)]}'
{"ironic/api/app.py":[{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":108,"context_line":"    elif CONF.auth_strategy \u003d\u003d \"basic\":"},{"line_number":109,"context_line":"        app \u003d auth_public_routes.AuthPublicRoutes("},{"line_number":110,"context_line":"            app,"},{"line_number":111,"context_line":"            auth\u003dauth_basic.BasicAuthMiddleware("},{"line_number":112,"context_line":"                app, cfg.CONF.auth_basic_user_file),"},{"line_number":113,"context_line":"            public_api_routes\u003dpecan_config.app.acl_public_routes)"},{"line_number":114,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_c473b47f","line":111,"updated":"2020-05-13 15:32:31.000000000","message":"I assumed the goal of the parent refactoring was to use the same AuthPublicRoutes with different auth?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":108,"context_line":"    elif CONF.auth_strategy \u003d\u003d \"basic\":"},{"line_number":109,"context_line":"        app \u003d auth_public_routes.AuthPublicRoutes("},{"line_number":110,"context_line":"            app,"},{"line_number":111,"context_line":"            auth\u003dauth_basic.BasicAuthMiddleware("},{"line_number":112,"context_line":"                app, cfg.CONF.auth_basic_user_file),"},{"line_number":113,"context_line":"            public_api_routes\u003dpecan_config.app.acl_public_routes)"},{"line_number":114,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_50663b2b","line":111,"in_reply_to":"ff570b3c_c473b47f","updated":"2020-05-13 21:33:32.000000000","message":"Done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"}],"ironic/api/hooks.py":[{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":97,"context_line":"        ctx \u003d context.RequestContext.from_environ(state.request.environ,"},{"line_number":98,"context_line":"                                                  is_public_api\u003dis_public_api)"},{"line_number":99,"context_line":"        # Do not pass any token with context for noauth mode"},{"line_number":100,"context_line":"        if cfg.CONF.auth_strategy in (\u0027basic\u0027, \u0027noauth\u0027):"},{"line_number":101,"context_line":"            ctx.auth_token \u003d None"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"        creds \u003d ctx.to_policy_values()"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_645d88e8","line":100,"updated":"2020-05-13 15:32:31.000000000","message":"nit: !\u003d \u0027neutron\u0027?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":97,"context_line":"        ctx \u003d context.RequestContext.from_environ(state.request.environ,"},{"line_number":98,"context_line":"                                                  is_public_api\u003dis_public_api)"},{"line_number":99,"context_line":"        # Do not pass any token with context for noauth mode"},{"line_number":100,"context_line":"        if cfg.CONF.auth_strategy in (\u0027basic\u0027, \u0027noauth\u0027):"},{"line_number":101,"context_line":"            ctx.auth_token \u003d None"},{"line_number":102,"context_line":""},{"line_number":103,"context_line":"        creds \u003d ctx.to_policy_values()"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_30810791","line":100,"in_reply_to":"ff570b3c_645d88e8","updated":"2020-05-13 21:33:32.000000000","message":"!\u003d \u0027keystone\u0027, done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":23851,"name":"Riccardo Pittau","email":"elfosardo@gmail.com","username":"elfosardo"},"change_message_id":"0b37f866e673bdcd3622b15166fddc039d498d0f","unresolved":false,"context_lines":[{"line_number":96,"context_line":""},{"line_number":97,"context_line":"        ctx \u003d context.RequestContext.from_environ(state.request.environ,"},{"line_number":98,"context_line":"                                                  is_public_api\u003dis_public_api)"},{"line_number":99,"context_line":"        # Do not pass any token with context for noauth mode"},{"line_number":100,"context_line":"        if cfg.CONF.auth_strategy !