From 9f484a8a59a044cccd58d05a091cfb260c4d3ef3 Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Fri, 17 Jun 2016 17:58:30 +0200
Subject: [PATCH 1/7] remove namespace from action endpoints

---
 dockercloud/api/action.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dockercloud/api/action.py b/dockercloud/api/action.py
index 71a3ed8..214827f 100644
--- a/dockercloud/api/action.py
+++ b/dockercloud/api/action.py
@@ -6,6 +6,7 @@ from .base import Immutable, StreamingLog
 class Action(Immutable):
     subsystem = 'audit'
     endpoint = "/action"
+    namespaced = False
 
     @classmethod
     def _pk_key(cls):

From afe9a7dad5e9f23ba55ffa531f303c64107a0e5b Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Fri, 17 Jun 2016 18:01:53 +0200
Subject: [PATCH 2/7] bump version

---
 dockercloud/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dockercloud/__init__.py b/dockercloud/__init__.py
index 12bb373..087fa14 100644
--- a/dockercloud/__init__.py
+++ b/dockercloud/__init__.py
@@ -25,7 +25,7 @@ from dockercloud.api.utils import Utils
 from dockercloud.api.events import Events
 from dockercloud.api.nodeaz import AZ
 
-__version__ = '1.0.6'
+__version__ = '1.0.7'
 
 dockercloud_auth = os.environ.get('DOCKERCLOUD_AUTH')
 basic_auth = auth.load_from_file("~/.docker/config.json")

From f5c85f96f140343db7c163da312b56e952022c37 Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Thu, 4 Aug 2016 15:42:11 +0200
Subject: [PATCH 3/7] fix test

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index d20508e..1794fc6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,7 @@
 FROM python:2.7.11-alpine
 
+RUN apk update && apk add ca-certificates
+
 ADD . /sdk
 WORKDIR sdk
 RUN python setup.py install

From bc67aa43cbb5134f76cdca8416ae3e2b3f61e620 Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Thu, 4 Aug 2016 13:58:29 +0200
Subject: [PATCH 4/7] add support for credential-helpers

---
 dockercloud/api/auth.py | 26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/dockercloud/api/auth.py b/dockercloud/api/auth.py
index 5c44e9c..65d6668 100644
--- a/dockercloud/api/auth.py
+++ b/dockercloud/api/auth.py
@@ -3,12 +3,14 @@ from __future__ import absolute_import
 import base64
 import json
 import os
+import subprocess
 
 from requests.auth import HTTPBasicAuth
 
 import dockercloud
 from .http import send_request
 
+HUB_INDEX = "https://index.docker.io/v1/"
 
 def authenticate(username, password):
     verify_credential(username, password)
@@ -43,11 +45,29 @@ def load_from_file(f="~/.docker/config.json"):
     try:
         with open(os.path.expanduser(f)) as config_file:
             data = json.load(config_file)
-
-        return data.get("auths", {}).get("https://index.docker.io/v1/", {}).get("auth", None)
-    except Exception:
+    except:
         return None
 
+    creds_store = data.get("credsStore", None)
+    if creds_store:
+        try:
+            cmd = "docker-credential-" + creds_store
+            p = subprocess.Popen([cmd, 'get'], stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
+            out = p.communicate(input=HUB_INDEX)[0]
+        except:
+            raise dockercloud.AuthError('error getting credentials - err: exec: "%s": executable file not found in $PATH, out: ``' % cmd)
+
+        try:
+            credential = json.loads(out)
+            username = credential.get("Username")
+            password = credential.get("Secret")
+            return base64.b64encode("%s:%s" % (username, password))
+        except:
+            return None
+
+    else:
+        return data.get("auths", {}).get(HUB_INDEX, {}).get("auth", None)
+
 
 def get_auth_header():
     try:

From 06988c332b9fd4cf2413ad7cb90b5108fb7c5cde Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Fri, 5 Aug 2016 12:40:19 +0200
Subject: [PATCH 5/7] bump ver

