Fix an issue with auth header validation

fixes: #1812
pulp · Nov 22, 2024 · 0921267 · 0921267
1 parent c2352bf
commit 0921267
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/CHANGES/1812.bugfix b/CHANGES/1812.bugfix
@@ -0,0 +1,2 @@
+Fixed a bug where the authentication scheme in the authorization header
+was not being parsed correctly.
diff --git a/pulp_container/app/downloaders.py b/pulp_container/app/downloaders.py
@@ -84,7 +84,7 @@ async def _run(self, handle_401=True, extra_data=None):
                 # Need to retry request
                 if handle_401 and e.status == 401 and response_auth_header is not None:
                     # check if bearer or basic
-                    if "Bearer" in response_auth_header:
+                    if "bearer" in response_auth_header.lower():
                         # Token has not been updated during request
                         if (
                             self.registry_auth["bearer"] is None
@@ -93,7 +93,7 @@ async def _run(self, handle_401=True, extra_data=None):
                             self.registry_auth["bearer"] = None
                             await self.update_token(response_auth_header, this_token, repo_name)
                         return await self._run(handle_401=False, extra_data=extra_data)
-                    elif "Basic" in response_auth_header:
+                    elif "basic" in response_auth_header.lower():
                         if self.remote.username:
                             basic = aiohttp.BasicAuth(self.remote.username, self.remote.password)
                             self.registry_auth["basic"] = basic.encode()