\u003d \u0027keystone\u0027:"},{"line_number":101,"context_line":"            ctx.auth_token \u003d None"},{"line_number":102,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"ff570b3c_78d47a20","line":99,"range":{"start_line":99,"start_character":45,"end_line":99,"end_character":60},"updated":"2020-06-05 07:45:13.000000000","message":"nit: \"if auth mode is not keystone\"","commit_id":"c6112b01c38285bbad0e056700deaeaf291db1d4"}],"ironic/api/middleware/auth_basic.py":[{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":66,"context_line":"                if entry and entry.startswith(line_prefix):"},{"line_number":67,"context_line":"                    return auth_entry(entry, password)"},{"line_number":68,"context_line":"    except OSError as e:"},{"line_number":69,"context_line":"        LOG.exception(\u0027Problem reading auth user file: %s\u0027, e)"},{"line_number":70,"context_line":"    # reached end of file with no matches"},{"line_number":71,"context_line":"    unauthorized(_(\u0027Incorrect username or password\u0027))"},{"line_number":72,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_a445e017","line":69,"updated":"2020-05-13 15:32:31.000000000","message":"nit: no need to log the exception object when using LOG.exception","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":66,"context_line":"                if entry and entry.startswith(line_prefix):"},{"line_number":67,"context_line":"                    return auth_entry(entry, password)"},{"line_number":68,"context_line":"    except OSError as e:"},{"line_number":69,"context_line":"        LOG.exception(\u0027Problem reading auth user file: %s\u0027, e)"},{"line_number":70,"context_line":"    # reached end of file with no matches"},{"line_number":71,"context_line":"    unauthorized(_(\u0027Incorrect username or password\u0027))"},{"line_number":72,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_f05f8f3e","line":69,"in_reply_to":"ff570b3c_a445e017","updated":"2020-05-13 21:33:32.000000000","message":"Done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":85,"context_line":""},{"line_number":86,"context_line":"    if not crypted.startswith(b\u0027$2y$\u0027):"},{"line_number":87,"context_line":"        LOG.error(\u0027Only bcrypt digested passwords are supported for \u0027"},{"line_number":88,"context_line":"                  \u0027%(username)s\u0027, {\u0027username\u0027: username})"},{"line_number":89,"context_line":"        unauthorized(error_msg)"},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    if not bcrypt.checkpw(password, crypted):"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_0455acc6","line":88,"updated":"2020-05-13 15:32:31.000000000","message":"Can we somehow check the file on start-up to avoid failing requests?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":85,"context_line":""},{"line_number":86,"context_line":"    if not crypted.startswith(b\u0027$2y$\u0027):"},{"line_number":87,"context_line":"        LOG.error(\u0027Only bcrypt digested passwords are supported for \u0027"},{"line_number":88,"context_line":"                  \u0027%(username)s\u0027, {\u0027username\u0027: username})"},{"line_number":89,"context_line":"        unauthorized(error_msg)"},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    if not bcrypt.checkpw(password, crypted):"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_6ba1d0a9","line":88,"in_reply_to":"ff570b3c_0455acc6","updated":"2020-05-13 21:33:32.000000000","message":"I\u0027ll add a sanity check on the whole auth user file which is run when the middleware object is created","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":86,"context_line":"    if not crypted.startswith(b\u0027$2y$\u0027):"},{"line_number":87,"context_line":"        LOG.error(\u0027Only bcrypt digested passwords are supported for \u0027"},{"line_number":88,"context_line":"                  \u0027%(username)s\u0027, {\u0027username\u0027: username})"},{"line_number":89,"context_line":"        unauthorized(error_msg)"},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    if not bcrypt.checkpw(password, crypted):"},{"line_number":92,"context_line":"        unauthorized(error_msg)"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_e44fd831","line":89,"updated":"2020-05-13 15:32:31.000000000","message":"Internal server error","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":86,"context_line":"    if not crypted.startswith(b\u0027$2y$\u0027):"},{"line_number":87,"context_line":"        LOG.error(\u0027Only bcrypt digested passwords are supported for \u0027"},{"line_number":88,"context_line":"                  \u0027%(username)s\u0027, {\u0027username\u0027: username})"},{"line_number":89,"context_line":"        unauthorized(error_msg)"},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    if not bcrypt.checkpw(password, crypted):"},{"line_number":92,"context_line":"        unauthorized(error_msg)"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_4b87ac62","line":89,"in_reply_to":"ff570b3c_e44fd831","updated":"2020-05-13 21:33:32.000000000","message":"Done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":113,"context_line":"        return (str(username, encoding\u003d\u0027utf-8\u0027), password)"},{"line_number":114,"context_line":"    except (TypeError, UnicodeEncodeError, base64.binascii.Error,"},{"line_number":115,"context_line":"            ValueError, UnicodeDecodeError):"},{"line_number":116,"context_line":"        unauthorized(\u0027Could not decode authorization token\u0027)"},{"line_number":117,"context_line":""},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"def parse_header(env):"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_446044a6","line":116,"updated":"2020-05-13 15:32:31.000000000","message":"Bad request?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":113,"context_line":"        return (str(username, encoding\u003d\u0027utf-8\u0027), password)"},{"line_number":114,"context_line":"    except (TypeError, UnicodeEncodeError, base64.binascii.Error,"},{"line_number":115,"context_line":"            ValueError, UnicodeDecodeError):"},{"line_number":116,"context_line":"        unauthorized(\u0027Could not decode authorization token\u0027)"},{"line_number":117,"context_line":""},{"line_number":118,"context_line":""},{"line_number":119,"context_line":"def parse_header(env):"}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_6b84305f","line":116,"in_reply_to":"ff570b3c_446044a6","updated":"2020-05-13 21:33:32.000000000","message":"Done, but the middleware __call__ exception handling is now generic for IronicException","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":129,"context_line":"    try:"},{"line_number":130,"context_line":"        auth_type, token \u003d auth_header.strip().split(maxsplit\u003d1)"},{"line_number":131,"context_line":"    except (ValueError, AttributeError):"},{"line_number":132,"context_line":"        unauthorized(_(\u0027Could not parse Authorization header\u0027))"},{"line_number":133,"context_line":""},{"line_number":134,"context_line":"    if auth_type.lower() !\u003d \u0027basic\u0027:"},{"line_number":135,"context_line":"        unauthorized("}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_246390b3","line":132,"updated":"2020-05-13 15:32:31.000000000","message":"Bad request rather?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":129,"context_line":"    try:"},{"line_number":130,"context_line":"        auth_type, token \u003d auth_header.strip().split(maxsplit\u003d1)"},{"line_number":131,"context_line":"    except (ValueError, AttributeError):"},{"line_number":132,"context_line":"        unauthorized(_(\u0027Could not parse Authorization header\u0027))"},{"line_number":133,"context_line":""},{"line_number":134,"context_line":"    if auth_type.lower() !\u003d \u0027basic\u0027:"},{"line_number":135,"context_line":"        unauthorized("}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_4bd5ec42","line":132,"in_reply_to":"ff570b3c_246390b3","updated":"2020-05-13 21:33:32.000000000","message":"Done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"46e830096c2c4424eb533c27088a0dbcb1ea6823","unresolved":false,"context_lines":[{"line_number":134,"context_line":"    if auth_type.lower() !\u003d \u0027basic\u0027:"},{"line_number":135,"context_line":"        unauthorized("},{"line_number":136,"context_line":"            _(\u0027Unsupported authorization type: %(auth_type)s\u0027)"},{"line_number":137,"context_line":"            % {\u0027auth_type\u0027: auth_type})"},{"line_number":138,"context_line":"    return token"},{"line_number":139,"context_line":""},{"line_number":140,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_845a5cf0","line":137,"updated":"2020-05-13 15:32:31.000000000","message":"ditto?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":134,"context_line":"    if auth_type.lower() !\u003d \u0027basic\u0027:"},{"line_number":135,"context_line":"        unauthorized("},{"line_number":136,"context_line":"            _(\u0027Unsupported authorization type: %(auth_type)s\u0027)"},{"line_number":137,"context_line":"            % {\u0027auth_type\u0027: auth_type})"},{"line_number":138,"context_line":"    return token"},{"line_number":139,"context_line":""},{"line_number":140,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_2b5518c7","line":137,"in_reply_to":"ff570b3c_845a5cf0","updated":"2020-05-13 21:33:32.000000000","message":"Done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"}],"ironic/conf/default.py":[{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"f1a421fb422ab2703b1f3286dbdf3c6b077a74e1","unresolved":false,"context_lines":[{"line_number":59,"context_line":"        choices\u003d[(\u0027noauth\u0027, _(\u0027no authentication\u0027)),"},{"line_number":60,"context_line":"                 (\u0027keystone\u0027, _(\u0027use the Identity service for \u0027"},{"line_number":61,"context_line":"                                \u0027authentication\u0027)),"},{"line_number":62,"context_line":"                 (\u0027basic\u0027, _(\u0027HTTP basic authentication\u0027))],"},{"line_number":63,"context_line":"        help\u003d_(\u0027Authentication strategy used by ironic-api. \"noauth\" should \u0027"},{"line_number":64,"context_line":"               \u0027not be used in a production environment because all \u0027"},{"line_number":65,"context_line":"               \u0027authentication will be disabled.\u0027)),"}],"source_content_type":"text/x-python","patch_set":7,"id":"ff570b3c_27e82f7a","line":62,"updated":"2020-06-04 12:38:08.000000000","message":"I think this should be called http_basic to be consistent with the keystoneauth change https://review.opendev.org/#/c/727562/","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"843857260351ee93cbeb715abf78af4d846c6e7e","unresolved":false,"context_lines":[{"line_number":63,"context_line":"        help\u003d_(\u0027Authentication strategy used by ironic-api. \"noauth\" should \u0027"},{"line_number":64,"context_line":"               \u0027not be used in a production environment because all \u0027"},{"line_number":65,"context_line":"               \u0027authentication will be disabled.\u0027)),"},{"line_number":66,"context_line":"    cfg.StrOpt(\u0027auth_basic_user_file\u0027,"},{"line_number":67,"context_line":"               default\u003d\u0027/etc/ironic/htpasswd\u0027,"},{"line_number":68,"context_line":"               help\u003d_(\u0027Path to Apache format user authentication file used \u0027"},{"line_number":69,"context_line":"                      \u0027when auth_strategy\u003dbasic\u0027)),"}],"source_content_type":"text/x-python","patch_set":7,"id":"ff570b3c_cf57cf00","line":66,"updated":"2020-06-04 09:28:56.000000000","message":"basic_auth_user_file","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"0f050e35332fb3d9eab94056bca5f4f8eb058e74","unresolved":false,"context_lines":[{"line_number":63,"context_line":"        help\u003d_(\u0027Authentication strategy used by ironic-api. \"noauth\" should \u0027"},{"line_number":64,"context_line":"               \u0027not be used in a production environment because all \u0027"},{"line_number":65,"context_line":"               \u0027authentication will be disabled.\u0027)),"},{"line_number":66,"context_line":"    cfg.StrOpt(\u0027auth_basic_user_file\u0027,"},{"line_number":67,"context_line":"               default\u003d\u0027/etc/ironic/htpasswd\u0027,"},{"line_number":68,"context_line":"               help\u003d_(\u0027Path to Apache format user authentication file used \u0027"},{"line_number":69,"context_line":"                      \u0027when auth_strategy\u003dbasic\u0027)),"}],"source_content_type":"text/x-python","patch_set":7,"id":"ff570b3c_8a1ae2c2","line":66,"in_reply_to":"ff570b3c_cf57cf00","updated":"2020-06-04 13:09:47.000000000","message":"I\u0027ll make it http_basic_auth_user_file","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"}],"ironic/tests/unit/api/test_basic_auth.py":[{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"cbcad65c1ea5b9f598fcc102fe86d24acbb971c9","unresolved":false,"context_lines":[{"line_number":65,"context_line":"        self.assertEqual({\u0027chassis\u0027: []}, response)"},{"line_number":66,"context_line":"        mock_auth.assert_called_once_with("},{"line_number":67,"context_line":"            \u0027/etc/ironic/htpasswd\u0027, \u0027myName\u0027, b\u0027myPassword\u0027)"},{"line_number":68,"context_line":""},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"class TestAuthBasic(base.TestCase):"},{"line_number":71,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_99dda944","line":68,"updated":"2020-05-13 15:02:53.000000000","message":"I guess we also need an explicit behavior check for /v1/lookup and /v1/heartbeat so we don\u0027t inadvertently require basic auth be used with those endpoints.","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":65,"context_line":"        self.assertEqual({\u0027chassis\u0027: []}, response)"},{"line_number":66,"context_line":"        mock_auth.assert_called_once_with("},{"line_number":67,"context_line":"            \u0027/etc/ironic/htpasswd\u0027, \u0027myName\u0027, b\u0027myPassword\u0027)"},{"line_number":68,"context_line":""},{"line_number":69,"context_line":""},{"line_number":70,"context_line":"class TestAuthBasic(base.TestCase):"},{"line_number":71,"context_line":""}],"source_content_type":"text/x-python","patch_set":1,"id":"ff570b3c_d0508b61","line":68,"in_reply_to":"ff570b3c_99dda944","updated":"2020-05-13 21:33:32.000000000","message":"How about a test which hits /v1/, which is also public and doesn\u0027t need as much of a test harness?","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"}],"releasenotes/notes/http-basic-auth-f8c0536eba989918.yaml":[{"author":{"_account_id":11655,"name":"Julia Kreger","email":"juliaashleykreger@gmail.com","username":"jkreger","status":"Flying to the moon with a Jetpack!"},"change_message_id":"cbcad65c1ea5b9f598fcc102fe86d24acbb971c9","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"prelude: \u003e"},{"line_number":3,"context_line":"    Having noauth as the only option for standalone ironic causes constraints"},{"line_number":4,"context_line":"    on how the API is exposed on the network. Having some kind of"},{"line_number":5,"context_line":"    authentication layer behind a TLS deployment eases these constraints."},{"line_number":6,"context_line":"features:"},{"line_number":7,"context_line":"  - |"},{"line_number":8,"context_line":"    Implement Basic HTTP authentication middleware."}],"source_content_type":"text/x-yaml","patch_set":1,"id":"ff570b3c_990f69e0","line":5,"range":{"start_line":2,"start_character":0,"end_line":5,"end_character":73},"updated":"2020-05-13 15:02:53.000000000","message":"Please don\u0027t put preludes in normal changes, we basically reserve prelude for the human high level release statement. Often pithy with pop culture references. :)","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9bbb3c5aa5fa99de50c7cae5d7fa177ae6dea67b","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"prelude: \u003e"},{"line_number":3,"context_line":"    Having noauth as the only option for standalone ironic causes constraints"},{"line_number":4,"context_line":"    on how the API is exposed on the network. Having some kind of"},{"line_number":5,"context_line":"    authentication layer behind a TLS deployment eases these constraints."},{"line_number":6,"context_line":"features:"},{"line_number":7,"context_line":"  - |"},{"line_number":8,"context_line":"    Implement Basic HTTP authentication middleware."}],"source_content_type":"text/x-yaml","patch_set":1,"id":"ff570b3c_70953fe4","line":5,"range":{"start_line":2,"start_character":0,"end_line":5,"end_character":73},"in_reply_to":"ff570b3c_990f69e0","updated":"2020-05-13 21:33:32.000000000","message":"Done","commit_id":"cd32ba9502cbe1505a21d36ca380fd1b12b2efdf"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"843857260351ee93cbeb715abf78af4d846c6e7e","unresolved":false,"context_lines":[{"line_number":16,"context_line":""},{"line_number":17,"context_line":"    Like the ``noauth`` auth strategy, the ``basic`` auth strategy is for"},{"line_number":18,"context_line":"    standalone deployments of ironic, and no integration with other OpenStack"},{"line_number":19,"context_line":"    services is possible."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"    The only password digest supported is bcrypt, and the ``bcrypt`` python"},{"line_number":22,"context_line":"    library is used for password checks since it supports ``$2y$`` prefixed"}],"source_content_type":"text/x-yaml","patch_set":7,"id":"ff570b3c_2f42cb3e","line":19,"updated":"2020-06-04 09:28:56.000000000","message":"This is not necessary correct in theory, but may need additional work.","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"f0a0778e5f354f5b491d2a3dffb6b1ed47479067","unresolved":false,"context_lines":[{"line_number":16,"context_line":""},{"line_number":17,"context_line":"    Like the ``noauth`` auth strategy, the ``basic`` auth strategy is for"},{"line_number":18,"context_line":"    standalone deployments of ironic, and no integration with other OpenStack"},{"line_number":19,"context_line":"    services is possible."},{"line_number":20,"context_line":""},{"line_number":21,"context_line":"    The only password digest supported is bcrypt, and the ``bcrypt`` python"},{"line_number":22,"context_line":"    library is used for password checks since it supports ``$2y$`` prefixed"}],"source_content_type":"text/x-yaml","patch_set":7,"id":"ff570b3c_cad7ba22","line":19,"in_reply_to":"ff570b3c_2f42cb3e","updated":"2020-06-04 13:04:53.000000000","message":"I\u0027ve softened this a little to the following:\n\n    Like the ``noauth`` auth strategy, the ``http_basic`` auth strategy is intended for standalone deployments of ironic, and integration with other OpenStack services cannot depend on a service catalog.","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"},{"author":{"_account_id":10239,"name":"Dmitry Tantsur","email":"dtantsur@protonmail.com","username":"dtantsur"},"change_message_id":"843857260351ee93cbeb715abf78af4d846c6e7e","unresolved":false,"context_lines":[{"line_number":22,"context_line":"    library is used for password checks since it supports ``$2y$`` prefixed"},{"line_number":23,"context_line":"    bcrypt passwords as generated by the Apache htpasswd utility."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"    To try basic authentication, the following can be done:"},{"line_number":26,"context_line":"    * Set ``/etc/ironic/ironic.conf`` ``DEFAULT`` ``auth_strategy`` to"},{"line_number":27,"context_line":"    * ``basic`` Populate the htpasswd file with entries, for example:"},{"line_number":28,"context_line":"    ``htpasswd -nbB myName myPassword \u003e\u003e /etc/ironic/htpassw"}],"source_content_type":"text/x-yaml","patch_set":7,"id":"ff570b3c_0f3d47ba","line":25,"updated":"2020-06-04 09:28:56.000000000","message":"Ditto as for inspector: let\u0027s actually write installation docs","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"f0a0778e5f354f5b491d2a3dffb6b1ed47479067","unresolved":false,"context_lines":[{"line_number":22,"context_line":"    library is used for password checks since it supports ``$2y$`` prefixed"},{"line_number":23,"context_line":"    bcrypt passwords as generated by the Apache htpasswd utility."},{"line_number":24,"context_line":""},{"line_number":25,"context_line":"    To try basic authentication, the following can be done:"},{"line_number":26,"context_line":"    * Set ``/etc/ironic/ironic.conf`` ``DEFAULT`` ``auth_strategy`` to"},{"line_number":27,"context_line":"    * ``basic`` Populate the htpasswd file with entries, for example:"},{"line_number":28,"context_line":"    ``htpasswd -nbB myName myPassword \u003e\u003e /etc/ironic/htpassw"}],"source_content_type":"text/x-yaml","patch_set":7,"id":"ff570b3c_2ab476f1","line":25,"in_reply_to":"ff570b3c_0f3d47ba","updated":"2020-06-04 13:04:53.000000000","message":"Definitely, there is a storyboard task to document this","commit_id":"9ac093e5aea1fbc1f524be931f22cdccef305143"}],"requirements.txt":[{"author":{"_account_id":23851,"name":"Riccardo Pittau","email":"elfosardo@gmail.com","username":"elfosardo"},"change_message_id":"5b76fd193dfaf6f3d13642932cc8ebab113c62ad","unresolved":false,"context_lines":[{"line_number":45,"context_line":"futurist\u003e\u003d1.2.0 # Apache-2.0"},{"line_number":46,"context_line":"tooz\u003e\u003d1.58.0 # Apache-2.0"},{"line_number":47,"context_line":"openstacksdk\u003e\u003d0.37.0 # Apache-2.0"},{"line_number":48,"context_line":"bcrypt  # Apache-2.0"}],"source_content_type":"text/plain","patch_set":3,"id":"ff570b3c_89a229fb","line":48,"updated":"2020-05-18 09:34:55.000000000","message":"let\u0027s add a min required version as specified in lower-constraints","commit_id":"f95e7dd311084a0003409ff875eb6efcc436e789"}]}