=========================
HTTP plugins for buildout
=========================
HTTP Basic-Authentication
-------------------------
With this extension it is possible to define password protected
package directories without specifying the password and user in the
url.
Let's take the example protected location, ``http://www.example.com/dist``
First we would need to add the extension and the find link for our
protected location::
[buildout]
find-links = http://www.example.com/dist
extensions = p01.buildouthttp
Then create the ``.httpauth`` password file, this file contains all
authentication information. The ``.httpauth`` file can be placed in the root of
the current buildout or in the ``~/.buildout`` directory. Each row consists of
``realm, uri, username, password``.
Here is an example of the ``.httpauth`` file::
Example com realm, http://www.example.com, username, secret
It is also possible to leave the secret away. Then you will be prompted for the
secret whenever buildout is run::
Example com realm, http://www.example.com, username
Note that basic auth also works with any recipe using
zc.buildout.download (e.g. hexagonit.recipe.download) because this
extension also overwrites the url opener of zc.buildout.
Github Private Downloads
------------------------
Private downloads on http://github.com/ require authorization to download.
The previous token-based authentication system based on the v2 API (see
http://github.com/blog/170-token-authentication) is no longer supported by
GitHub as of June 1 2012; You must now request a v3 API token and use that
instead.
Requesting a new API token can be done in one line using ``curl`` (please
substitute your own github username and password):
curl -s -X POST -d '{"scopes": ["repo"], "note": "my API token"}' \
https://${user}:${pass}@api.github.com/authorizations | grep token
Now set the value of github.token to the hash returned from the command above:
git config --global github.accesstoken ${token}
Note that the v3 API does not require your github username to work, and can
be removed from your configuration if you wish.
For details on managing authorization GitHub's OAuth tokens, see the API
documentation: http://developer.github.com/v3/oauth/#oauth-authorizations-api
URL to download a tag or branch::
https://api.github.com/repos/<gituser>/<repos>/tarball/master
URL to downlad a "download"::
https://github.com/downloads/<gituser>/<repos>/<name>
As some eggs on PyPi also use public Github download URLs you may want to
whitelist the repos that authentication is required for as Github will
return a 401 error code even for public repositories if the wrong auth
details are provided.
To do this just list each repo in the format `<gituser>/<repos>` one per
line in the buildout config `github-repos`::
[buildout]
extensions = p01.buildouthttp
github-repos = p01/repos
bitly/asyncmongo
Credits
-------
Thanks to lovely systems for development and Tarek Ziade, Kevin Williams,
Wesley Mason for bugfixes and extensions.
====================
Handler Installation
====================
By default the install function looks for the password file at
~/.buildout/.httpauth and installs a basic auth opener.
It does not fail if the file cannot be found:
>>> import os
>>> from p01.buildouthttp.buildouthttp import install
>>> install()
We can supply the path to the file for testing.
>>> install(pwd_path='a')
If the file cannot be parsed an exception is raised:
>>> fp = os.path.join(tmp,'pwd.txt')
>>> import os
>>> f = open(fp, 'w')
>>> _ = f.write('The realm,https://example.com/ something')
>>> f.close()
>>> install(pwd_path=fp)
Traceback (most recent call last):
...
RuntimeError: Authentication file cannot be parsed ...pwd.txt:1
Some working examples:
>>> f = open(fp, 'w')
>>> _ = f.write('The realm,https://example.com/,username,password')
>>> f.close()
>>> install(pwd_path=fp)
>>> f = open(fp, 'w')
>>> _ = f.write('The realm,https://example.com/,username,password\n\n\n')
>>> f.close()
>>> install(pwd_path=fp)
>>> f = open(fp, 'w')
>>> _ = f.write('')
>>> f.close()
>>> install(pwd_path=fp)
Now let's try with the ``.httpauth`` file in the buildout directory:
>>> buildout_dir = os.path.join(tmp, 'test-buildout')
>>> os.mkdir(buildout_dir)
>>> buildout = {'buildout': {'directory': buildout_dir}}
>>> install(buildout=buildout)
>>> buildout_fp = os.path.join(buildout_dir, '.httpauth')
>>> f = open(buildout_fp, 'w')
>>> _ = f.write('The realm,https://example.com/ not valid')
>>> f.close()
>>> install(buildout=buildout)
Traceback (most recent call last):
...
