Opened 4 weeks ago
Last modified 10 days ago
#19311 new bug
HTTP Basic authentication doesn't work
| Reported by: | pulkomandy | Owned by: | kallisti5 |
|---|---|---|---|
| Priority: | normal | Milestone: | Unscheduled |
| Component: | Website/Gerrit | Version: | R1/beta5 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
I'm trying to use gertty (TUI interface to Gerrit). It doesn't work with Haiku's Gerrit setup, it seems HTTP BASIC auth requests are not being accepted.
This is supposed to work with a dedicated password (not your SSO password) that you can generate from Gerrit settings.
Here is an example with a working server:
~> curl --basic --user pulkomandy" -v "https://pulkomandy.tk/gerrit/a/accounts/self"
* Connected to pulkomandy.tk (93.8.30.70) port 443
* using HTTP/2
* Server auth using Basic with user 'pulkomandy'
* [HTTP/2] [1] OPENED stream for https://pulkomandy.tk/gerrit/a/accounts/self
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: pulkomandy.tk]
* [HTTP/2] [1] [:path: /gerrit/a/accounts/self]
* [HTTP/2] [1] [authorization: Basic TOKEN_HERE]
* [HTTP/2] [1] [user-agent: curl/8.10.1]
* [HTTP/2] [1] [accept: */*]
> GET /gerrit/a/accounts/self HTTP/2
> Host: pulkomandy.tk
> Authorization: Basic TOKEN_HERE
> User-Agent: curl/8.10.1
> Accept: */*
>
* Request completely sent off
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/2 200
< date: Sat, 21 Dec 2024 14:10:51 GMT
< x-frame-options: DENY
< content-disposition: attachment
< x-content-type-options: nosniff
< cache-control: no-cache, no-store, max-age=0, must-revalidate
< pragma: no-cache
< expires: Mon, 01 Jan 1990 00:00:00 GMT
< content-type: application/json;charset=utf-8
< content-length: 729
< strict-transport-security: max-age=36000000
< accept-ranges: bytes
< server: lighttpd/1.4.76
<
)]}'
{"_account_id":1000001,"name":"Adrien Destugues","display_name":"PulkoMandy","email":"pulkomandy@gmail.com","username":"pulkomandy","avatars":[{"url":"https://www.gravatar.com/avatar/928004ca6ce20f6bc108490ea1e1757f.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d32","height":32},{"url":"https://www.gravatar.com/avatar/928004ca6ce20f6bc108490ea1e1757f.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d56","height":56},{"url":"https://www.gravatar.com/avatar/928004ca6ce20f6bc108490ea1e1757f.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d100","height":100},{"url":"https://www.gravatar.com/avatar/928004ca6ce20f6bc108490ea1e1757f.jpg?d\u003didenticon\u0026r\u003dpg\u0026s\u003d120","height":120}],"status":"I run this."}
* Connection #0 to host pulkomandy.tk left intact
A similar request to Haiku's Gerrit replies with an error 403 and body just saying "Forbidden". I note that if using an invalid login or password, it says "Unauthorized" instead. So, it seems the basic authentication is working, but then the response can't be sent?
Having this API working properly would allow to use gertty and also develop a native Haiku code review tool.
Note:
See TracTickets
for help on using tickets.
I found a similar issue today which may or may not be related to this. I always pushed my changes over HTTPS using the password I generated at https://review.haiku-os.org/settings/#HTTPCredentials and that worked fine in the past, but today it doesn't anymore. Gerrit instantly responds with "Authentication failed" but I'm sure that the password was correct, as I copy&paste it from a file. I also tried generating a new password, yet I still get "Authentication failed". I switched to SSH and an SSH Key now and that still works, but I find HTTPS easier/more convenient so it would be nice to have that working again.