From 009ac8cdd0d445159ed30da12885ee7eaa8c171a Mon Sep 17 00:00:00 2001
From: Aaron <aaron@pikit.local>
Date: Sun, 14 Dec 2025 17:37:35 -0500
Subject: [PATCH] Retry manifest fetch with access_token on 404 when token
 present

---
 pikit_api/releases.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/pikit_api/releases.py b/pikit_api/releases.py
index db6e8ad..ad08392 100644
--- a/pikit_api/releases.py
+++ b/pikit_api/releases.py
@@ -119,6 +119,17 @@ def fetch_manifest(url: str | None = None):
         data = resp.read()
         return json.loads(data.decode())
     except urllib.error.HTTPError as e:
+        # If raw URL is protected, retry with access_token query param
+        if e.code == 404 and token and "access_token=" not in target:
+            try:
+                sep = "&" if "?" in target else "?"
+                retry_url = f"{target}{sep}access_token={token}"
+                req = urllib.request.Request(retry_url)
+                resp = urllib.request.urlopen(req, timeout=10)
+                data = resp.read()
+                return json.loads(data.decode())
+            except Exception:
+                pass
         if e.code == 404:
             alt = _gitea_latest_manifest(target)
             if alt: