From 8e3e01cc557dce8e7bba87f93d757f0cafe85b48 Mon Sep 17 00:00:00 2001 From: danimtb Date: Tue, 25 Nov 2025 12:46:14 +0100 Subject: [PATCH 1/5] Add docs for headers field in source_credentials.json and Auth source plugin --- reference/config_files/source_credentials.rst | 5 ++++- reference/extensions/authorization_plugins.rst | 5 +++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/reference/config_files/source_credentials.rst b/reference/config_files/source_credentials.rst index 94c5cfbf4793..e48258239def 100644 --- a/reference/config_files/source_credentials.rst +++ b/reference/config_files/source_credentials.rst @@ -38,7 +38,8 @@ the ``credentials.json`` file should be used instead, see :ref:`reference_config "credentials": [ { "url": "https://server/that/need/credentials", - "token": "mytoken" + "token": "mytoken", + "headers": {"my-header-1": "my-value-1", "my-header-2": "my-value-2"} } ] } @@ -46,6 +47,8 @@ the ``credentials.json`` file should be used instead, see :ref:`reference_config Using the ``token`` field, will add an ``Authorization = Bearer {token}`` header. This would be the preferred way of authentication, as it is typically more secure than using user/password. +You can also specify any custom headers that may be required to request the sources to the server using the ``headers`` field. + If for some reason HTTP-Basic auth with user/password is necessary it can be provided with the ``user`` and ``password`` fields: diff --git a/reference/extensions/authorization_plugins.rst b/reference/extensions/authorization_plugins.rst index e038366dad6c..533eaee18538 100644 --- a/reference/extensions/authorization_plugins.rst +++ b/reference/extensions/authorization_plugins.rst @@ -39,7 +39,8 @@ Here we can see an example of a plugin implementation. Auth source plugin +++++++++++++++++++ This one is a Python script that receives an ``url`` as a parameter and outputs a dictionary with the credentials or -access token. It can also return ``None`` to indicate that Conan should proceed with its normal login flow. +access token and an optional ``headers`` dictionary to add headers to the HTTP server request. +It can also return ``None`` to indicate that Conan should proceed with its normal login flow. This plugin is located at the path ``/extensions/plugins/auth_source.py`` and must be manually created with the name ``auth_source.py``, containing a function named ``auth_source_plugin(url, **kwargs)``. @@ -57,7 +58,7 @@ Here we can see an example of a plugin implementation. if url.startswith("https://my-sources-user-password.my-org/"): return {'user': 'my-user', 'password': 'my-password'} elif url.startswith("https://my-private-token-sources.my-org/"): - return {'token': 'my-secure-token'} + return {'token': 'my-secure-token', 'headers': {'my-header-1': 'my-value-1'}} .. note:: From 4c66dd48612656b7fcb8ff7922cf06cf7fd6b357 Mon Sep 17 00:00:00 2001 From: Daniel Date: Tue, 25 Nov 2025 12:59:36 +0100 Subject: [PATCH 2/5] Update reference/config_files/source_credentials.rst MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Abril Rincón Blanco <5364255+AbrilRBS@users.noreply.github.com> --- reference/config_files/source_credentials.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/reference/config_files/source_credentials.rst b/reference/config_files/source_credentials.rst index e48258239def..95c2bcd3b73a 100644 --- a/reference/config_files/source_credentials.rst +++ b/reference/config_files/source_credentials.rst @@ -47,7 +47,7 @@ the ``credentials.json`` file should be used instead, see :ref:`reference_config Using the ``token`` field, will add an ``Authorization = Bearer {token}`` header. This would be the preferred way of authentication, as it is typically more secure than using user/password. -You can also specify any custom headers that may be required to request the sources to the server using the ``headers`` field. +You can also specify any custom headers that may be required to request the sources to the server using the _optional_ ``headers`` field. If for some reason HTTP-Basic auth with user/password is necessary it can be provided with the ``user`` and ``password`` fields: From a8b66aa04b3ebe2061370715908455e3cb274f93 Mon Sep 17 00:00:00 2001 From: danimtb Date: Tue, 25 Nov 2025 13:21:06 +0100 Subject: [PATCH 3/5] review --- reference/config_files/source_credentials.rst | 21 ++++++++++++++----- .../extensions/authorization_plugins.rst | 11 ++++++++-- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/reference/config_files/source_credentials.rst b/reference/config_files/source_credentials.rst index e48258239def..69e8d36ceb0e 100644 --- a/reference/config_files/source_credentials.rst +++ b/reference/config_files/source_credentials.rst @@ -38,8 +38,7 @@ the ``credentials.json`` file should be used instead, see :ref:`reference_config "credentials": [ { "url": "https://server/that/need/credentials", - "token": "mytoken", - "headers": {"my-header-1": "my-value-1", "my-header-2": "my-value-2"} + "token": "mytoken" } ] } @@ -47,8 +46,6 @@ the ``credentials.json`` file should be used instead, see :ref:`reference_config Using the ``token`` field, will add an ``Authorization = Bearer {token}`` header. This would be the preferred way of authentication, as it is typically more secure than using user/password. -You can also specify any custom headers that may be required to request the sources to the server using the ``headers`` field. - If for some reason HTTP-Basic auth with user/password