Add a check for anonymous requests

closes #1605 (cherry picked from commit b4c550e)
pulp · Jun 27, 2024 · 6176c5b · 6176c5b
1 parent 6a411a7
commit 6176c5b
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/CHANGES/1605.bugfix b/CHANGES/1605.bugfix
@@ -0,0 +1,2 @@
+Fixed a bug that caused the registry to not accept requests from anonymous users when token
+authentication was disabled.
diff --git a/pulp_container/app/token_verification.py b/pulp_container/app/token_verification.py
@@ -74,6 +74,9 @@ def authenticate(self, request):
 
         If basic authentication could not success, remote webserver authentication is considered.
         """
+        if request.headers.get("Authorization") == "Basic Og==":
+            return (AnonymousUser, None)
+
         try:
             user = super().authenticate(request)
         except AuthenticationFailed: