Re: [meta-swupd][PATCH 1/1] bundles.py: allow username/password encoded in URLs

[Ingo Flaschberger <ingo.flaschberger@gmail.com>]

Dear Patrick,

this doesn't work:
      0162:    """
      0163:    parsed_url = urllib.parse.urlsplit(url)
      0164:    if parsed_url.username != None:
      0165:        # Use the netloc with just the hostname, without 
username/password.
  *** 0166:        parsed_url.netloc = parsed_url.hostname
      0167:        # The username/password are installed permanently in 
the urllib.request module
      0168:        # for future use with all URLs beneath url.
      0169:        manager = 
urllib.request.HTTPPasswordMgrWithDefaultRealm()
      0170:        manager.add_password(None, parsed_url, 
parsed_url.username, parsed_url.password)
Exception: AttributeError: can't set attribute


Using hostname as netloc will also remove an additional portnumber - 
could this be a problem?

Bye,
     Ingo


Am 20.12.2017 um 16:50 schrieb Patrick Ohly:
> Downloading content and version information via HTTP may need a
> username/password for basic authentication. To support this,
> SWUPD_VERSION_URL and SWUPD_CONTENT_URL can now contain URLs of the
> form http(s)://<user>:<password>@<host>/.
>
> Original patch from: Ingo Flaschberger <ingo.flaschberger@gmail.com>
>
> Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
> ---
>   lib/swupd/bundles.py | 26 ++++++++++++++++++++++++--
>   1 file changed, 24 insertions(+), 2 deletions(-)
>
> diff --git a/lib/swupd/bundles.py b/lib/swupd/bundles.py
> index e1eec5a..48c7455 100644
> --- a/lib/swupd/bundles.py
> +++ b/lib/swupd/bundles.py
> @@ -5,6 +5,7 @@ import subprocess
>   import shutil
>   import urllib.request
>   import urllib.error
> +import urllib.parse
>   from bb.utils import export_proxies
>   from oe.package_manager import RpmPM
>   from oe.package_manager import OpkgPM
> @@ -153,6 +154,27 @@ def copy_bundle_contents(d):
>       for bndl in bundles:
>           stage_empty_bundle(d, bndl)
>   
> +def handle_plain_auth(url):
> +    """
> +    Check for special urls with username/password (as in http://user:password@host/),
> +    extract those and install an auth handler which will provide them
> +    to the HTTP server when needed. Returns the URL that is to be instead of the original one.
> +    """
> +    parsed_url = urllib.parse.urlsplit(url)
> +    if parsed_url.username != None:
> +        # Use the netloc with just the hostname, without username/password.
> +        parsed_url.netloc = parsed_url.hostname
> +        # The username/password are installed permanently in the urllib.request module
> +        # for future use with all URLs beneath url.
> +        manager = urllib.request.HTTPPasswordMgrWithDefaultRealm()
> +        manager.add_password(None, parsed_url, parsed_url.username, parsed_url.password)
> +        authHandler = urllib.request.HTTPBasicAuthHandler(manager)
> +        opener = urllib.request.build_opener(authHandler)
> +        urllib.request.install_opener(opener)
> +        return urllib.parse.urlunsplit(new_source)
> +    else:
> +        return url
> +
>   def download_manifests(content_url, version, component, to_dir):
>       """
>       Download one manifest file and recursively all manifests referenced by it.
> @@ -204,8 +226,8 @@ def download_old_versions(d):
>       a normal build and thus is not on the critical path.
>       """
>   
> -    content_url = d.getVar('SWUPD_CONTENT_BUILD_URL', True)
> -    version_url = d.getVar('SWUPD_VERSION_BUILD_URL', True)
> +    content_url = handle_plain_auth(d.getVar('SWUPD_CONTENT_BUILD_URL', True))
> +    version_url = handle_plain_auth(d.getVar('SWUPD_VERSION_BUILD_URL', True))
>       current_format = int(d.getVar('SWUPD_FORMAT', True))
>       deploy_dir = d.getVar('DEPLOY_DIR_SWUPD', True)
>       www_dir = os.path.join(deploy_dir, 'www')