Prevent invalid credentials: no missing server URL or username (#62)

* Prevent invalid credentials: no missing server URL or username Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com> * Add missing username/serverURL error checks in credstore client Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com> * Clean up doc on invalid creds errors and client's error checks Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com> * Add tests for missing ServerURL/Username Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com> * Clean isValidCredsMessage prototype Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com> * Add test for missing server URL and more detailed error msg Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
2026-06-13 16:01:28 +05:30 · 2017-05-29 10:21:50 +02:00
parent 79ab7059b0
commit ed11c58ebf
5 changed files with 230 additions and 5 deletions
@@ -17,6 +17,22 @@ type Credentials struct {
 	Secret    string
 }

+// isValid checks the integrity of Credentials object such that no credentials lack
+// a server URL or a username.
+// It returns whether the credentials are valid and the error if it isn't.
+// error values can be errCredentialsMissingServerURL or errCredentialsMissingUsername
+func (c *Credentials) isValid() (bool, error) {
+	if len(c.ServerURL) == 0 {
+		return false, NewErrCredentialsMissingServerURL()
+	}
+
+	if len(c.Username) == 0 {
+		return false, NewErrCredentialsMissingUsername()
+	}
+
+	return true, nil
+}
+
 // Docker credentials should be labeled as such in credentials stores that allow labelling.
 // That label allows to filter out non-Docker credentials too at lookup/search in macOS keychain,
 // Windows credentials manager and Linux libsecret. Default value is "Docker Credentials"
@@ -81,6 +97,10 @@ func Store(helper Helper, reader io.Reader) error {
 		return err
 	}

+	if ok, err := creds.isValid(); !ok {
+		return err
+	}
+
 	return helper.Add(&creds)
 }

@@ -100,6 +120,9 @@ func Get(helper Helper, reader io.Reader, writer io.Writer) error {
 	}

 	serverURL := strings.TrimSpace(buffer.String())
+	if len(serverURL) == 0 {
+		return NewErrCredentialsMissingServerURL()
+	}

 	username, secret, err := helper.Get(serverURL)
 	if err != nil {
@@ -107,6 +130,7 @@ func Get(helper Helper, reader io.Reader, writer io.Writer) error {
 	}

 	resp := Credentials{
+		ServerURL: serverURL,
 		Username: username,
 		Secret:   secret,
 	}
@@ -135,6 +159,9 @@ func Erase(helper Helper, reader io.Reader) error {
 	}

 	serverURL := strings.TrimSpace(buffer.String())
+	if len(serverURL) == 0 {
+		return NewErrCredentialsMissingServerURL()
+	}

 	return helper.Delete(serverURL)
 }