Throw AuthorizationError when the request ends up with a 401 status code

[Slokilla]

Quoting the readme :

RegistryAuthenticationException: username/password combination is invalid
RegistryAuthorizationException: username/password does not have sufficient rights to access this registry

I don't see any use of RegistryAuthorizationException. My guess is that on both 401 and 403, a RegistryAuthenticationException is thrown.

If I'm right, we should raise the right exception in a 401 context, or delete the exception from the expection classes.

[deitch]

You are right. We capture both 401 and 403 for bearer authentication here and return RegistryAuthenticationException; this probably should be split. We only capture 401 for do_bearer_req here, which should also capture 403 correctly. Same for do_basic_req here.

Solution:

• split 403 from 401 for authenticate_bearer
• capture 403 and raise it for do_bearer_req and do_basic_req

And probably should update from rest-client 1.8.0 to 2.1.0 while we are at it, which may require some minor changes there.

Want to submit a PR?

[Slokilla]

Ok I can take a look.

To make PRs meaningful, I intend to create two of them :

• One for the 401/403 issue,
• The other for rest-client update.