Allow use of basic auth for security scan endpoints

This will allow the security labeler to send a pull secret to retrieve security information for a manifest Fixes https://jira.coreos.com/browse/QUAY-1087
2018-09-21 13:54:33 -04:00 · 2018-09-21 13:54:33 -04:00 · a38edea11b
commit a38edea11b
parent f9da0caaa4
4 changed files with 37 additions and 2 deletions
--- a/auth/decorators.py
+++ b/auth/decorators.py
@ -60,6 +60,7 @@ process_oauth = _auth_decorator(handlers=[validate_bearer_auth, validate_session
 process_auth = _auth_decorator(handlers=[validate_signed_grant, validate_basic_auth])
 process_auth_or_cookie = _auth_decorator(handlers=[validate_basic_auth, validate_session_cookie])
 process_basic_auth = _auth_decorator(handlers=[validate_basic_auth], pass_result=True)
+process_basic_auth_no_pass = _auth_decorator(handlers=[validate_basic_auth])


 def require_session_login(func):