Skip to content

feat: also try to auth for config if server returns status 403 #12446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

feat: also try to auth for config if server returns status 403 #12446

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions src/cargo/sources/registry/http_remote.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,7 @@ enum StatusCode {
NotModified,
NotFound,
Unauthorized,
Forbidden,
}

/// Represents a complete [`Download`] from an HTTP request.
Expand Down Expand Up @@ -315,6 +316,7 @@ impl<'cfg> HttpRegistry<'cfg> {
200 => StatusCode::Success,
304 => StatusCode::NotModified,
401 => StatusCode::Unauthorized,
403 => StatusCode::Forbidden,
404 | 410 | 451 => StatusCode::NotFound,
_ => {
return Err(HttpNotSuccessful::new_from_handle(
Expand Down Expand Up @@ -546,7 +548,7 @@ impl<'cfg> RegistryData for HttpRegistry<'cfg> {
// The crate was not found or deleted from the registry.
return Poll::Ready(Ok(LoadResponse::NotFound));
}
StatusCode::Unauthorized
StatusCode::Unauthorized | StatusCode::Forbidden
if !self.auth_required
&& path == Path::new(RegistryConfig::NAME)
&& self.config.cli_unstable().registry_auth =>
Expand Down Expand Up @@ -576,7 +578,7 @@ impl<'cfg> RegistryData for HttpRegistry<'cfg> {
}
self.auth_error_headers = result.header_map.all;
}
StatusCode::Unauthorized => {
StatusCode::Unauthorized | StatusCode::Forbidden => {
let err = Err(HttpNotSuccessful {
code: 401,
body: result.data,
Expand Down
6 changes: 3 additions & 3 deletions src/doc/src/reference/unstable.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -967,9 +967,9 @@ To use this feature, the registry server must include `"auth-required": true` in
`config.json`, and you must pass the `-Z registry-auth` flag on the Cargo command line.

When using the sparse protocol, Cargo will attempt to fetch the `config.json` file before
fetching any other files. If the server responds with an HTTP 401, then Cargo will assume
that the registry requires authentication and re-attempt the request for `config.json`
with the authentication token included.
fetching any other files. If the server responds with an HTTP status code of 401 or 403,
then Cargo will assume that the registry requires authentication and re-attempt the
request for `config.json` with the authentication token included.

On authentication failure (or missing authentication token) the server MAY include a
`WWW-Authenticate` header with a `Cargo login_url` challenge to indicate where the user
Expand Down