Return basic auth from google.Keychain (#791)

Before, we were taking advantage of the fact that GCR will allow you to just send an access token as bearer auth, but apparently this breaks `gcrane cp` if it's your first push to a registry, so this change returns basic auth to force us to always do a token exchange.
google · Oct 22, 2020 · 8a28419 · 8a28419
1 parent 25dfb32
commit 8a28419
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/pkg/v1/google/auth.go b/pkg/v1/google/auth.go
@@ -118,7 +118,8 @@ func (tsa *tokenSourceAuth) Authorization() (*authn.AuthConfig, error) {
 	}
 
 	return &authn.AuthConfig{
-		RegistryToken: token.AccessToken,
+		Username: "_token",
+		Password: token.AccessToken,
 	}, nil
 }
 

diff --git a/pkg/v1/google/auth_test.go b/pkg/v1/google/auth_test.go
@@ -135,7 +135,7 @@ func TestGcloudSuccess(t *testing.T) {
 		t.Fatalf("Authorization got error %v", err)
 	}
 
-	if got, want := token.RegistryToken, "mytoken"; got != want {
+	if got, want := token.Password, "mytoken"; got != want {
 		t.Errorf("wanted token %q, got %q", want, got)
 	}
 }