Adding Authorization: Bearer support to ostree pull



Hi,

I'm interested in adding OAuth 2.0 Bearer token support to OSTree, and
I'd like your opinion on the right way to add this feature.

In our application the client already has an OAuth token available, and
we'd like ostree pull to use that token to authenticate with the server.

This boils down to including a  "Authorization: Bearer <token>" in the
http requests.

I made this work with a hack in create_pending_soup_request that looked
like:

msg = soup_request_http_get_message((SoupRequestHTTP*)pending->request);

soup_message_headers_append(msg->request_headers, "Authorization",
                            "Bearer <token>");


I'm trying to understand to pass the token in from the outside world.

It looks like the token would need to be stored in either
OstreeFetcherPendingURI or ThreadClosure, but I don't understand enough
of the architecture to see which of those makes more sense, or how to
pass it in from the ostree pull command line.

Do you have a recommendation for a good route to add this feature?


Best Regards,

Phil

-- 
Phil Wise, ATS Advanced Telematic Systems GmbH
Kantstrasse 162, 10623 Berlin
Managing Directors: Dirk Pöschl, Armin G. Schmidt
Register Court: HRB 151501 B, Amtsgericht Charlottenburg


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]