Moby: Cannot understand how to get image_id or other info form private repository

BUG REPORT INFORMATION

Description

We use docker private repository on docker hub, when have more the 10 images.

We want to get docker images info from docker hub for able to compare builded and currently presented images on docker hub.

I try to use curl for get auth token by running commands which i find in google.

It looks like:

UNAME="exampleuser"
UPASS="examplepass"
PRODUCT="examplecompany"
REPOSITORY="$PRODUCT"
SERVICE="exampleservice"

Im try to get tokens by following ways:

TOKEN=$(curl -u $UNAME:$UPASS "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPOSITORY:pull&account=$UNAME" | jq -r .token)

TOKEN=$(curl -u $UNAME:$UPASS "https://auth.docker.io/token?service=index.docker.io&scope=repository:$REPOSITORY:pull&account=$UNAME" | jq -r .token)

TOKEN=$(curl -u $UNAME:$UPASS "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPOSITORY:pull&account=$UNAME&offline_token=true" | jq -r .token)

TOKEN=$(curl -u $UNAME:$UPASS "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPOSITORY:$SERVICE:pull&account=$UNAME&offline_token=true" | jq -r .token)

TOKEN=$(curl -u $UNAME:$UPASS "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPOSITORY:$SERVICE&account=$UNAME&offline_token=true" | jq -r .token)

In all cases i get some token, the try to get manifest from my private repository, by following ways:

1.

REPO="$PRODUCT/$SERVICE"
TAG=latest
REGISTRY=https://registry-1.docker.io/v2

URI="$REGISTRY/$REPO/manifests/$TAG"
echo URI=$URI
MANIFEST="`curl -skL -o /dev/null -D- $URI`"
CHALLENGE="`grep "Www-Authenticate" <<<"$MANIFEST"`"
if [[ CHALLENGE ]]; then
    IFS=\" read _ REALM _ SERVICE _ SCOPE _ <<<"$CHALLENGE"
    echo REALM is $REALM
    echo SERVICE is $SERVICE
    echo SCOPE is $SCOPE
    TOKEN="`curl -skL "$REALM?service=$SERVICE&scope=$SCOPE"`"
    IFS=\" read _ _ _ TOKEN _ <<<"$TOKEN"
    echo TOKEN is $TOKEN
    MANIFEST="`curl -isk -X GET -H "Authorization: Bearer $TOKEN" $URI`"
    echo "RESPONSE is $MANIFEST"
fi

2.

curl -s -D - -H  "Authorization: Bearer ${TOKEN}" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" https://index.docker.io/v2/repositories/$PRODUCT/$SERVICE/manifests/latest

Always get

RESPONSE is HTTP/1.1 401 Unauthorized
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="examplecompany/exampleservice:pull",error="insufficient_scope"
Date: Wed, 15 Mar 2017 16:15:52 GMT
Content-Length: 155
Strict-Transport-Security: max-age=31536000

{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"repository","Class":"","Name":"examplecompany/exampleservice","Action":"pull"}]}]}

How to correct get all needed for me info from docker hub?

When i try to get tags via

REPO_LIST=$(curl -s -H "Authorization: JWT ${TOKEN}" https://hub.docker.com/v2/repositories/${PRODUCT}/?page_size=10000 | jq -r '.results|.[]|.name')

I no have a problems.

Also, i cannot find any work way for do what i want.

Steps to reproduce the issue:

1. Have a private images on hub.docker.com
2. Get Auth token
3. Try to get manifest info or other image info from hub.docker.com

Describe the results you received:

{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"repository","Class":"","Name":"examplecompany/exampleservice","Action":"pull"}]}]}

Describe the results you expected:

Json which contain information of currently presented on docker hub images.