chore(authentication): Refactored and separated registry authentication

src/main/java/io/fabric8/maven/docker/AbstractBuildSupportMojo.java

@@ -53,7 +53,7 @@ abstract public class AbstractBuildSupportMojo extends AbstractDockerMojo {
     protected MavenBuildContext getBuildContext(MavenArchiveService archiveService) {
 
         MavenRegistryContext registryContext = new MavenRegistryContext.Builder()
-            .authConfigFactory(authConfigFactory)
+            .authRegistryAuthFactory(registryAuthFactory)
             .defaultImagePullPolicy(imagePullPolicy != null ? ImagePullPolicy.fromString(imagePullPolicy) : null)
             .pullRegistry(pullRegistry)
             .build();

src/main/java/io/fabric8/maven/docker/AbstractDockerMojo.java

@@ -2,22 +2,27 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.Date;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
 import io.fabric8.maven.docker.access.DockerAccess;
 import io.fabric8.maven.docker.access.ExecException;
-import io.fabric8.maven.docker.build.auth.AuthConfigFactory;
-import io.fabric8.maven.docker.build.docker.ImagePullCache;
-import io.fabric8.maven.docker.build.maven.MavenCacheBackend;
+import io.fabric8.maven.docker.build.auth.RegistryAuthConfig;
+import io.fabric8.maven.docker.build.auth.RegistryAuthFactory;
+import io.fabric8.maven.docker.build.auth.extended.EcrExtendedRegistryAuthHandler;
+import io.fabric8.maven.docker.build.docker.DockerRegistryAuthHandler;
+import io.fabric8.maven.docker.build.auth.handler.FromConfigRegistryAuthHandler;
+import io.fabric8.maven.docker.build.auth.handler.OpenShiftRegistryAuthHandler;
+import io.fabric8.maven.docker.build.maven.SettingsRegistrysAuthHandler;
+import io.fabric8.maven.docker.build.auth.handler.SystemPropertyRegistryAuthHandler;
 import io.fabric8.maven.docker.util.ConfigHelper;
 import io.fabric8.maven.docker.config.DockerMachineConfiguration;
 import io.fabric8.maven.docker.config.ImageConfiguration;
 import io.fabric8.maven.docker.config.build.BuildConfiguration;
-import io.fabric8.maven.docker.config.build.RegistryAuthConfiguration;
+import io.fabric8.maven.docker.config.maven.RegistryAuthConfiguration;
 import io.fabric8.maven.docker.config.handler.ImageConfigResolver;
 import io.fabric8.maven.docker.config.maven.MavenImageConfiguration;
 import io.fabric8.maven.docker.config.run.VolumeConfiguration;
@@ -42,9 +47,16 @@
 import org.apache.maven.settings.Settings;
 import org.codehaus.plexus.PlexusConstants;
 import org.codehaus.plexus.PlexusContainer;
+import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
 import org.codehaus.plexus.context.Context;
 import org.codehaus.plexus.context.ContextException;
 import org.codehaus.plexus.personality.plexus.lifecycle.phase.Contextualizable;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
+
+import static io.fabric8.maven.docker.build.auth.RegistryAuth.AUTH;
+import static io.fabric8.maven.docker.build.auth.RegistryAuth.EMAIL;
+import static io.fabric8.maven.docker.build.auth.RegistryAuth.PASSWORD;
+import static io.fabric8.maven.docker.build.auth.RegistryAuth.USERNAME;
 
 /**
  * Base class for this plugin.
@@ -194,7 +206,7 @@ public abstract class AbstractDockerMojo extends AbstractMojo implements Context
     private PlexusContainer plexusContainer;
 
     // Handler dealing with authentication credentials
-    protected AuthConfigFactory authConfigFactory;
+    protected RegistryAuthFactory registryAuthFactory;
 
     protected Logger log;
 
@@ -212,7 +224,7 @@ public abstract class AbstractDockerMojo extends AbstractMojo implements Context
     public void execute() throws MojoExecutionException, MojoFailureException {
         if (!skip) {
             log = new AnsiLogger(getLog(), useColor, verbose, !settings.getInteractiveMode(), getLogPrefix());
-            authConfigFactory = new AuthConfigFactory(plexusContainer, settings, getRegistryAuthConfig(), registry, log);
+            registryAuthFactory = createRegistryAuthFactory();
             imageConfigResolver.setLog(log);
 
