Fix: bad request will remove header and retry login

tico88612 · tico88612 · commit 51ebf500fff1 · 2025-11-22T21:18:20.000+08:00
If you're requesting on /v2/ with basic auth, AWS ECR will return 400 Bad Request and won't provide www-authenticate information.
Retry the request after removing the Authorization header.

Signed-off-by: ChengHao Yang &lt;17496418+tico88612@users.noreply.github.com&gt;
diff --git a/Sources/ContainerizationOCI/Client/RegistryClient.swift b/Sources/ContainerizationOCI/Client/RegistryClient.swift
@@ -203,6 +203,11 @@ public final class RegistryClient: ContentClient {
                         throw err
                     }
 
+                    continue
+                } else if _response.status == .badRequest && request.headers.contains(name: "Authorization") {
+                    // Retry without basic auth
+                    request.headers.remove(name: "Authorization")
+                    retryCount += 1
                     continue
                 }
                 guard let retryOptions = self.retryOptions else {

Original file line number	Diff line number	Diff line change
`@@ -203,6 +203,11 @@ public final class RegistryClient: ContentClient {`
`203`	`203`	`throw err`
`204`	`204`	`}`
`205`	`205`
	`206`	`+ continue`
	`207`	`+ } else if _response.status == .badRequest && request.headers.contains(name: "Authorization") {`
	`208`	`+ // Retry without basic auth`
	`209`	`+ request.headers.remove(name: "Authorization")`
	`210`	`+ retryCount += 1`
`206`	`211`	`continue`
`207`	`212`	`}`
`208`	`213`	`guard let retryOptions = self.retryOptions else {`