Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix auth reset logic during redirects to different origin when _base_url set #8966

Merged
merged 4 commits into from
Sep 1, 2024
Merged

Fix auth reset logic during redirects to different origin when _base_url set #8966

merged 4 commits into from
Sep 1, 2024

Conversation

MaximZemskov
Copy link
Contributor

@MaximZemskov MaximZemskov commented Sep 1, 2024
edited
Loading

What do these changes do?

Do not set ClientSession’s auth during redirects to a different origin when _base_url is set.

Are there changes in behavior for the user?

It might affect users who expect ClientSession to retain auth during redirects to different origins.

Is it a substantial burden for the maintainers to support this?

No.

Related issue number

#6764
#8953

Checklist

  • I think the code is well written
  • Unit tests for the changes exist
  • Documentation reflects the changes
  • If you provide code modification, please add yourself to CONTRIBUTORS.txt
    • The format is <Name> <Surname>.
    • Please keep alphabetical order, the file is sorted by names.
  • Add a new news fragment into the CHANGES/ folder

    • name it <issue_or_pr_num>.<type>.rst (e.g. 588.bugfix.rst)

    • if you don't have an issue number, change it to the pull request
      number after creating the PR

      • .bugfix: A bug fix for something the maintainers deemed an
        improper undesired behavior that got corrected to match
        pre-agreed expectations.
      • .feature: A new behavior, public APIs. That sort of stuff.
      • .deprecation: A declaration of future API removals and breaking
        changes in behavior.
      • .breaking: When something public is removed in a breaking way.
        Could be deprecated in an earlier release.
      • .doc: Notable updates to the documentation structure or build
        process.
      • .packaging: Notes for downstreams about unobvious side effects
        and tooling. Changes in the test invocation considerations and
        runtime assumptions.
      • .contrib: Stuff that affects the contributor experience. e.g.
        Running tests, building the docs, setting up the development
        environment.
      • .misc: Changes that are hard to assign to any of the above
        categories.

    • Make sure to use full sentences with correct case and punctuation,
      for example:

      Fixed issue with non-ascii contents in doctest text files
-- by :user:`contributor-gh-handle`.

      Use the past tense or the present tense a non-imperative mood,
      referring to what's changed compared to the last released version
      of this project.

@codecov Codecov
Copy link

codecov bot commented Sep 1, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.28%. Comparing base (51fade1) to head (f854a30).
Report is 1066 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #8966   +/-   ##
=======================================
  Coverage   98.28%   98.28%           
=======================================
  Files         107      107           
  Lines       34219    34271   +52     
  Branches     4057     4059    +2     
=======================================
+ Hits        33631    33683   +52     
  Misses        415      415           
  Partials      173      173
Flag Coverage Δ
CI-GHA 98.17% <100.00%> (+<0.01%) ⬆️
OS-Linux 97.84% <100.00%> (+<0.01%) ⬆️
OS-Windows 96.24% <100.00%> (+<0.01%) ⬆️
OS-macOS 97.51% <100.00%> (+<0.01%) ⬆️
Py-3.10.11 97.61% <100.00%> (+<0.01%) ⬆️
Py-3.10.14 97.54% <100.00%> (+<0.01%) ⬆️
Py-3.11.9 97.77% <100.00%> (+<0.01%) ⬆️
Py-3.12.5 97.89% <100.00%> (+<0.01%) ⬆️
Py-3.9.13 97.50% <100.00%> (+<0.01%) ⬆️
Py-3.9.19 97.44% <100.00%> (+<0.01%) ⬆️
Py-pypy7.3.16 97.05% <100.00%> (+<0.01%) ⬆️
VM-macos 97.51% <100.00%> (+<0.01%) ⬆️
VM-ubuntu 97.84% <100.00%> (+<0.01%) ⬆️
VM-windows 96.24% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Dreamsorcerer
Dreamsorcerer reviewed Sep 1, 2024
View reviewed changes
aiohttp/client.py Outdated Show resolved Hide resolved
@Dreamsorcerer Dreamsorcerer added the backport-3.11 Trigger automatic backporting to the 3.11 release branch by Patchback robot label Sep 1, 2024
@Dreamsorcerer Dreamsorcerer added the bot:chronographer:skip This PR does not need to include a change note label Sep 1, 2024
@Dreamsorcerer Dreamsorcerer merged commit f569894 into aio-libs:master Sep 1, 2024
35 of 36 checks passed
@patchback Patchback
Copy link
Contributor

patchback bot commented Sep 1, 2024
edited
Loading

Backport to 3.11: 💚 backport PR created

✅ Backport PR branch: patchback/backports/3.11/f569894caa7cfbc2ec03fb5eed6021b9899dc4b4/pr-8966

Backported as #8976

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

patchback bot pushed a commit that referenced this pull request Sep 1, 2024
@MaximZemskov @patchback
Fix auth reset logic during redirects to different origin when _base_…
0451203 
…url set (#8966)

(cherry picked from commit f569894)
@patchback patchback bot mentioned this pull request Sep 1, 2024
Merged
5 tasks
Dreamsorcerer added a commit that referenced this pull request Sep 1, 2024
@patchback @MaximZemskov @Dreamsorcerer
[PR #8966/f569894c backport][3.11] Fix auth reset logic during redire…
be27f79 
…cts to different origin when _base_url set (#8976)

**This is a backport of PR #8966 as merged into master
(f569894).**

---------

Co-authored-by: Maxim Zemskov <[email protected]>
Co-authored-by: Sam Bull <[email protected]>
@booniepepper booniepepper mentioned this pull request Sep 3, 2024
Closed
5 tasks
bdraco
bdraco reviewed Oct 11, 2024
View reviewed changes
aiohttp/client.py
if auth is None:

if auth is None and (
not self._base_url or self._base_url.origin() == url.origin()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Calling .origin() is a bit expensive #7583 (comment)

We should probably cache self._base_url.origin() as self._base_url_origin` so we don't have to build it every time

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably could guard this with self._default_auth being set as well

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#9466

bdraco added a commit that referenced this pull request Oct 11, 2024
@bdraco
Improve performance of default auth
7ffe4ed 
followup to #8966
@bdraco bdraco mentioned this pull request Oct 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bdraco bdraco bdraco left review comments

@webknjaz webknjaz Awaiting requested review from webknjaz webknjaz is a code owner

@asvetlov asvetlov Awaiting requested review from asvetlov asvetlov is a code owner

@Dreamsorcerer Dreamsorcerer Awaiting requested review from Dreamsorcerer

Assignees
No one assigned
Labels
backport-3.11 Trigger automatic backporting to the 3.11 release branch by Patchback robot bot:chronographer:skip This PR does not need to include a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MaximZemskov @bdraco @Dreamsorcerer