Authorized access to registry with bearer token ends with 401 code (OD-2575)

I'm trying to set up cup with onedev's container registry. But cannot make it work with authorization. I tried to test the endpoint manually and I also get 401 response:

> curl -v -H "Authorization: Bearer TOKEN" https://onedev.tld/v2/project/project/tags/list
< HTTP/1.1 401 Unauthorized

TOKEN has "package reader" permissions to "project".

Tried to search for some help in docs, but haven't found anything.

Activities

Robin Shen commented 4 months ago

Please check server url property in Administration / System Settings to make sure it is set to https://onedev.tld
Tomasz Machalski commented 4 months ago

Yes, it is set exactly as you suggested.
Robin Shen commented 4 months ago

The bearer token authentication has a bug that it requires a user name. Use the form Authorization: Bearer <login name>:TOKEN instead. Also the url to pull/push container image should be of the form onedev.tld/<project path>/<repository>. Here <repository> is name of the repository under the project (OneDev will create it if not exist)
Robin Shen commented 4 months ago

The bearer token authentication has a bug that it requires a user name

This turns out not a bug. User name will always be present for docker login. The actual issue might be that you are missing the repository part when pull/push the image.
Tomasz Machalski commented 4 months ago

Ok. Thank you for the explanation. Curl command works now for me. Cup does not, but it seems to be a problem on their side, not OneDev's.
Robin Shen changed state to 'Closed' 4 months ago
Previous Value Current Value
Open

Closed
Login to comment

Previous Value	Current Value
Open	Closed

Type	Question
Priority	Normal
Assignee	Robin Shen
Labels	No labels

Issue Votes (0)

Watchers (2)

Reference

OD-2575