Use URL-safe base64 encoding for auth

[robin-wayve]

What do these changes do?

Changes compose_auth_header to use base64.urlsafe_b64encode on the returned string. This aligns with how the Docker CLI encodes the same header.

Are there changes in behavior for the user?

This allows authentication to private registries where the contents of the auth would require substitutions as described here: https://docs.python.org/3/library/base64.html#base64.urlsafe_b64encode

Related issue number

Not from this project, but I figured out that I was running into the same issue described here: moby/moby#41570

Checklist

• I think the code is well written
• Unit tests for the changes exist
• Documentation reflects the changes
• If you provide code modification, please add yourself to CONTRIBUTORS.txt
  • The format is <Name> <Surname>.
  • Please keep alphabetical order, the file is sorted by names.
• Add a new news fragment into the changes folder
  • name it <issue_id>.<type> for example (588.bug)
  • if you don't have an issue_id change it to the pr id after creating the pr
  • ensure type is one of the following:
    • .feature: Signifying a new feature.
    • .bugfix: Signifying a bug fix.
    • .doc: Signifying a documentation improvement.
    • .removal: Signifying a deprecation or removal of public API.
    • .misc: A ticket has been closed, but it is not of interest to users.
  • Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."

[robin-wayve]

I don't know if I should make this more obvious somehow, but the - would be a + if this wasn't urlsafe_b64encode.

[robin-wayve]

@asvetlov do you have capacity to review / merge this?

[robin-wayve]

This can be re-opened if desired.

[dwo]

@achimnol @bdraco @asvetlov any interest in getting this merged? I can re-do the PR if anyone would like to get this fix in.

[asvetlov]

Yes, please