RuntimeError: Authentication file cannot be parsed ...None:1
>>> f = open(buildout_fp, 'w')
>>> _ = f.write('The realm,https://example.com/,username,password')
>>> f.close()
>>> install(buildout=buildout)
Then with the file passed in and the file from the buildout directory:
>>> f = open(fp, 'w')
>>> _ = f.write('The realm,https://example.com/,username,password')
>>> f.close()
>>> install(buildout=buildout, pwd_path=fp)
unload externsion:
>>> from p01.buildouthttp.buildouthttp import unload
>>> unload()
=======
CHANGES
=======
1.0.3 (2025-07-14)
------------------
- bugfix; support HOME location for .buildout/.httpauth file
1.0.2 (2025-07-01)
------------------
- make python 3 compatible
1.0.1 (2015-11-27)
------------------
- bugfix: fix url opener setup
1.0.0 (2015-11-23)
------------------
- fix url handling troubles based on python 2.7.10 and zc.buildout > 2.2
- initial copy of lovely.buildouthttp
Raw data
{
"_id": null,
"home_page": "http://pypi.python.org/pypi/p01.buildouthttp",
"name": "p01.buildouthttp",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "Zope3 z3c p01 buildout http authentication",
"author": "Roger Ineichen, Projekt01 GmbH",
"author_email": "dev@projekt01.ch",
"download_url": "https://files.pythonhosted.org/packages/85/87/d67fe328203e0d2482c54529c17acf47e56ec8a5e78cf88ecff247673b4e/p01.buildouthttp-1.0.3.tar.gz",
"platform": null,
"description": "=========================\nHTTP plugins for buildout\n=========================\n\nHTTP Basic-Authentication\n-------------------------\n\nWith this extension it is possible to define password protected\npackage directories without specifying the password and user in the\nurl.\n\nLet's take the example protected location, ``http://www.example.com/dist``\n\nFirst we would need to add the extension and the find link for our\nprotected location::\n\n [buildout]\n find-links = http://www.example.com/dist\n extensions = p01.buildouthttp\n\nThen create the ``.httpauth`` password file, this file contains all\nauthentication information. The ``.httpauth`` file can be placed in the root of\nthe current buildout or in the ``~/.buildout`` directory. Each row consists of\n``realm, uri, username, password``.\n\nHere is an example of the ``.httpauth`` file::\n\n Example com realm, http://www.example.com, username, secret\n\nIt is also possible to leave the secret away. Then you will be prompted for the\nsecret whenever buildout is run::\n\n Example com realm, http://www.example.com, username\n\nNote that basic auth also works with any recipe using\nzc.buildout.download (e.g. hexagonit.recipe.download) because this\nextension also overwrites the url opener of zc.buildout.\n\n\nGithub Private Downloads\n------------------------\n\nPrivate downloads on http://github.com/ require authorization to download.\nThe previous token-based authentication system based on the v2 API (see\nhttp://github.com/blog/170-token-authentication) is no longer supported by\nGitHub as of June 1 2012; You must now request a v3 API token and use that\ninstead.\n\nRequesting a new API token can be done in one line using ``curl`` (please\nsubstitute your own github username and password):\n\n curl -s -X POST -d '{\"scopes\": [\"repo\"], \"note\": \"my API token\"}' \\\n https://${user}:${pass}@api.github.com/authorizations | grep token\n\nNow set the value of github.token to the hash returned from the command above:\n\n git config --global github.accesstoken ${token}\n\nNote that the v3 API does not require your github username to work, and can\nbe removed from your configuration if you wish.\n\nFor details on managing authorization GitHub's OAuth tokens, see the API\ndocumentation: http://developer.github.com/v3/oauth/#oauth-authorizations-api\n\nURL to download a tag or branch::\n\n https://api.github.com/repos/<gituser>/<repos>/tarball/master\n\nURL to downlad a \"download\"::\n\n https://github.com/downloads/<gituser>/<repos>/<name>\n\nAs some eggs on PyPi also use public Github download URLs you may want to\nwhitelist the repos that authentication is required for as Github will\nreturn a 401 error code even for public repositories if the wrong auth\ndetails are provided.