is necessary it can be provided with the ``user`` and ``password`` fields: @@ -75,12 +72,26 @@ level: { "credentials": [ { - "url": "https://server/that/need/credentials", + "url": "https://server/that/need/credentials", "token": "{{mytk}}" } ] } +You can also specify any custom headers that may be required to request the sources to the server using a ``headers`` dictionary. + +.. code-block:: json + + { + "credentials": [ + { + "url": "https://server/that/need/credentials", + "token": "mytoken", + "headers": {"my-header-1": "my-value-1", "my-header-2": "my-value-2"} + } + ] + } + .. note:: **Best practices** diff --git a/reference/extensions/authorization_plugins.rst b/reference/extensions/authorization_plugins.rst index 533eaee18538..066123cd69ce 100644 --- a/reference/extensions/authorization_plugins.rst +++ b/reference/extensions/authorization_plugins.rst @@ -39,8 +39,7 @@ Here we can see an example of a plugin implementation. Auth source plugin +++++++++++++++++++ This one is a Python script that receives an ``url`` as a parameter and outputs a dictionary with the credentials or -access token and an optional ``headers`` dictionary to add headers to the HTTP server request. -It can also return ``None`` to indicate that Conan should proceed with its normal login flow. +access token. It can also return ``None`` to indicate that Conan should proceed with its normal login flow. This plugin is located at the path ``/extensions/plugins/auth_source.py`` and must be manually created with the name ``auth_source.py``, containing a function named ``auth_source_plugin(url, **kwargs)``. @@ -60,6 +59,14 @@ Here we can see an example of a plugin implementation. elif url.startswith("https://my-private-token-sources.my-org/"): return {'token': 'my-secure-token', 'headers': {'my-header-1': 'my-value-1'}} +Additionally, returning a ``headers`` dictionary will add the contents as HTTP headers for the sources request: + +.. code-block:: python + + def auth_source_plugin(url, **kwargs): + if url.startswith("https://my-private-token-sources-with-headers.my-org/"): + return {'token': 'my-secure-token', 'headers': {'my-header-1': 'my-value-1'}} + .. note:: From 6f8c7ea53e47ebfe473b0afcccefbc3263bcf181 Mon Sep 17 00:00:00 2001 From: danimtb Date: Tue, 25 Nov 2025 13:24:55 +0100 Subject: [PATCH 4/5] wording --- reference/config_files/source_credentials.rst | 7 +------ reference/extensions/authorization_plugins.rst | 3 ++- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/reference/config_files/source_credentials.rst b/reference/config_files/source_credentials.rst index c6426d704b2b..fe72acf1efeb 100644 --- a/reference/config_files/source_credentials.rst +++ b/reference/config_files/source_credentials.rst @@ -46,11 +46,6 @@ the ``credentials.json`` file should be used instead, see :ref:`reference_config Using the ``token`` field, will add an ``Authorization = Bearer {token}`` header. This would be the preferred way of authentication, as it is typically more secure than using user/password. -<<<<<<< HEAD -======= -You can also specify any custom headers that may be required to request the sources to the server using the _optional_ ``headers`` field. - ->>>>>>> 4c66dd48612656b7fcb8ff7922cf06cf7fd6b357 If for some reason HTTP-Basic auth with user/password is necessary it can be provided with the ``user`` and ``password`` fields: @@ -83,7 +78,7 @@ level: ] } -You can also specify any custom headers that may be required to request the sources to the server using a ``headers`` dictionary. +In some special cases, the server might need some specific custom headers. You can also specify them using a ``headers`` dictionary. .. code-block:: json diff --git a/reference/extensions/authorization_plugins.rst b/reference/extensions/authorization_plugins.rst index 066123cd69ce..5a0354e3fab2 100644 --- a/reference/extensions/authorization_plugins.rst +++ b/reference/extensions/authorization_plugins.rst @@ -59,7 +59,8 @@ Here we can see an example of a plugin implementation. elif url.startswith("https://my-private-token-sources.my-org/"): return {'token': 'my-secure-token', 'headers': {'my-header-1': 'my-value-1'}} -Additionally, returning a ``headers`` dictionary will add the contents as HTTP headers for the sources request: +Additionally, returning a ``headers`` dictionary will add the contents as HTTP headers for the sources request, +as some servers might need some specific custom headers: .. code-block:: python From 9919141729c53121e224ee68a3cccd07ca30ae23 Mon Sep 17 00:00:00 2001 From: danimtb Date: Tue, 25 Nov 2025 13:25:39 +0100 Subject: [PATCH 5/5] fix --- reference/extensions/authorization_plugins.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/reference/extensions/authorization_plugins.rst b/reference/extensions/authorization_plugins.rst index 5a0354e3fab2..073972ba6b3b 100644 --- a/reference/extensions/authorization_plugins.rst +++ b/reference/extensions/authorization_plugins.rst @@ -57,7 +57,7 @@ Here we can see an example of a plugin implementation. if url.startswith("https://my-sources-user-password.my-org/"): return {'user': 'my-user', 'password': 'my-password'} elif url.startswith("https://my-private-token-sources.my-org/"): - return {'token': 'my-secure-token', 'headers': {'my-header-1': 'my-value-1'}} + return {'token': 'my-secure-token'} Additionally, returning a ``headers`` dictionary will add the contents as HTTP headers for the sources request, as some servers might need some specific custom headers: