docker_registry2 icon indicating copy to clipboard operation
docker_registry2 copied to clipboard
verified publisher icon deitch

Throw AuthorizationError when the request ends up with a 401 status code

Open Slokilla opened this issue 1 year ago • 2 comments

Quoting the readme :

RegistryAuthenticationException: username/password combination is invalid RegistryAuthorizationException: username/password does not have sufficient rights to access this registry

I don't see any use of RegistryAuthorizationException. My guess is that on both 401 and 403, a RegistryAuthenticationException is thrown.

If I'm right, we should raise the right exception in a 401 context, or delete the exception from the expection classes.

Slokilla avatar Mar 29 '24 13:03 Slokilla

You are right. We capture both 401 and 403 for bearer authentication here and return RegistryAuthenticationException; this probably should be split. We only capture 401 for do_bearer_req here, which should also capture 403 correctly. Same for do_basic_req here.

Solution:

  • split 403 from 401 for authenticate_bearer
  • capture 403 and raise it for do_bearer_req and do_basic_req

And probably should update from rest-client 1.8.0 to 2.1.0 while we are at it, which may require some minor changes there.

Want to submit a PR?

deitch avatar Apr 01 '24 07:04 deitch

Ok I can take a look.

To make PRs meaningful, I intend to create two of them :

  • One for the 401/403 issue,
  • The other for rest-client update.

Slokilla avatar Apr 02 '24 08:04 Slokilla