             LogOutputSpecFactory logSpecFactory = new LogOutputSpecFactory(useColor, logStdout, logDate);
@@ -244,6 +256,55 @@ public void execute() throws MojoExecutionException, MojoFailureException {
         }
     }
 
+    private RegistryAuthFactory createRegistryAuthFactory() {
+
+        RegistryAuthConfig registryAuthConfig = createRegistryAuthConfig();
+
+        return new RegistryAuthFactory.Builder()
+            .decryptor(this::decrypt)
+            .defaultRegistry(registry)
+            .log(log)
+            .addRegistryAuthHandler(new SystemPropertyRegistryAuthHandler(registryAuthConfig, log))
+            .addRegistryAuthHandler(new OpenShiftRegistryAuthHandler(registryAuthConfig, log))
+            .addRegistryAuthHandler(new FromConfigRegistryAuthHandler(registryAuthConfig, log))
+            .addRegistryAuthHandler(new SettingsRegistrysAuthHandler(settings, log))
+            .addRegistryAuthHandler(new DockerRegistryAuthHandler(log))
+            .addExtendedRegistryAuthHandler(new EcrExtendedRegistryAuthHandler(log))
+            .build();
+    }
+
+    private RegistryAuthConfig createRegistryAuthConfig() {
+
+        RegistryAuthConfig.Builder builder =
+            new RegistryAuthConfig.Builder()
+                .skipExtendedAuthentication(skipExtendedAuth)
+                .propertyPrefix("docker");
+
+        if (authConfig != null) {
+            builder
+                .addDefaultConfig(USERNAME, authConfig.getUsername())
+                .addDefaultConfig(PASSWORD, authConfig.getPassword())
+                .addDefaultConfig(EMAIL, authConfig.getEmail())
+                .addDefaultConfig(AUTH, authConfig.getAuthToken());
+            addKindMap(builder, RegistryAuthConfig.Kind.PULL, authConfig.getPull());
+            addKindMap(builder, RegistryAuthConfig.Kind.PUSH, authConfig.getPush());
+        }
+        return builder.build();
+    }
+
+    private String decrypt(String password) {
+        try {
+            // Done by reflection since I have classloader issues otherwise
+            Object secDispatcher = plexusContainer.lookup(SecDispatcher.ROLE, "maven");
+            Method method = secDispatcher.getClass().getMethod("decrypt", String.class);
+            return (String) method.invoke(secDispatcher, password);
+        } catch (ComponentLookupException e) {
+            throw new IllegalStateException("Error looking security dispatcher", e);
+        } catch (ReflectiveOperationException e) {
+            throw new IllegalStateException("Cannot decrypt password: " + e.getCause(), e);
+        }
+    }
+
     private List<ImageConfiguration> convertToPlainImageConfigurations(List<MavenImageConfiguration> images) {
         if (images == null) {
             return null;
@@ -272,15 +333,14 @@ protected DockerAccessFactory.DockerAccessContext getDockerAccessContext() {
                 .build();
     }
 
-    protected Map getRegistryAuthConfig() {
-        Map registryAuthConfig = new HashMap();
-        if (authConfig != null) {
-            registryAuthConfig.putAll(authConfig.toMap());
-        }
-        if (skipExtendedAuth) {
-            registryAuthConfig.put(AuthConfigFactory.SKIP_EXTENDED_AUTH, true);
+
+    private void addKindMap(RegistryAuthConfig.Builder builder, RegistryAuthConfig.Kind kind, Map kindMap) {
+        if (kindMap != null) {
+            builder.addKindConfig(kind, USERNAME, (String) kindMap.get(USERNAME));
+            builder.addKindConfig(kind, PASSWORD, (String) kindMap.get(PASSWORD));
+            builder.addKindConfig(kind, EMAIL, (String) kindMap.get(EMAIL));
+            builder.addKindConfig(kind, AUTH, (String) kindMap.get(AUTH));
         }
-        return registryAuthConfig;
     }
 
     /**
@@ -323,13 +383,8 @@ private String initImageConfiguration(Date buildTimeStamp)  {
         resolvedImages = ConfigHelper.resolveImages(
             log,
             convertToPlainImageConfigurations(images),                  // Unresolved images
-            new ConfigHelper.Resolver() {
-                    @Override
-                    public List<ImageConfiguration> resolve(ImageConfiguration image) {
-                        return imageConfigResolver.resolve(image, project, session);
-                    }
-                },
-           filter,                   // A filter which image to process
+            image -> imageConfigResolver.resolve(image, project, session),
+            filter,                   // A filter which image to process
             this);                     // customizer (can be overwritten by a subclass)
 
