diff options
author | Alexander Larsson <alexl@redhat.com> | 2020-08-13 13:55:29 +0200 |
---|---|---|
committer | Alexander Larsson <alexander.larsson@gmail.com> | 2020-08-20 16:44:56 +0200 |
commit | 09d57249f4a7a167c98eb7d6b5a677867bc2a435 (patch) | |
tree | 2002d4b442c7521b339ce56b7afd83cb5a4c884f /oci-authenticator | |
parent | 83f11317e6a9b6aec02a5a9f2d9c1f1df7d68f1d (diff) | |
download | flatpak-09d57249f4a7a167c98eb7d6b5a677867bc2a435.tar.gz |
oci-auth: Don't ask for authentication if anon auth fails with weird error
If the initial anonymous fails for any other reason than "not authorized"
we immediately fail the operation instead of asking for user/password.
The later is creating a very bad UX in case of e.g. networking or
infrastructure issues, as described in #3753.
Diffstat (limited to 'oci-authenticator')
-rw-r--r-- | oci-authenticator/flatpak-oci-authenticator.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/oci-authenticator/flatpak-oci-authenticator.c b/oci-authenticator/flatpak-oci-authenticator.c index f970f983..14654174 100644 --- a/oci-authenticator/flatpak-oci-authenticator.c +++ b/oci-authenticator/flatpak-oci-authenticator.c @@ -525,8 +525,21 @@ handle_request_ref_tokens (FlatpakAuthenticator *f_authenticator, have_auth = TRUE; else { - g_debug ("Anonymous authentication failed: %s", error->message); - g_clear_error (&error); + if (g_error_matches (error, FLATPAK_ERROR, FLATPAK_ERROR_NOT_AUTHORIZED)) + { + g_debug ("Anonymous authentication failed: %s", error->message); + g_clear_error (&error); + + /* Continue trying with authentication below */ + } + else + { + /* We failed with some weird reason (network issue maybe?) and it is unlikely + * that adding some authentication will fix it. It will just cause a bad UX like + * described in #3753, so just return the error early. + */ + return error_request (request, sender, error); + } } } |