removed id token variable

Signed-off-by: Xiaoxuan Wang <[email protected]>

cmd/oras/internal/option/remote.go

@@ -57,15 +57,13 @@ const (
 // Remote implements oerrors.Handler and interface.
 type Remote struct {
 	DistributionSpec
-	CACertFilePath         string
-	Insecure               bool
-	Configs                []string
-	Username               string
-	PasswordFromStdin      bool
-	Password               string
-	IdentityTokenFromStdin bool
-	identityToken          string
-	flagPrefix             string
+	CACertFilePath    string
+	Insecure          bool
+	Configs           []string
+	Username          string
+	PasswordFromStdin bool
+	Password          string
+	flagPrefix        string
 
 	resolveFlag           []string
 	applyDistributionSpec bool
@@ -85,7 +83,7 @@ func (opts *Remote) EnableDistributionSpecFlag() {
 func (opts *Remote) ApplyFlags(fs *pflag.FlagSet) {
 	opts.ApplyFlagsWithPrefix(fs, "", "")
 	fs.BoolVarP(&opts.PasswordFromStdin, passwordFromStdinFlag, "", false, "read password from stdin")
-	fs.BoolVarP(&opts.IdentityTokenFromStdin, identityTokenFromStdinFlag, "", false, "read identity token from stdin")
+	fs.BoolVarP(&opts.PasswordFromStdin, identityTokenFromStdinFlag, "", false, "read identity token from stdin")
 }
 
 func applyPrefix(prefix, description string) (flagPrefix, notePrefix string) {
@@ -115,7 +113,7 @@ func (opts *Remote) ApplyFlagsWithPrefix(fs *pflag.FlagSet, prefix, description
 	}
 	fs.StringVarP(&opts.Username, opts.flagPrefix+usernameFlag, shortUser, "", notePrefix+"registry username")
 	fs.StringVarP(&opts.Password, opts.flagPrefix+passwordFlag, shortPassword, "", notePrefix+"registry password")
-	fs.StringVarP(&opts.identityToken, opts.flagPrefix+identityTokenFlag, "", "", notePrefix+"registry identity token")
+	fs.StringVarP(&opts.Password, opts.flagPrefix+identityTokenFlag, "", "", notePrefix+"registry identity token")
 	fs.BoolVarP(&opts.Insecure, opts.flagPrefix+"insecure", "", false, "allow connections to "+notePrefix+"SSL registry without certs")
 	plainHTTPFlagName := opts.flagPrefix + "plain-http"
 	plainHTTP := fs.Bool(plainHTTPFlagName, false, "allow insecure connections to "+notePrefix+"registry without SSL check")
@@ -130,17 +128,17 @@ func (opts *Remote) ApplyFlagsWithPrefix(fs *pflag.FlagSet, prefix, description
 
 // CheckStdinConflict checks if opts.PasswordFromStdin or opts.IdentityTokenFromStdin
 // conflicts with read file from input.
-func (opts *Remote) CheckStdinConflict() error {
-	if opts.PasswordFromStdin {
+func (opts *Remote) CheckStdinConflict(cmd *cobra.Command) error {
+	if cmd.Flags().Changed(passwordFromStdinFlag) {
 		return fmt.Errorf("`-` read file from input and `--%s` read password from input cannot be both used", passwordFromStdinFlag)
-	} else if opts.IdentityTokenFromStdin {
+	} else if cmd.Flags().Changed(identityTokenFromStdinFlag) {
 		return fmt.Errorf("`-` read file from input and `--%s` read identity token from input cannot be both used", identityTokenFromStdinFlag)
 	}
 	return nil
 }
 
 // Parse tries to read password with optional cmd prompt.
-func (opts *Remote) Parse(*cobra.Command) error {
+func (opts *Remote) Parse(cmd *cobra.Command) error {
 	// check that basic auth flags and identity token flags are not both used.
 	var flagChecker = func(values []bool, flags []string) string {
 		for i, v := range values {
@@ -150,9 +148,9 @@ func (opts *Remote) Parse(*cobra.Command) error {
 		}
 		return ""
 	}
-	identityTokenFlag := flagChecker([]bool{opts.identityToken != "", opts.IdentityTokenFromStdin},
+	identityTokenFlag := flagChecker([]bool{cmd.Flags().Changed(identityTokenFlag), cmd.Flags().Changed(identityTokenFromStdinFlag)},
 		[]string{opts.flagPrefix + identityTokenFlag, identityTokenFromStdinFlag})
-	basicAuthFlag := flagChecker([]bool{opts.Username != "", opts.Password != "", opts.PasswordFromStdin},
+	basicAuthFlag := flagChecker([]bool{cmd.Flags().Changed(usernameFlag), cmd.Flags().Changed(passwordFlag), cmd.Flags().Changed(passwordFromStdinFlag)},
 		[]string{opts.flagPrefix + usernameFlag, opts.flagPrefix + passwordFlag, passwordFromStdinFlag})
 
 	if identityTokenFlag != "" && basicAuthFlag != "" {
@@ -162,18 +160,17 @@ func (opts *Remote) Parse(*cobra.Command) error {
 	if err := opts.parseCustomHeaders(); err != nil {
 		return err
 	}
-	return opts.readPasswordOrIdentityToken()
+	return opts.readPasswordOrIdentityToken(cmd)
 }
 
 // readPasswordOrIdentityToken tries to read password or identity token with
 // optional cmd prompt.
-func (opts *Remote) readPasswordOrIdentityToken() (err error) {
-	if opts.identityToken != "" {
+func (opts *Remote) readPasswordOrIdentityToken(cmd *cobra.Command) (err error) {
+	if cmd.Flags().Changed(identityTokenFlag) {
 		fmt.Fprintln(os.Stderr, "WARNING! Using --identity-token via the CLI is insecure. Use --identity-token-stdin.")
-		opts.Password = opts.identityToken
-	} else if opts.Password != "" {
+	} else if cmd.Flags().Changed(passwordFlag) {
 		fmt.Fprintln(os.Stderr, "WARNING! Using --password via the CLI is insecure. Use --password-stdin.")
-	} else if opts.PasswordFromStdin || opts.IdentityTokenFromStdin {
+	} else if cmd.Flags().Changed(passwordFromStdinFlag) || cmd.Flags().Changed(identityTokenFromStdinFlag) {
 		// Prompt for credential
 		password, err := io.ReadAll(os.Stdin)
 		if err != nil {

cmd/oras/root/blob/push.go

@@ -80,7 +80,7 @@ Example - Push blob 'hi.txt' into an OCI image layout folder 'layout-dir':
 			opts.RawReference = args[0]
 			opts.fileRef = args[1]
 			if opts.fileRef == "-" {
-				if err := opts.CheckStdinConflict(); err != nil {
+				if err := opts.CheckStdinConflict(cmd); err != nil {
 					return err
 				}
 				if opts.size < 0 {

cmd/oras/root/manifest/push.go

@@ -87,7 +87,7 @@ Example - Push a manifest to an OCI image layout folder 'layout-dir' and tag wit
 		PreRunE: func(cmd *cobra.Command, args []string) error {
 			opts.fileRef = args[1]
 			if opts.fileRef == "-" {
-				if err := opts.CheckStdinConflict(); err != nil {
+				if err := opts.CheckStdinConflict(cmd); err != nil {
 					return err
 				}
 			}