---
 dockercloud/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dockercloud/__init__.py b/dockercloud/__init__.py
index 087fa14..85a5a80 100644
--- a/dockercloud/__init__.py
+++ b/dockercloud/__init__.py
@@ -25,7 +25,7 @@ from dockercloud.api.utils import Utils
 from dockercloud.api.events import Events
 from dockercloud.api.nodeaz import AZ
 
-__version__ = '1.0.7'
+__version__ = '1.0.8'
 
 dockercloud_auth = os.environ.get('DOCKERCLOUD_AUTH')
 basic_auth = auth.load_from_file("~/.docker/config.json")

From f78ac3a39909aec3c69419aadf82c1b528c4ee92 Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Tue, 29 Nov 2016 14:49:51 -0800
Subject: [PATCH 6/7] not permanently cache invalid auth header

---
 dockercloud/api/base.py   |  4 ----
 dockercloud/api/events.py | 11 +++++------
 2 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/dockercloud/api/base.py b/dockercloud/api/base.py
index e9feeed..f889f69 100644
--- a/dockercloud/api/base.py
+++ b/dockercloud/api/base.py
@@ -267,11 +267,7 @@ class Triggerable(BasicObject):
 
 class StreamingAPI(BasicObject):
     def __init__(self, url):
-        self._ws_init(url)
-
-    def _ws_init(self, url):
         self.url = url
-
         user_agent = 'python-dockercloud/%s' % dockercloud.__version__
         if dockercloud.user_agent:
             user_agent = "%s %s" % (dockercloud.user_agent, user_agent)
diff --git a/dockercloud/api/events.py b/dockercloud/api/events.py
index 06f989a..4440f72 100644
--- a/dockercloud/api/events.py
+++ b/dockercloud/api/events.py
@@ -21,8 +21,6 @@ class Events(StreamingAPI):
         else:
             url = "/".join([dockercloud.stream_host.rstrip("/"), "api", "audit", self._api_version,
                             endpoint.lstrip("/")])
-        self.invaid_auth_headers = set()
-        self.auth_error = ""
         super(self.__class__, self).__init__(url)
 
     def _on_message(self, ws, message):
@@ -39,15 +37,16 @@ class Events(StreamingAPI):
 
     def _on_error(self, ws, e):
         if isinstance(e, websocket._exceptions.WebSocketBadStatusException) and getattr(e, "status_code") == 401:
-            self.auth_error = "Not Authorized"
-            self.invaid_auth_headers.add(str(dockercloud.auth.get_auth_header()))
+            self.auth_error = True
 
         super(self.__class__, self)._on_error(ws, e)
 
     def run_forever(self, *args, **kwargs):
         while True:
-            if str(dockercloud.auth.get_auth_header()) in self.invaid_auth_headers:
-                raise AuthError(self.auth_error)
+            if self.auth_error:
+                self.auth_error = False
+                raise AuthError("Not Authorized")
+
             ws = websocket.WebSocketApp(self.url, header=self.header,
                                         on_open=self._on_open,
                                         on_message=self._on_message,

From e9658aae73be9e8d8a23e2d88f2da551cb293d41 Mon Sep 17 00:00:00 2001
From: tifayuki <tifayuki@gmail.com>
Date: Thu, 1 Dec 2016 13:51:32 -0800
Subject: [PATCH 7/7] bump version

---
 dockercloud/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dockercloud/__init__.py b/dockercloud/__init__.py
index 85a5a80..8bb6aa5 100644
--- a/dockercloud/__init__.py
+++ b/dockercloud/__init__.py
@@ -25,7 +25,7 @@ from dockercloud.api.utils import Utils
 from dockercloud.api.events import Events
 from dockercloud.api.nodeaz import AZ
 
-__version__ = '1.0.8'
+__version__ = '1.0.9'
 
 dockercloud_auth = os.environ.get('DOCKERCLOUD_AUTH')
 basic_auth = auth.load_from_file("~/.docker/config.json")