         // Check for simple Dockerfile mode
@@ -415,10 +470,6 @@ protected LogDispatcher getLogDispatcher(ServiceHub hub) {
         return dispatcher;
     }
 
-    public ImagePullCache getImagePullManager() {
-        return new ImagePullCache(new MavenCacheBackend(session));
-    }
-
     private ImageConfiguration createSimpleDockerfileConfig(File dockerFile) {
         // No configured name, so create one from maven GAV
         String name = EnvUtil.getPropertiesWithSystemOverrides(project).getProperty("docker.name");

src/main/java/io/fabric8/maven/docker/PushMojo.java

@@ -43,7 +43,7 @@ public void executeInternal(ServiceHub hub) throws IOException {
         }
 
         MavenRegistryContext registryContext = new MavenRegistryContext.Builder()
-            .authConfigFactory(authConfigFactory)
+            .authRegistryAuthFactory(registryAuthFactory)
             .pushRegistry(pushRegistry)
             .build();
 

src/main/java/io/fabric8/maven/docker/StartMojo.java

@@ -348,7 +348,7 @@ private Queue<ImageConfiguration> prepareStart(ServiceHub hub, QueryService quer
 
             RegistryContext registryContext = new MavenRegistryContext.Builder()
                 .pullRegistry(pullRegistry)
-                .authConfigFactory(authConfigFactory)
+                .authRegistryAuthFactory(registryAuthFactory)
                 .build();
             hub.getRegistryService().pullImage(imageConfig.getName(), policy, registryContext);
 

src/main/java/io/fabric8/maven/docker/access/hc/DockerAccessWithHcClient.java

@@ -28,7 +28,6 @@
 import com.google.gson.JsonArray;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
-import io.fabric8.maven.docker.build.auth.AuthConfig;
 import io.fabric8.maven.docker.access.BuildOptions;
 import io.fabric8.maven.docker.access.ContainerCreateConfig;
 import io.fabric8.maven.docker.access.DockerAccess;

src/main/java/io/fabric8/maven/docker/access/util/EnvCommand.java

@@ -30,7 +30,7 @@
  *
  * @since 14/09/16
  */
-abstract public class EnvCommand extends ExternalCommand {
+public abstract class EnvCommand extends ExternalCommand {
 
     private final Map<String, String> env = new HashMap<>();
 
@@ -51,11 +51,11 @@ protected void processLine(String line) {
         }
     }
 
-    private final Pattern ENV_VAR_PATTERN = Pattern.compile("^\\s*(?<key>[^=]+)=\"?(?<value>.*?)\"?\\s*$");
+    private final Pattern envVarPattern = Pattern.compile("^\\s*(?<key>[^=]+)=\"?(?<value>.*?)\"?\\s*$");
 
     // parse line like SET DOCKER_HOST=tcp://192.168.99.100:2376
     private void setEnvironmentVariable(String line) {
-        Matcher matcher = ENV_VAR_PATTERN.matcher(line);
+        Matcher matcher = envVarPattern.matcher(line);
         if (matcher.matches()) {
             String key = matcher.group("key");
             String value = matcher.group("value");

src/main/java/io/fabric8/maven/docker/access/util/ExternalCommand.java

@@ -20,7 +20,7 @@
 import java.util.concurrent.*;
 
 import io.fabric8.maven.docker.util.Logger;
-import org.apache.maven.shared.utils.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 
 /**
  * @author roland

src/main/java/io/fabric8/maven/docker/build/RegistryContext.java

@@ -2,7 +2,8 @@
 
 import java.io.IOException;
 
-import io.fabric8.maven.docker.build.auth.AuthConfig;
+import io.fabric8.maven.docker.build.auth.RegistryAuth;
+import io.fabric8.maven.docker.build.auth.RegistryAuthConfig;
 import io.fabric8.maven.docker.config.build.ImagePullPolicy;
 
 /**
@@ -13,10 +14,8 @@ public interface RegistryContext {
 
     ImagePullPolicy getDefaultImagePullPolicy();
 
-    String getPushRegistry();
+    String getRegistry(RegistryAuthConfig.Kind kind);
 
-    String getPullRegistry();
-
-    AuthConfig getAuthConfig(boolean isPush, String user, String registry) throws IOException;
+    RegistryAuth getAuthConfig(RegistryAuthConfig.Kind kind, String user, String registry) throws IOException;
 
 }