From 5bbd9de29a8c5f7ea9c83692ad2939b4efa5f65e Mon Sep 17 00:00:00 2001
From: Lubos Mjachky <lmjachky@redhat.com>
Date: Tue, 30 Apr 2024 14:31:13 +0200
Subject: [PATCH] Add a check for anonymous requests

closes #1605

(cherry picked from commit b4c550ead0cb522760c45732771e7a931ad5b444)
---
 pulp_container/app/token_verification.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pulp_container/app/token_verification.py b/pulp_container/app/token_verification.py
index 119a61f26..5e04fb2a6 100644
--- a/pulp_container/app/token_verification.py
+++ b/pulp_container/app/token_verification.py
@@ -74,6 +74,9 @@ def authenticate(self, request):
 
         If basic authentication could not success, remote webserver authentication is considered.
         """
+        if request.headers.get("Authorization") == "Basic Og==":
+            return (AnonymousUser, None)
+
         try:
             user = super().authenticate(request)
         except AuthenticationFailed: