use post token

0fec3525 · Michael Yang · 41ba3017 · 0fec3525 · 0fec3525
Commit 0fec3525 authored May 11, 2024 by Michael Yang
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 4 deletions

app/lifecycle/updater.go app/lifecycle/updater.go +2 -2

server/auth.go server/auth.go +2 -2

No files found.
--- a/app/lifecycle/updater.go
+++ b/app/lifecycle/updater.go
@@ -56,13 +56,13 @@ func IsNewReleaseAvailable(ctx context.Context) (bool, UpdateResponse) {
 	query.Add("nonce", nonce)
 	requestURL.RawQuery = query.Encode()
-	data := []byte(fmt.Sprintf("%s,%s", http.MethodGet, requestURL.RequestURI()))
+	data := []byte(fmt.Sprintf("%s,%s", http.MethodPost, requestURL.RequestURI()))
 	signature, err := auth.Sign(ctx, data)
 	if err != nil {
 		return false, updateResp
 	}
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, requestURL.String(), nil)
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, requestURL.String(), nil)
 	if err != nil {
 		slog.Warn(fmt.Sprintf("failed to check for update: %s", err))
 		return false, updateResp

--- a/server/auth.go
+++ b/server/auth.go
@@ -57,7 +57,7 @@ func getAuthorizationToken(ctx context.Context, challenge registryChallenge) (st
 	}
 	sha256sum := sha256.Sum256(nil)
-	data := []byte(fmt.Sprintf("%s,%s,%s", http.MethodGet, redirectURL.String(), base64.StdEncoding.EncodeToString([]byte(hex.EncodeToString(sha256sum[:])))))
+	data := []byte(fmt.Sprintf("%s,%s,%s", http.MethodPost, redirectURL.String(), base64.StdEncoding.EncodeToString([]byte(hex.EncodeToString(sha256sum[:])))))
 	headers := make(http.Header)
 	signature, err := auth.Sign(ctx, data)
@@ -67,7 +67,7 @@ func getAuthorizationToken(ctx context.Context, challenge registryChallenge) (st
 	headers.Add("Authorization", signature)
-	response, err := makeRequest(ctx, http.MethodGet, redirectURL, headers, nil, nil)
+	response, err := makeRequest(ctx, http.MethodPost, redirectURL, headers, nil, nil)
 	if err != nil {
 		return "", err
 	}