diff --git a/routers/api/packages/container/container.go b/routers/api/packages/container/container.go index f79bea2c84..6781f511c8 100644 --- a/routers/api/packages/container/container.go +++ b/routers/api/packages/container/container.go @@ -118,8 +118,7 @@ func apiErrorDefined(ctx *context.Context, err *container_service.NamedError) { func APIUnauthorizedError(ctx *context.Context) { // Do not include more than one challenge in the same header field. That breaks clients even though the HTTP RFC // allows it. - ctx.Resp.Header().Add("WWW-Authenticate", `Bearer realm="`+setting.AppURL+`v2/token",service="container_registry",scope="*"`) - ctx.Resp.Header().Add("WWW-Authenticate", `Basic realm="Forgejo Container Registry"`) + ctx.Resp.Header().Set("WWW-Authenticate", `Bearer realm="`+setting.AppURL+`v2/token",service="container_registry",scope="*"`) apiErrorDefined(ctx, container_service.ErrUnauthorized) } diff --git a/tests/integration/api_packages_container_cleanup_sha256_test.go b/tests/integration/api_packages_container_cleanup_sha256_test.go index 50106e6834..19b73f7698 100644 --- a/tests/integration/api_packages_container_cleanup_sha256_test.go +++ b/tests/integration/api_packages_container_cleanup_sha256_test.go @@ -63,10 +63,7 @@ func TestPackageContainerCleanupSHA256(t *testing.T) { Token string `json:"token"` } - authenticate := []string{ - `Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`, - `Basic realm="Forgejo Container Registry"`, - } + authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`} t.Run("User", func(t *testing.T) { req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)) diff --git a/tests/integration/api_packages_container_test.go b/tests/integration/api_packages_container_test.go index 13ce7dc136..70e3f40d6c 100644 --- a/tests/integration/api_packages_container_test.go +++ b/tests/integration/api_packages_container_test.go @@ -91,10 +91,7 @@ func TestPackageContainer(t *testing.T) { Token string `json:"token"` } - authenticate := []string{ - `Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`, - `Basic realm="Forgejo Container Registry"`, - } + authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`} t.Run("Anonymous", func(t *testing.T) { defer tests.PrintCurrentTest(t)()