From d07b7a399c5f980610329315755a2045a49f6709 Mon Sep 17 00:00:00 2001 From: Moses Hassan Date: Sat, 27 Jul 2019 12:25:55 +0700 Subject: [PATCH 1/4] Fix - Send authorization when index_url contains single credential --- src/pip/_internal/download.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py index 8715eb5b19d..5965b7c4251 100644 --- a/src/pip/_internal/download.py +++ b/src/pip/_internal/download.py @@ -295,7 +295,7 @@ def _get_new_credentials(self, original_url, allow_netrc=True, logger.debug("Found credentials in keyring for %s", netloc) return kr_auth - return None, None + return username, password def _get_url_and_credentials(self, original_url): """Return the credentials to use for the provided URL. @@ -314,11 +314,11 @@ def _get_url_and_credentials(self, original_url): # If nothing cached, acquire new credentials without prompting # the user (e.g. from netrc, keyring, or similar). - if username is None or password is None: + if username is None and password is None: username, password = self._get_new_credentials(original_url) - if username is not None and password is not None: - # Store the username and password + if username is not None or password is not None: + # Store any acquired credentials self.passwords[netloc] = (username, password) return url, username, password @@ -330,7 +330,7 @@ def __call__(self, req): # Set the url of the request to the url without any credentials req.url = url - if username is not None and password is not None: + if username is not None or password is not None: # Send the basic auth with this request req = HTTPBasicAuth(username, password)(req) From 2cd6f7af51fcdbd29934e1446b3760c97bbae67f Mon Sep 17 00:00:00 2001 From: Moses Hassan Date: Sat, 27 Jul 2019 13:50:57 +0700 Subject: [PATCH 2/4] Add news entry for bugfix --- news/6795.bugfix | 1 + 1 file changed, 1 insertion(+) create mode 100644 news/6795.bugfix diff --git a/news/6795.bugfix b/news/6795.bugfix new file mode 100644 index 00000000000..5fb39c49e28 --- /dev/null +++ b/news/6795.bugfix @@ -0,0 +1 @@ +Allow access to an index using a URL embedded token From 1fa49ef250607807bd9e97ec07b1c94d20353f2c Mon Sep 17 00:00:00 2001 From: Moses Hassan Date: Sun, 28 Jul 2019 00:15:45 +0700 Subject: [PATCH 3/4] Convert Nonetype arguments to string before calling HTTPBasicAuth This is for forward compatibility with requests 3.0.0 (see Line 28 in 2e51624) --- src/pip/_internal/download.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py index 5965b7c4251..83dcc43bc57 100644 --- a/src/pip/_internal/download.py +++ b/src/pip/_internal/download.py @@ -332,7 +332,7 @@ def __call__(self, req): if username is not None or password is not None: # Send the basic auth with this request - req = HTTPBasicAuth(username, password)(req) + req = HTTPBasicAuth(username or "", password or "")(req) # Avoid passing Nonetype # Attach a hook to handle 401 responses req.register_hook("response", self.handle_401) From f46b7bbdcad6a8b1cb0a5475828562fbdcce6924 Mon Sep 17 00:00:00 2001 From: Moses Hassan Date: Sun, 28 Jul 2019 00:45:48 +0700 Subject: [PATCH 4/4] Removed inline comment --- src/pip/_internal/download.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pip/_internal/download.py b/src/pip/_internal/download.py index 83dcc43bc57..6da6830b1a9 100644 --- a/src/pip/_internal/download.py +++ b/src/pip/_internal/download.py @@ -332,7 +332,7 @@ def __call__(self, req): if username is not None or password is not None: # Send the basic auth with this request - req = HTTPBasicAuth(username or "", password or "")(req) # Avoid passing Nonetype + req = HTTPBasicAuth(username or "", password or "")(req) # Attach a hook to handle 401 responses req.register_hook("response", self.handle_401)