diff --git a/routers/api/packages/container/container.go b/routers/api/packages/container/container.go index 6781f511c8..f79bea2c84 100644 --- a/routers/api/packages/container/container.go +++ b/routers/api/packages/container/container.go @@ -118,7 +118,8 @@ func apiErrorDefined(ctx *context.Context, err *container_service.NamedError) { func APIUnauthorizedError(ctx *context.Context) { // Do not include more than one challenge in the same header field. That breaks clients even though the HTTP RFC // allows it. - ctx.Resp.Header().Set("WWW-Authenticate", `Bearer realm="`+setting.AppURL+`v2/token",service="container_registry",scope="*"`) + ctx.Resp.Header().Add("WWW-Authenticate", `Bearer realm="`+setting.AppURL+`v2/token",service="container_registry",scope="*"`) + ctx.Resp.Header().Add("WWW-Authenticate", `Basic realm="Forgejo Container Registry"`) apiErrorDefined(ctx, container_service.ErrUnauthorized) } diff --git a/tests/integration/api_packages_container_cleanup_sha256_test.go b/tests/integration/api_packages_container_cleanup_sha256_test.go index 19b73f7698..50106e6834 100644 --- a/tests/integration/api_packages_container_cleanup_sha256_test.go +++ b/tests/integration/api_packages_container_cleanup_sha256_test.go @@ -63,7 +63,10 @@ func TestPackageContainerCleanupSHA256(t *testing.T) { Token string `json:"token"` } - authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`} + authenticate := []string{ + `Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`, + `Basic realm="Forgejo Container Registry"`, + } t.Run("User", func(t *testing.T) { req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL)) diff --git a/tests/integration/api_packages_container_test.go b/tests/integration/api_packages_container_test.go index 21420bb0d8..75b703941a 100644 --- a/tests/integration/api_packages_container_test.go +++ b/tests/integration/api_packages_container_test.go @@ -91,7 +91,10 @@ func TestPackageContainer(t *testing.T) { Token string `json:"token"` } - authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`} + authenticate := []string{ + `Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`, + `Basic realm="Forgejo Container Registry"`, + } t.Run("Anonymous", func(t *testing.T) { defer tests.PrintCurrentTest(t)()