Improve 'omni auth' request handling
This MR improves the 'omni auth' request handling, where all auth types are attempted at the same time, by refactoring to combine the auth handlers (subclasses of requests.AuthBase
) as well as the Session
mixins.
The exception to this is that, at least from lhodmt
, SPNEGO (GSSAPI) auth negotiation doesn't work when the original request includes an Authorization
header, since the response doesn't come back with a WWW-Authenticate: Negotiate
header of its own, but that should be considered a 'feature' and not a 'bug' since that is (presumably) the designed response of the web server.