Skip to content

Improve 'omni auth' request handling

This MR improves the 'omni auth' request handling, where all auth types are attempted at the same time, by refactoring to combine the auth handlers (subclasses of requests.AuthBase) as well as the Session mixins.

The exception to this is that, at least from lhodmt, SPNEGO (GSSAPI) auth negotiation doesn't work when the original request includes an Authorization header, since the response doesn't come back with a WWW-Authenticate: Negotiate header of its own, but that should be considered a 'feature' and not a 'bug' since that is (presumably) the designed response of the web server.

Merge request reports

Loading