cliconfig/config.go - third_party/github.com/moby/moby - Git at Google

 package cliconfig

 import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"

 	"github.com/docker/docker/pkg/homedir"
 	"github.com/docker/docker/pkg/system"
 )

 const (
 	// ConfigFile is the name of config file
 	ConfigFileName = "config.json"
 	oldConfigfile  = ".dockercfg"

 	// This constant is only used for really old config files when the
 	// URL wasn't saved as part of the config file and it was just
 	// assumed to be this value.
 	defaultIndexserver = "https://index.docker.io/v1/"
 )

 var (
 	configDir = os.Getenv("DOCKER_CONFIG")
 )

 func init() {
 	if configDir == "" {
 		configDir = filepath.Join(homedir.Get(), ".docker")
 	}
 }

 // ConfigDir returns the directory the configuration file is stored in
 func ConfigDir() string {
 	return configDir
 }

 // SetConfigDir sets the directory the configuration file is stored in
 func SetConfigDir(dir string) {
 	configDir = dir
 }

 // AuthConfig contains authorization information for connecting to a Registry
 type AuthConfig struct {
 	Username      string `json:"username,omitempty"`
 	Password      string `json:"password,omitempty"`
 	Auth          string `json:"auth"`
 	Email         string `json:"email"`
 	ServerAddress string `json:"serveraddress,omitempty"`
 }

 // ConfigFile ~/.docker/config.json file info
 type ConfigFile struct {
 	AuthConfigs map[string]AuthConfig `json:"auths"`
 	HTTPHeaders map[string]string     `json:"HttpHeaders,omitempty"`
 	PsFormat    string                `json:"psFormat,omitempty"`
 	filename    string                // Note: not serialized - for internal use only
 }

 // NewConfigFile initilizes an empty configuration file for the given filename 'fn'
 func NewConfigFile(fn string) *ConfigFile {
 	return &ConfigFile{
 		AuthConfigs: make(map[string]AuthConfig),
 		HTTPHeaders: make(map[string]string),
 		filename:    fn,
 	}
 }

 // Load reads the configuration files in the given directory, and sets up
 // the auth config information and return values.
 // FIXME: use the internal golang config parser
 func Load(configDir string) (*ConfigFile, error) {
 	if configDir == "" {
 		configDir = ConfigDir()
 	}

 	configFile := ConfigFile{
 		AuthConfigs: make(map[string]AuthConfig),
 		filename:    filepath.Join(configDir, ConfigFileName),
 	}

 	// Try happy path first - latest config file
 	if _, err := os.Stat(configFile.filename); err == nil {
 		file, err := os.Open(configFile.filename)
 		if err != nil {
 			return &configFile, err
 		}
 		defer file.Close()

 		if err := json.NewDecoder(file).Decode(&configFile); err != nil {
 			return &configFile, err
 		}

 		for addr, ac := range configFile.AuthConfigs {
 			ac.Username, ac.Password, err = DecodeAuth(ac.Auth)
 			if err != nil {
 				return &configFile, err
 			}
 			ac.Auth = ""
 			ac.ServerAddress = addr
 			configFile.AuthConfigs[addr] = ac
 		}

 		return &configFile, nil
 	} else if !os.IsNotExist(err) {
 		// if file is there but we can't stat it for any reason other
 		// than it doesn't exist then stop
 		return &configFile, err
 	}

 	// Can't find latest config file so check for the old one
 	confFile := filepath.Join(homedir.Get(), oldConfigfile)
 	if _, err := os.Stat(confFile); err != nil {
 		return &configFile, nil //missing file is not an error
 	}

 	b, err := ioutil.ReadFile(confFile)
 	if err != nil {
 		return &configFile, err
 	}

 	if err := json.Unmarshal(b, &configFile.AuthConfigs); err != nil {
 		arr := strings.Split(string(b), "\n")
 		if len(arr) < 2 {
 			return &configFile, fmt.Errorf("The Auth config file is empty")
 		}
 		authConfig := AuthConfig{}
 		origAuth := strings.Split(arr[0], " = ")
 		if len(origAuth) != 2 {
 			return &configFile, fmt.Errorf("Invalid Auth config file")
 		}
 		authConfig.Username, authConfig.Password, err = DecodeAuth(origAuth[1])
 		if err != nil {
 			return &configFile, err
 		}
 		origEmail := strings.Split(arr[1], " = ")
 		if len(origEmail) != 2 {
 			return &configFile, fmt.Errorf("Invalid Auth config file")
 		}
 		authConfig.Email = origEmail[1]
 		authConfig.ServerAddress = defaultIndexserver
 		configFile.AuthConfigs[defaultIndexserver] = authConfig
 	} else {
 		for k, authConfig := range configFile.AuthConfigs {
 			authConfig.Username, authConfig.Password, err = DecodeAuth(authConfig.Auth)
 			if err != nil {
 				return &configFile, err
 			}
 			authConfig.Auth = ""
 			authConfig.ServerAddress = k
 			configFile.AuthConfigs[k] = authConfig
 		}
 	}
 	return &configFile, nil
 }

