Fix: bad request will remove header and retry login

tico88612 · tico88612 · commit 0d9c9913d2bd · 2026-01-18T23:27:06.000+08:00
If you're requesting on /v2/ with basic auth, AWS ECR will return 400 Bad Request and won't provide www-authenticate information.
Retry the request after removing the Authorization header.

Signed-off-by: ChengHao Yang &lt;17496418+tico88612@users.noreply.github.com&gt;
diff --git a/Sources/ContainerizationOCI/Client/RegistryClient.swift b/Sources/ContainerizationOCI/Client/RegistryClient.swift
@@ -210,6 +210,11 @@ public final class RegistryClient: ContentClient {
                         throw err
                     }
 
+                    continue
+                } else if _response.status == .badRequest && request.headers.contains(name: "Authorization") {
+                    // Retry without basic auth
+                    request.headers.remove(name: "Authorization")
+                    retryCount += 1
                     continue
                 }
                 guard let retryOptions = self.retryOptions else {

Original file line number	Diff line number	Diff line change
`@@ -210,6 +210,11 @@ public final class RegistryClient: ContentClient {`
`210`	`210`	`throw err`
`211`	`211`	`}`
`212`	`212`
	`213`	`+ continue`
	`214`	`+ } else if _response.status == .badRequest && request.headers.contains(name: "Authorization") {`
	`215`	`+ // Retry without basic auth`
	`216`	`+ request.headers.remove(name: "Authorization")`
	`217`	`+ retryCount += 1`
`213`	`218`	`continue`
`214`	`219`	`}`
`215`	`220`	`guard let retryOptions = self.retryOptions else {`