fix(auth): call 'load_configs()' to load auth infos from '.docker/config.json'.

- Enhance token request logging and authentication logic
- Update registry manifest retrieval to ensure proper authentication
- Improve error handling in authentication utils

Author: diverger

oras/auth/token.py

@@ -124,10 +124,14 @@ def request_token(self, h: auth_utils.authHeader) -> bool:
             logger.debug(f"Scope: {h.scope}")
             params["scope"] = h.scope
 
-        # Set Basic Auth to receive token
-        headers["Authorization"] = "Basic %s" % self._basic_auth
-
-        logger.debug(f"Requesting auth token for: {h}")
+        # Set Basic Auth to receive token, if available
+        if hasattr(self, "_basic_auth") and self._basic_auth:
+            headers["Authorization"] = "Basic %s" % self._basic_auth
+            logger.debug("Using Basic Auth for token request.")
+        else:
+            logger.debug("No Basic Auth available or configured for token request. Proceeding without Basic Auth header for token endpoint.")
+
+        logger.debug(f"Requesting auth token for: {h} with header keys: {list(headers.keys())}")
         authResponse = self.session.get(h.realm, headers=headers, params=params, verify=self._tls_verify)  # type: ignore
 
         if authResponse.status_code != 200:

oras/auth/utils.py

@@ -34,6 +34,7 @@ def load_configs(configs: Optional[List[str]] = None):
             continue
         cfg = oras.utils.read_json(config)
         auths.update(cfg.get("auths", {}))
+
     return auths
 
 

oras/provider.py

@@ -946,12 +946,17 @@ def get_manifest(
         :param allowed_media_type: one or more allowed media types
         :type allowed_media_type: str
         """
+        # Load authentication configs for the container's registry
+        # This ensures credentials are available for authenticated registries
+        self.auth.load_configs(container)
+
         if not allowed_media_type:
             allowed_media_type = [oras.defaults.default_manifest_media_type]
         headers = {"Accept": ";".join(allowed_media_type)}
 
         get_manifest = f"{self.prefix}://{container.manifest_url()}"  # type: ignore
         response = self.do_request(get_manifest, "GET", headers=headers)
+
         self._check_200_response(response)
         manifest = response.json()
         jsonschema.validate(manifest, schema=oras.schemas.manifest)