From 200a74f72101a4db6aac6ff7a6a80f30418a159d Mon Sep 17 00:00:00 2001
From: zokerzhou <zokerzhou@tencent.com>
Date: Fri, 21 Jan 2022 13:20:40 +0800
Subject: [PATCH] server: fixed auth header when get object with a 301 redirect

---
 server/server.go | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/server/server.go b/server/server.go
index 90f15bd..0a4c49f 100644
--- a/server/server.go
+++ b/server/server.go
@@ -423,6 +423,21 @@ func (s *Server) fetch(w io.Writer, oid, url string, size int, header http.Heade
 	}
 
 	req.Header = header
+
+	// Github put the AuthInfo in url params, so there is no problem when redirect like 301
+	// But in some other case, AuthInfo send in Header, we need to remain Header when there is a redirect
+	s.client = &http.Client{
+		CheckRedirect: func(req *http.Request, via []*http.Request) error {
+			// remain default policy
+			if len(via) >= 10 {
+				return errors.New("stopped after 10 redirects")
+			}
+
+			// remain header
+			req.Header = header
+			return nil
+		}}
+
 	resp, err := s.client.Do(req)
 	if err != nil {
 		return err