. * Add Canonical() to challenge * Make canonical form lowercase
google · Jun 2, 2018 · 34a6841 · 34a6841
1 parent e033bc7
commit 34a6841
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 7 deletions.
diff --git a/v1/remote/transport/ping.go b/v1/remote/transport/ping.go
@@ -25,9 +25,9 @@ import (
 type challenge string
 
 const (
-	anonymous challenge = "Anonymous"
-	basic     challenge = "Basic"
-	bearer    challenge = "Bearer"
+	anonymous challenge = "anonymous"
+	basic     challenge = "basic"
+	bearer    challenge = "bearer"
 )
 
 type pingResp struct {
@@ -38,6 +38,10 @@ type pingResp struct {
 	parameters map[string]string
 }
 
+func (c challenge) Canonical() challenge {
+	return challenge(strings.ToLower(string(c)))
+}
+
 func parseChallenge(suffix string) map[string]string {
 	kv := make(map[string]string)
 	for _, token := range strings.Split(suffix, ",") {
@@ -75,13 +79,13 @@ func ping(reg name.Registry, t http.RoundTripper) (*pingResp, error) {
 		if parts := strings.SplitN(wac, " ", 2); len(parts) == 2 {
 			// If there are two parts, then parse the challenge parameters.
 			return &pingResp{
-				challenge:  challenge(strings.Title(parts[0])),
+				challenge:  challenge(parts[0]).Canonical(),
 				parameters: parseChallenge(parts[1]),
 			}, nil
 		}
 		// Otherwise, just return the challenge without parameters.
 		return &pingResp{
-			challenge: challenge(strings.Title(wac)),
+			challenge: challenge(wac).Canonical(),
 		}, nil
 	default:
 		return nil, fmt.Errorf("unrecognized HTTP status: %v", resp.Status)

diff --git a/v1/remote/transport/ping_test.go b/v1/remote/transport/ping_test.go
@@ -96,7 +96,7 @@ func TestPingNoChallenge(t *testing.T) {
 func TestPingBasicChallengeNoParams(t *testing.T) {
 	server := httptest.NewServer(
 		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			w.Header().Set("WWW-Authenticate", `Basic`)
+			w.Header().Set("WWW-Authenticate", `BASIC`)
 			http.Error(w, "Unauthorized", http.StatusUnauthorized)
 		}))
 	defer server.Close()

diff --git a/v1/remote/transport/transport.go b/v1/remote/transport/transport.go
@@ -49,7 +49,7 @@ func New(reg name.Registry, auth authn.Authenticator, t http.RoundTripper, scope
 		return nil, err
 	}
 
-	switch pr.challenge {
+	switch pr.challenge.Canonical() {
 	case anonymous:
 		return t, nil
 	case basic: