From d17c64592731f12581ca16a31b5dee9a28406ad1 Mon Sep 17 00:00:00 2001
From: Catherine <whitequark@whitequark.org>
Date: Wed, 22 Apr 2026 01:36:25 +0000
Subject: [PATCH] Improve forge authorization error message for invalid tokens.

Before:

    - not authorized by forge (wildcard)
      - cannot check repository permissions: GET https://codeberg.org/api/v1/repos/whitequark/whitequark.codeberg.page returned 401 Unauthorized

After:

    - not authorized by forge (wildcard)
      - no access to whitequark/whitequark.codeberg.page or invalid token
---
 src/auth.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/auth.go b/src/auth.go
index 2c7e7f7..58d60a4 100644
--- a/src/auth.go
+++ b/src/auth.go
@@ -578,6 +578,11 @@ func checkGogsRepositoryPushPermission(baseURL *url.URL, authorization string) e
 			http.StatusNotFound,
 			fmt.Sprintf("no repository %s", ownerAndRepo),
 		}
+	} else if response.StatusCode == http.StatusUnauthorized {
+		return AuthError{
+			http.StatusUnauthorized,
+			fmt.Sprintf("no access to %s or invalid token", ownerAndRepo),
+		}
 	} else if response.StatusCode != http.StatusOK {
 		return AuthError{
 			http.StatusServiceUnavailable,