 // Save encodes and writes out all the authorization information
 func (configFile *ConfigFile) Save() error {
 	// Encode sensitive data into a new/temp struct
 	tmpAuthConfigs := make(map[string]AuthConfig, len(configFile.AuthConfigs))
 	for k, authConfig := range configFile.AuthConfigs {
 		authCopy := authConfig
 		// encode and save the authstring, while blanking out the original fields
 		authCopy.Auth = EncodeAuth(&authCopy)
 		authCopy.Username = ""
 		authCopy.Password = ""
 		authCopy.ServerAddress = ""
 		tmpAuthConfigs[k] = authCopy
 	}

 	saveAuthConfigs := configFile.AuthConfigs
 	configFile.AuthConfigs = tmpAuthConfigs
 	defer func() { configFile.AuthConfigs = saveAuthConfigs }()

 	data, err := json.MarshalIndent(configFile, "", "\t")
 	if err != nil {
 		return err
 	}

 	if err := system.MkdirAll(filepath.Dir(configFile.filename), 0700); err != nil {
 		return err
 	}

 	if err := ioutil.WriteFile(configFile.filename, data, 0600); err != nil {
 		return err
 	}

 	return nil
 }

 // Filename returns the name of the configuration file
 func (configFile *ConfigFile) Filename() string {
 	return configFile.filename
 }

 // EncodeAuth creates a base64 encoded string to containing authorization information
 func EncodeAuth(authConfig *AuthConfig) string {
 	authStr := authConfig.Username + ":" + authConfig.Password
 	msg := []byte(authStr)
 	encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg)))
 	base64.StdEncoding.Encode(encoded, msg)
 	return string(encoded)
 }

 // DecodeAuth decodes a base64 encoded string and returns username and password
 func DecodeAuth(authStr string) (string, string, error) {
 	decLen := base64.StdEncoding.DecodedLen(len(authStr))
 	decoded := make([]byte, decLen)
 	authByte := []byte(authStr)
 	n, err := base64.StdEncoding.Decode(decoded, authByte)
 	if err != nil {
 		return "", "", err
 	}
 	if n > decLen {
 		return "", "", fmt.Errorf("Something went wrong decoding auth config")
 	}
 	arr := strings.SplitN(string(decoded), ":", 2)
 	if len(arr) != 2 {
 		return "", "", fmt.Errorf("Invalid auth configuration file")
 	}
 	password := strings.Trim(arr[1], "\x00")
 	return arr[0], password, nil
 }
	package cliconfig

	import (
	"encoding/base64"
	"encoding/json"
	"fmt"
	"io/ioutil"
	"os"
	"path/filepath"
	"strings"

	"github.com/docker/docker/pkg/homedir"
	"github.com/docker/docker/pkg/system"
	)

	const (
	// ConfigFile is the name of config file
	ConfigFileName = "config.json"
	oldConfigfile = ".dockercfg"

	// This constant is only used for really old config files when the
	// URL wasn't saved as part of the config file and it was just
	// assumed to be this value.
	defaultIndexserver = "https://index.docker.io/v1/"
	)

	var (
	configDir = os.Getenv("DOCKER_CONFIG")
	)

	func init() {
	if configDir == "" {
	configDir = filepath.Join(homedir.Get(), ".docker")
	}
	}

	// ConfigDir returns the directory the configuration file is stored in
	func ConfigDir() string {
	return configDir
	}

	// SetConfigDir sets the directory the configuration file is stored in
	func SetConfigDir(dir string) {
	configDir = dir
	}

	// AuthConfig contains authorization information for connecting to a Registry
	type AuthConfig struct {
	Username string `json:"username,omitempty"`
	Password string `json:"password,omitempty"`
	Auth string `json:"auth"`
	Email string `json:"email"`
	ServerAddress string `json:"serveraddress,omitempty"`
	}

	// ConfigFile ~/.docker/config.json file info
	type ConfigFile struct {
	AuthConfigs map[string]AuthConfig `json:"auths"`
	HTTPHeaders map[string]string `json:"HttpHeaders,omitempty"`
	PsFormat string `json:"psFormat,omitempty"`
	filename string // Note: not serialized - for internal use only
	}

	// NewConfigFile initilizes an empty configuration file for the given filename 'fn'
	func NewConfigFile(fn string) *ConfigFile {
	return &ConfigFile{
	AuthConfigs: make(map[string]AuthConfig),
	HTTPHeaders: make(map[string]string),
	filename: fn,
	}
	}

	// Load reads the configuration files in the given directory, and sets up
	// the auth config information and return values.
	// FIXME: use the internal golang config parser
	func Load(configDir string) (*ConfigFile, error) {
	if configDir == "" {
	configDir = ConfigDir()
	}

	configFile := ConfigFile{
	AuthConfigs: make(map[string]AuthConfig),
	filename: filepath.Join(configDir, ConfigFileName),
	}

