Use serveral URLCredentials for different protection spaces #3407
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
👍🏼 |
|
Thanks for the PR! Sorry for the delay but this will need testing before it can be merged, which may require some updates to our test server, Firewalk. Can you outline the use cases this supports? What combinations of credentials have you used in the past? |
|
For me the need was that my server uses a client certificate to authorise the user. The server tunnels https requests and if there is a basic auth on the tunnelled page, it was not possible to add these two (client certificate and basic auth) URLCredential to the request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Goals ⚽
I have some calls that are protected by more than one authentication challenge. At my example I have a client certificate and a http basic auth. The goal is to add the possibility to add several URLCredential objects depending on the authenticationMethod of the protectionSpace.
Implementation Details 🚧
I added the dictionary credentialsByAuthenticationMethod to the mutableState of a Request. This can hold a URLCredential for each authenticationMethod. In Session.credential I look first if a specific URLCredential is available in credentialsByAuthenticationMethod. If not, I fallback to the existing behaviour.
Testing Details 🔍
None.