From 2dcf321cff624d97cfd8bedb9a9dbf463a165566 Mon Sep 17 00:00:00 2001
From: tarilabs <matteo.mortari@gmail.com>
Date: Sat, 6 Jul 2024 22:11:28 +0200
Subject: [PATCH] core: use token in auth in subsequent requests

if a token was saved in auth,
it shall be used in subsequent requests.

This avoid a situation where:
to upload a blob, first is done anonymously, then
retry with token
then upload a manifest, avoid the attempt to upload
anonymously if a token was present in the previous
flow

Signed-off-by: tarilabs <matteo.mortari@gmail.com>
---
 oras/provider.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/oras/provider.py b/oras/provider.py
index 5049ada..308c878 100644
--- a/oras/provider.py
+++ b/oras/provider.py
@@ -927,7 +927,9 @@ def do_request(
         :param stream: stream the responses
         :type stream: bool
         """
-        # Make the request and return to calling function, unless requires auth
+        # Make the request and return to calling function, but attempt to use auth token if previously obtained
+        if isinstance(self.auth, oras.auth.TokenAuth):
+            headers.update(self.auth.get_auth_header())
         response = self.session.request(
             method,
             url,