View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0009144 | Taler | libeufin-bank | public | 2024-08-28 22:39 | 2024-09-18 16:32 |
| Reporter | Florian Dold | Assigned To | Antoine A | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Target Version | 0.14 | ||||
| Summary | 0009144: libeufin-bank doesn't accept basic auth, causing exchange's test_bank_api_with_nexus to fail | ||||
| Description | We should either clarify in the docs where we accept basic auth and where not, or we should fix libeufin-bank to accept basic auth again (in the corebank API). | ||||
| Tags | No tags attached. | ||||
|
|
It passed for me and Christian, can you provide more context ? |
|
|
Actually even simpler repro: wget -S --http-user=x --http-password=x --method=GET -o - -O - https://bank.demo.taler.net/accounts/x Note that I *can* log into the account "x" with password "x" on demo! |
|
|
LOL, it seems like I do have a weird version of wget, it works with the wget on gv.taler.net: dold@gv:~$ wget -S --http-user=x --http-password=x --method=GET -o - -O - https://bank.demo.taler.net/accounts/x --2024-09-11 17:17:21-- https://bank.demo.taler.net/accounts/x Resolving bank.demo.taler.net (bank.demo.taler.net)... 193.5.87.217, 2001:620:500:464::217 Connecting to bank.demo.taler.net (bank.demo.taler.net)|193.5.87.217|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 401 Unauthorized Server: nginx Date: Wed, 11 Sep 2024 15:17:21 GMT Content-Type: application/json Content-Length: 51 Connection: keep-alive Vary: Origin WWW-Authenticate: Basic Authentication selected: Basic Reusing existing connection to bank.demo.taler.net:443. HTTP request sent, awaiting response... HTTP/1.1 200 OK Server: nginx Date: Wed, 11 Sep 2024 15:17:21 GMT Content-Type: application/json Content-Length: 277 Connection: keep-alive Vary: Accept-Encoding Vary: Origin Strict-Transport-Security: max-age=63072000; includeSubDomains; preload Length: 277 [application/json] Saving to: ‘STDOUT’ {"name":"x","balance":{"amount":"KUDOS:4599.99","credit_debit_indicator":"credit"},"payto_uri":"payto://iban/DE9299152711650?receiver-name=x","debit_threshold":"KUDOS:500","contact_data":{"email":null,"phone":null},"is_public":false,"is_taler_exchange":false,"status":"active"} 0K 100% 45.3M=0s 2024-09-11 17:17:21 (45.3 MB/s) - written to stdout [277/277] |
|
|
Here's what my local wget reports: fdold-work@sapota ~/r/t/e/s/testing (master)> wget --version GNU Wget2 2.1.0 - multithreaded metalink/file/website downloader fdold-work@sapota ~/r/t/e/s/testing (master) [6]> wget -S --http-user=x --http-password=secret-token:x --method=GET -o - -O - https://bank.demo.taler.net/accounts/x [0] Downloading 'https://bank.demo.taler.net/accounts/x' ... # got header 150 bytes: :status: 401 server: nginx date: Wed, 11 Sep 2024 15:21:30 GMT content-type: application/json content-length: 51 vary: Origin www-authenticate: Basic HTTP ERROR response 401 [https://bank.demo.taler.net/accounts/x] [0] Downloading 'https://bank.demo.taler.net/accounts/x' ... # got header 150 bytes: :status: 401 server: nginx date: Wed, 11 Sep 2024 15:21:30 GMT content-type: application/json content-length: 51 vary: Origin www-authenticate: Basic HTTP ERROR response 401 [https://bank.demo.taler.net/accounts/x] |
|
|
=> works with wget 1.x, doesn't work with wget 2.x |
|
|
Is it possible that the `realm` part of the www-authenticate header is missing? That is required by the standard. |
|
|
Fixed in 9b9db0eb58f16fea18f35f221e81a58e90aeca54 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-08-28 22:39 | Florian Dold | New Issue | |
| 2024-08-28 22:39 | Florian Dold | Status | new => assigned |
| 2024-08-28 22:39 | Florian Dold | Assigned To | => Antoine A |
| 2024-09-09 13:35 | Antoine A | Assigned To | Antoine A => Florian Dold |
| 2024-09-09 13:35 | Antoine A | Status | assigned => feedback |
| 2024-09-09 13:35 | Antoine A | Note Added: 0023216 | |
| 2024-09-11 17:05 | Florian Dold | Assigned To | Florian Dold => Antoine A |
| 2024-09-11 17:13 | Florian Dold | Note Added: 0023246 | |
| 2024-09-11 17:13 | Florian Dold | Status | feedback => assigned |
| 2024-09-11 17:17 | Florian Dold | Note Added: 0023247 | |
| 2024-09-11 17:22 | Florian Dold | Note Added: 0023249 | |
| 2024-09-11 17:22 | Florian Dold | Note Added: 0023250 | |
| 2024-09-11 18:00 | Florian Dold | Note Added: 0023251 | |
| 2024-09-18 16:32 | Antoine A | Status | assigned => resolved |
| 2024-09-18 16:32 | Antoine A | Resolution | open => fixed |
| 2024-09-18 16:32 | Antoine A | Note Added: 0023332 |
