Revert "core: if 401 on 2nd attempt, avoid anon tokens"

This reverts commit 6e22667. Signed-off-by: tarilabs <[email protected]>
tarilabs · Sep 23, 2024 · 06f885b · 06f885b
1 parent 27ee4c4
commit 06f885b
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 25 deletions.
diff --git a/oras/auth/token.py b/oras/auth/token.py
@@ -44,7 +44,7 @@ def reset_basic_auth(self):
             self.set_header("Authorization", "Basic %s" % self._basic_auth)
 
     def authenticate_request(
-        self, original: requests.Response, headers: dict, refresh=False, skipAnonToken=False
+        self, original: requests.Response, headers: dict, refresh=False
     ):
         """
         Authenticate Request
@@ -72,20 +72,17 @@ def authenticate_request(
         h = auth_utils.parse_auth_header(authHeaderRaw)
 
         # First try to request an anonymous token
-        if not skipAnonToken:
-            logger.debug("No Authorization, requesting anonymous token")
-            anon_token = self.request_anonymous_token(h)
-            if anon_token:
-                logger.debug("Successfully obtained anonymous token!")
-                self.token = anon_token
-                headers["Authorization"] = "Bearer %s" % self.token
-                return headers, True
+        logger.debug("No Authorization, requesting anonymous token")
+        anon_token = self.request_anonymous_token(h)
+        if anon_token:
+            logger.debug("Successfully obtained anonymous token!")
+            self.token = anon_token
+            headers["Authorization"] = "Bearer %s" % self.token
+            return headers, True
 
         # Next try for logged in token
-        logger.debug("requesting auth token")
         token = self.request_token(h)
         if token:
-            logger.debug("Successfully obtained auth token!")
             self.token = token
             headers["Authorization"] = "Bearer %s" % self.token
             return headers, True

diff --git a/oras/provider.py b/oras/provider.py
@@ -1002,19 +1002,5 @@ def do_request(
                 stream=stream,
                 verify=self._tls_verify,
             )
-        # ...or attempt exchange anon token for auth token if 401
-        if response.status_code == 401:
-            headers, changed = self.auth.authenticate_request(
-                response, headers, refresh=True, skipAnonToken=True
-            )
-            response = self.session.request(
-                method,
-                url,
-                data=data,
-                json=json,
-                headers=headers,
-                stream=stream,
-                verify=self._tls_verify,
-            )
 
         return response