Kerberos support about requests HOT 21 CLOSED

I'm looking into adding this, thanks for the suggestion!

from requests.

Someone was working on this, but I haven't heard from him in a while.

I'd love to see a requests-kerberos module that provides the auth handler.

from requests.

Was there a published tree with a starting point for this? Else if it's free I may take a stab.

from requests.

Release v0.13.4 includes this (just add auth=requests.auth.HTTPKerberosAuth() to the keyword args to requests.get()) so perhaps this can be closed now...

from requests.

🍰

from requests.

Said code appears to have been ripped out in 377078b

from requests.

correct, there is now a requests-keroberos project which will contain this functionality

https://github.com/requests/requests-kerberos

from requests.

Which doesn't work, and when fixed will continue to rot when you change an interface.

Which isn't packaged by anyone and will be that much more effort to get into e.g. debian or ubuntu.

Security should never be a secondary feature that you have to go to extra lengths to enable.

from requests.

The interface will never change. It was removed because I cannot maintain it.

from requests.

(I apologize if this is coming across a bit confrontational, but I was unreasonably annoyed by the functionality I was wanting and expecting being removed in a commit labelled "hooks and such")

from requests.

refactors are brutal :)

from requests.

I say this about interfaces from the perspective of having made the code work again; some of the details of how the response hook is called appears to have changed since it was written.

I appreciate that this sort of thing is hard to maintain, but that's a reason to say "hey can someone write me a test" not quietly delete it in the apparent hope that nobody notices.

from requests.

this was not quietly removed, requests was basically fully rewritten and stripped down of everything unnccesary.

http://kennethreitz.org/exposures/announcing-requests-v1-0-0

from requests.

Oops, I completely failed to find that. I apologize for my implication.

Still, authentication methods ought to be core functionality and tested along with everything else; anything more complex than Basic is going to end up having to fiddle around behind the scenes.

from requests.

The authentication interface and mechanism is a first-class citizen. Basic and Digest is all that will be supported in core.

from requests.

"Security is hard, batteries not included"

from requests.

Pull request for requests_kerberos sent.

from requests.

@kcr: The biggest problem requests-kerberos has is a lack of tests. If you want to contribute a test suite (or even just a couple of tests), that will greatly improve our ability to keep it up to date. =)

from requests.

@Lukasa I suspect we'll be able to repurpose at least the setup parts of the Zephyr test suite we're working on over the next couple of weekends, we'll definitely be in touch about that :)

from requests.

@eichin, link for the curious?

from requests.

Also, can we move this over to requests/requests-kerberos#1?

from requests.