Pulp

Motivation¶

For proxy authorization to be sent to proxies using the PROXY-AUTHORIZATION header, we need to set that data on the aiohttp session. Currently the only way to specify proxy authorization is in embedded in the proxy_url.

Implementation¶

1. Add a proxy_username and proxy_password fields to the Remote MasterModel. These are optional fields.
2. Ensure that if one is specified, they both are specified (this is at the serializer level).
3. Have the DownloaderFactory read these values and set them on the aiohttp session correctly.

Moving proxy credentials out of proxy_url¶

As part of this story proxy credentials will no longer be allow to be stored on the proxy_url. So for this story the following also needs to be done:

• Validation needs to be added for proxy_url that disallows users to put a username and/or password in the proxy_url. If the user does it should fail validation and they should be directed to use the proxy_username and proxy_password setting.

• A data migration needs to be made which will remove any credentials stored in existing remotes and move them to the proxy_username and proxy_password fields at migration time.

Notes¶

Use the proxy_pass parameter on the aiohttp session like the example below from the aiohttp client proxy config docs:

async with aiohttp.ClientSession() as session:
    proxy_auth = aiohttp.BasicAuth('user', 'pass')
    async with session.get("http://python.org",
                           proxy="http://proxy.com",
                           proxy_auth=proxy_auth) as resp:
        print(resp.status)