\nTo do this just list each repo in the format `<gituser>/<repos>` one per\nline in the buildout config `github-repos`::\n\n [buildout]\n extensions = p01.buildouthttp\n github-repos = p01/repos\n bitly/asyncmongo\n\n\nCredits\n-------\n\nThanks to lovely systems for development and Tarek Ziade, Kevin Williams,\nWesley Mason for bugfixes and extensions.\n\n\n\n\n====================\nHandler Installation\n====================\n\nBy default the install function looks for the password file at\n~/.buildout/.httpauth and installs a basic auth opener.\n\nIt does not fail if the file cannot be found:\n\n >>> import os\n >>> from p01.buildouthttp.buildouthttp import install\n >>> install()\n\nWe can supply the path to the file for testing.\n\n >>> install(pwd_path='a')\n\nIf the file cannot be parsed an exception is raised:\n\n >>> fp = os.path.join(tmp,'pwd.txt')\n >>> import os\n >>> f = open(fp, 'w')\n >>> _ = f.write('The realm,https://example.com/ something')\n >>> f.close()\n >>> install(pwd_path=fp)\n Traceback (most recent call last):\n ...\n RuntimeError: Authentication file cannot be parsed ...pwd.txt:1\n\nSome working examples:\n\n >>> f = open(fp, 'w')\n >>> _ = f.write('The realm,https://example.com/,username,password')\n >>> f.close()\n >>> install(pwd_path=fp)\n >>> f = open(fp, 'w')\n >>> _ = f.write('The realm,https://example.com/,username,password\\n\\n\\n')\n >>> f.close()\n >>> install(pwd_path=fp)\n >>> f = open(fp, 'w')\n >>> _ = f.write('')\n >>> f.close()\n >>> install(pwd_path=fp)\n\nNow let's try with the ``.httpauth`` file in the buildout directory:\n\n >>> buildout_dir = os.path.join(tmp, 'test-buildout')\n >>> os.mkdir(buildout_dir)\n >>> buildout = {'buildout': {'directory': buildout_dir}}\n >>> install(buildout=buildout)\n >>> buildout_fp = os.path.join(buildout_dir, '.httpauth')\n >>> f = open(buildout_fp, 'w')\n >>> _ = f.write('The realm,https://example.com/ not valid')\n >>> f.close()\n >>> install(buildout=buildout)\n Traceback (most recent call last):\n ...\n RuntimeError: Authentication file cannot be parsed ...None:1\n >>> f = open(buildout_fp, 'w')\n >>> _ = f.write('The realm,https://example.com/,username,password')\n >>> f.close()\n >>> install(buildout=buildout)\n\nThen with the file passed in and the file from the buildout directory:\n\n >>> f = open(fp, 'w')\n >>> _ = f.write('The realm,https://example.com/,username,password')\n >>> f.close()\n >>> install(buildout=buildout, pwd_path=fp)\n\nunload externsion:\n\n >>> from p01.buildouthttp.buildouthttp import unload\n >>> unload()\n\n\n=======\nCHANGES\n=======\n\n1.0.3 (2025-07-14)\n------------------\n\n- bugfix; support HOME location for .buildout/.httpauth file\n\n\n1.0.2 (2025-07-01)\n------------------\n\n- make python 3 compatible\n\n\n1.0.1 (2015-11-27)\n------------------\n\n- bugfix: fix url opener setup\n\n\n1.0.0 (2015-11-23)\n------------------\n\n- fix url handling troubles based on python 2.7.10 and zc.buildout > 2.2\n\n- initial copy of lovely.buildouthttp",
"bugtrack_url": null,
"license": "ZPL 2.1",
"summary": "Buildout authentication extension",
"version": "1.0.3",
"project_urls": {
"Homepage": "http://pypi.python.org/pypi/p01.buildouthttp"
},
"split_keywords": [
"zope3",
"z3c",
"p01",
"buildout",
"http",
"authentication"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "8587d67fe328203e0d2482c54529c17acf47e56ec8a5e78cf88ecff247673b4e",
"md5": "ce60bccb5a1ae97024694586b7c48533",
"sha256": "5e43dfe983f08f8dc4235885d3fce279ff5ebd050c6de7d610d5513e96bb3abd"
},
"downloads": -1,
"filename": "p01.buildouthttp-1.0.3.tar.gz",
"has_sig": false,
"md5_digest": "ce60bccb5a1ae97024694586b7c48533",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 28031,
"upload_time": "2025-07-14T14:48:11",
"upload_time_iso_8601": "2025-07-14T14:48:11.121494Z",
"url": "https://files.pythonhosted.org/packages/85/87/d67fe328203e0d2482c54529c17acf47e56ec8a5e78cf88ecff247673b4e/p01.buildouthttp-1.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-14 14:48:11",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "p01.buildouthttp"
}
JSON