Skip to content

Commit

Permalink
Fix an issue with auth header validation
Browse files Browse the repository at this point in the history
fixes: #1812
(cherry picked from commit 0921267)
  • Loading branch information
git-hyagi authored and patchback[bot] committed Nov 22, 2024
1 parent c62ebe8 commit 44d528f
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
2 changes: 2 additions & 0 deletions CHANGES/1812.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
Fixed a bug where the authentication scheme in the authorization header
was not being parsed correctly.
4 changes: 2 additions & 2 deletions pulp_container/app/downloaders.py
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ async def _run(self, handle_401=True, extra_data=None):
# Need to retry request
if handle_401 and e.status == 401 and response_auth_header is not None:
# check if bearer or basic
if "Bearer" in response_auth_header:
if "bearer" in response_auth_header.lower():
# Token has not been updated during request
if (
self.registry_auth["bearer"] is None
Expand All @@ -86,7 +86,7 @@ async def _run(self, handle_401=True, extra_data=None):
self.registry_auth["bearer"] = None
await self.update_token(response_auth_header, this_token, repo_name)
return await self._run(handle_401=False, extra_data=extra_data)
elif "Basic" in response_auth_header:
elif "basic" in response_auth_header.lower():
if self.remote.username:
basic = aiohttp.BasicAuth(self.remote.username, self.remote.password)
self.registry_auth["basic"] = basic.encode()
Expand Down

0 comments on commit 44d528f

Please sign in to comment.