-
Kirill Smelkov authored
[ Not sent upstream. The patch was not sent upstream, because previous 2 raw blob patches were not accepted (see details there). OTOH it is very handy in SlapOS environment to use CI token auth for raw downloading, so just carry with us as NXD. ] There are cases when using user:password for /raw/... access is handy: - when using query for auth (private_token) is not convenient for some reason (e.g. client processing software does not handle queries well when generating URLs) - when we do not want to organize many artificial users and use their tokens, but instead just use per-project automatically setup gitlab-ci-token : <ci-token> artificial user & "password" which are already handled by auth backend for `git fetch` requests. Handling is easy: if main auth backend rejects access, and there is user:password in original request, we retry asking auth backend the way as `git fetch` would do. Access is granted if any of two ways to ask auth backend succeeds. This way both private tokens / cookies and HTTP auth are supported.
3f8faed7