Fix: bad request will remove header and retry login

tico88612 · tico88612 · commit 1ce6c9d39aa0 · 2025-11-22T16:09:52.000+08:00
If AWS ECR returns a bad request on /v2/ with basic auth and provides no
www-authenticate information.
Retry the request after removing the Authorization header.

Signed-off-by: ChengHao Yang &lt;17496418+tico88612@users.noreply.github.com&gt;
diff --git a/Sources/ContainerizationOCI/Client/RegistryClient.swift b/Sources/ContainerizationOCI/Client/RegistryClient.swift
@@ -205,6 +205,12 @@ public final class RegistryClient: ContentClient {
 
                     continue
                 }
+                else if _response.status == .badRequest && request.headers.contains(name: "Authorization") {
+                    // Retry without basic auth
+                    request.headers.remove(name: "Authorization")
+                    retryCount += 1
+                    continue
+                }
                 guard let retryOptions = self.retryOptions else {
                     break
                 }

Original file line number	Diff line number	Diff line change
`@@ -205,6 +205,12 @@ public final class RegistryClient: ContentClient {`
`205`	`205`
`206`	`206`	`continue`
`207`	`207`	`}`
	`208`	`+ else if _response.status == .badRequest && request.headers.contains(name: "Authorization") {`
	`209`	`+ // Retry without basic auth`
	`210`	`+ request.headers.remove(name: "Authorization")`
	`211`	`+ retryCount += 1`
	`212`	`+ continue`
	`213`	`+ }`
`208`	`214`	`guard let retryOptions = self.retryOptions else {`
`209`	`215`	`break`
`210`	`216`	`}`