	// Try happy path first - latest config file
	if _, err := os.Stat(configFile.filename); err == nil {
	file, err := os.Open(configFile.filename)
	if err != nil {
	return &configFile, err
	}
	defer file.Close()

	if err := json.NewDecoder(file).Decode(&configFile); err != nil {
	return &configFile, err
	}

	for addr, ac := range configFile.AuthConfigs {
	ac.Username, ac.Password, err = DecodeAuth(ac.Auth)
	if err != nil {
	return &configFile, err
	}
	ac.Auth = ""
	ac.ServerAddress = addr
	configFile.AuthConfigs[addr] = ac
	}

	return &configFile, nil
	} else if !os.IsNotExist(err) {
	// if file is there but we can't stat it for any reason other
	// than it doesn't exist then stop
	return &configFile, err
	}

	// Can't find latest config file so check for the old one
	confFile := filepath.Join(homedir.Get(), oldConfigfile)
	if _, err := os.Stat(confFile); err != nil {
	return &configFile, nil //missing file is not an error
	}

	b, err := ioutil.ReadFile(confFile)
	if err != nil {
	return &configFile, err
	}

	if err := json.Unmarshal(b, &configFile.AuthConfigs); err != nil {
	arr := strings.Split(string(b), "\n")
	if len(arr) < 2 {
	return &configFile, fmt.Errorf("The Auth config file is empty")
	}
	authConfig := AuthConfig{}
	origAuth := strings.Split(arr[0], " = ")
	if len(origAuth) != 2 {
	return &configFile, fmt.Errorf("Invalid Auth config file")
	}
	authConfig.Username, authConfig.Password, err = DecodeAuth(origAuth[1])
	if err != nil {
	return &configFile, err
	}
	origEmail := strings.Split(arr[1], " = ")
	if len(origEmail) != 2 {
	return &configFile, fmt.Errorf("Invalid Auth config file")
	}
	authConfig.Email = origEmail[1]
	authConfig.ServerAddress = defaultIndexserver
	configFile.AuthConfigs[defaultIndexserver] = authConfig
	} else {
	for k, authConfig := range configFile.AuthConfigs {
	authConfig.Username, authConfig.Password, err = DecodeAuth(authConfig.Auth)
	if err != nil {
	return &configFile, err
	}
	authConfig.Auth = ""
	authConfig.ServerAddress = k
	configFile.AuthConfigs[k] = authConfig
	}
	}
	return &configFile, nil
	}

	// Save encodes and writes out all the authorization information
	func (configFile *ConfigFile) Save() error {
	// Encode sensitive data into a new/temp struct
	tmpAuthConfigs := make(map[string]AuthConfig, len(configFile.AuthConfigs))
	for k, authConfig := range configFile.AuthConfigs {
	authCopy := authConfig
	// encode and save the authstring, while blanking out the original fields
	authCopy.Auth = EncodeAuth(&authCopy)
	authCopy.Username = ""
	authCopy.Password = ""
	authCopy.ServerAddress = ""
	tmpAuthConfigs[k] = authCopy
	}

	saveAuthConfigs := configFile.AuthConfigs
	configFile.AuthConfigs = tmpAuthConfigs
	defer func() { configFile.AuthConfigs = saveAuthConfigs }()

	data, err := json.MarshalIndent(configFile, "", "\t")
	if err != nil {
	return err
	}

	if err := system.MkdirAll(filepath.Dir(configFile.filename), 0700); err != nil {
	return err
	}

	if err := ioutil.WriteFile(configFile.filename, data, 0600); err != nil {
	return err
	}

	return nil
	}

	// Filename returns the name of the configuration file
	func (configFile *ConfigFile) Filename() string {
	return configFile.filename
	}

	// EncodeAuth creates a base64 encoded string to containing authorization information
	func EncodeAuth(authConfig *AuthConfig) string {
	authStr := authConfig.Username + ":" + authConfig.Password
	msg := []byte(authStr)
	encoded := make([]byte, base64.StdEncoding.EncodedLen(len(msg)))
	base64.StdEncoding.Encode(encoded, msg)
	return string(encoded)
	}

	// DecodeAuth decodes a base64 encoded string and returns username and password
	func DecodeAuth(authStr string) (string, string, error) {
	decLen := base64.StdEncoding.DecodedLen(len(authStr))
	decoded := make([]byte, decLen)
	authByte := []byte(authStr)
	n, err := base64.StdEncoding.Decode(decoded, authByte)
	if err != nil {
	return "", "", err
	}
	if n > decLen {
	return "", "", fmt.Errorf("Something went wrong decoding auth config")
	}
	arr := strings.SplitN(string(decoded), ":", 2)
	if len(arr) != 2 {
	return "", "", fmt.Errorf("Invalid auth configuration file")
	}
	password := strings.Trim(arr[1], "\x00")
	return arr[0], password, nil
	}