Revert "fix(registry): address anonymous pull issue"

Signed-off-by: Matt Farina <matt.farina@suse.com>
helm · Oct 25, 2023 · 992dc58 · 992dc58
1 parent 8fbbc86
commit 992dc58
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 67 deletions.
diff --git a/pkg/registry/client.go b/pkg/registry/client.go
@@ -105,7 +105,12 @@ func NewClient(options ...ClientOption) (*Client, error) {
 			if err != nil {
 				return nil, fmt.Errorf("unable to retrieve credentials: %w", err)
 			}
-			authHeader(username, password, &headers)
+			// A blank returned username and password value is a bearer token
+			if username == "" && password != "" {
+				headers.Set("Authorization", fmt.Sprintf("Bearer %s", password))
+			} else {
+				headers.Set("Authorization", fmt.Sprintf("Basic %s", basicAuth(username, password)))
+			}
 		}
 
 		opts := []auth.ResolverOption{auth.WithResolverHeaders(headers)}

diff --git a/pkg/registry/util.go b/pkg/registry/util.go
@@ -256,22 +256,3 @@ func basicAuth(username, password string) string {
 	auth := username + ":" + password
 	return base64.StdEncoding.EncodeToString([]byte(auth))
 }
-
-// authHeader generates an HTTP authorization header based on the provided
-// username and password and sets it in the provided HTTP headers pointer.
-//
-// If both username and password are empty, no header is set.
-// If only the password is provided, a "Bearer" token is created and set in
-// the Authorization header.
-// If both username and password are provided, a "Basic" authentication token
-// is created using the basicAuth function, and set in the Authorization header.
-func authHeader(username, password string, headers *http.Header) {
-	if username == "" && password == "" {
-		return
-	}
-	if username == "" {
-		headers.Set("Authorization", fmt.Sprintf("Bearer %s", password))
-		return
-	}
-	headers.Set("Authorization", fmt.Sprintf("Basic %s", basicAuth(username, password)))
-}
diff --git a/pkg/registry/util_test.go b/pkg/registry/util_test.go
@@ -17,7 +17,6 @@ limitations under the License.
 package registry // import "helm.sh/helm/v3/pkg/registry"
 
 import (
-	"net/http"
 	"reflect"
 	"testing"
 	"time"
@@ -267,49 +266,3 @@ func Test_basicAuth(t *testing.T) {
 		})
 	}
 }
-
-func Test_authHeader(t *testing.T) {
-	tests := []struct {
-		name           string
-		username       string
-		password       string
-		expectedHeader http.Header
-	}{
-		{
-			name:     "basic login header with username and password",
-			username: "admin",
-			password: "passw0rd",
-			expectedHeader: func() http.Header {
-				header := http.Header{}
-				header.Set("Authorization", "Basic YWRtaW46cGFzc3cwcmQ=")
-				return header
-			}(),
-		},
-		{
-			name:     "bearer login header with no username and password",
-			username: "",
-			password: "hunter2",
-			expectedHeader: func() http.Header {
-				header := http.Header{}
-				header.Set("Authorization", "Bearer hunter2")
-				return header
-			}(),
-		},
-		{
-			name:           "no change in header with neither username nor password",
-			username:       "",
-			password:       "",
-			expectedHeader: http.Header{},
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			got := &http.Header{}
-			authHeader(tt.username, tt.password, got)
-			if !reflect.DeepEqual(*got, tt.expectedHeader) {
-				t.Errorf("authHeader got %#v wanted %#v", *got, tt.expectedHeader)
-			}
-		})
-	}
-}