Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fetch token dynamically #40

Open
jayvdb opened this issue Apr 10, 2020 · 4 comments
Open

Fetch token dynamically #40

jayvdb opened this issue Apr 10, 2020 · 4 comments

Comments

@jayvdb
Copy link

jayvdb commented Apr 10, 2020

It would be helpful if a URL can be specified (using an env var) which is used to obtain the token. Ideally then use the username and password provided via --auth=.

The token fetch and use sequence would then be triggered upon response header Www-Authenticate:, which also typically contains keyword JWT or Bearer to indicate which prefix was expected.

@jayvdb
Copy link
Author

jayvdb commented Apr 10, 2020

See also #4 (comment)

@hoatle
Copy link
Member

hoatle commented Apr 11, 2020

@jayvdb I'm not sure if we should include this into the plugin. Do you know any other similar mechanism from other plugins? I doubt that it is out of this plugin scope, maybe you can create another wrapper or lib from this plugin instead?

@jayvdb
Copy link
Author

jayvdb commented Apr 11, 2020

Sure, https://github.com/httpie/httpie-ntlm/blob/master/httpie_ntlm.py and https://github.com/requests/requests-ntlm/blob/v1.1.0/requests_ntlm/requests_ntlm.py do something similar.

I expect https://github.com/ndzou/httpie-negotiate/blob/master/httpie_negotiate.py will be doing the same inside of requests_kerberos

The primary difference is that ntlm and kerberos know the 'endpoint' where they can convert user/pass to get the tokens needed. For JWT, that endpoint could be anywhere on the same host.

I understand if you still would rather that this plugin doesnt attempt this, in which case I'll try to build my own.

@hoatle
Copy link
Member

hoatle commented Apr 12, 2020

@jayvdb thank you for your information, it's cool if you could try and send a PR for this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants