library php-docker-token-auth {🖫 28, ⚐ 5, ★ 6}

pbergman/php-docker-token-auth

a light weight docker token authentication build in php

Wednesday, March 9, 2016
by pbergman
Repository
1 Watchers
6 Stars
28 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
5 Versions
0 % Grown

The README.md

PHP docker registry 2 token authentication

This is a light weight docker token authentication build in php to the specs of the docs., _(*1)

https://docs.docker.com/registry/spec/auth/token, _(*2)

It can be used to validate push/pull and registration us users for you private registry., _(*3)

Configuring

property	required	type	description
public_key	yes	string	the private key, should be the content not file location
private_key	yes	string	the public key, should be the content not file location
audience	yes	string	audience that is registered in the registry (server name of registry)
issuer	yes	string	issuer that is registered in the registry (server name of this server)
logger_level	no	string\	array \| log level[s] to display (example: ['error', 'info'])
logger_file	no	string	log file or fd for logging , if non is given it will use stdout
route_end_point	no	string	The route endpoint to listen to, if non given it will default to /v2/token/
signing_algorithm	no	string	The algoritm used for signing the token, supported: HS256, HS512, HS384, RS256 (but only RS256 tested :D)

the config should be given as argument with the constructor:, _(*4)

$app = new DockerToken\Application([
    'public_key'   => dirname(__FILE__) . '/public.key',
    'private_key'  => dirname(__FILE__) . '/private.key',
    'audience'     => 'registry.docker.com',
    'issuer'       => 'auth.docker.com',
])

Validating

There are some listeners defined in src\DockerToken\Listener that can be used for validation (see) example.php or the tests., _(*5)

To communicate between handlers you can use the (is|set)Access(Granted|Denied) methods (see LdapAuthListener or YamlAuthListener)., _(*6)

By default the flag is set to abstain en when finished when the flag is not granted it will see it as the authentiaction is not succesfull and throws a InvalidAccessException., _(*7)

If you want to stop on success you can use the stopPropagation method because from the event because the set methods won`t do that. And on failure you can just call the InvalidAccessException that will resolve in a 401 status., _(*8)

When using DockerToken\Listener\YamlAuthListener you also need symfony/yaml., _(*9)

Running

php -S 127.0.0.1:9999 example.php, _(*10)

Keys

to generate keys, see:, _(*11)

php bin/CreateKeys.php

docker token docker authentication docker token