From 49da47d09fa72670d3f87bf16305d7cccd0465c1 Mon Sep 17 00:00:00 2001 From: Adam Miller Date: Thu, 25 Jul 2019 16:40:09 -0500 Subject: [PATCH] force_basic_auth for default httpapi connection auth (#59193) The default for a httpapi connection is to do basic auth, however when setting the url_username and url_password without force_basic_auth, the call to ansible.module_utils.open_url would not always properly handle the basic auth headers based on the combinations of **kwargs passed. This ensures that is always the case when no session token exists and as the goal is to use basic auth in the event of not having a session token, this should be a safe operation. Signed-off-by: Adam Miller --- lib/ansible/plugins/connection/httpapi.py | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/ansible/plugins/connection/httpapi.py b/lib/ansible/plugins/connection/httpapi.py index 9d7ffdeb97e..254cbd624a0 100644 --- a/lib/ansible/plugins/connection/httpapi.py +++ b/lib/ansible/plugins/connection/httpapi.py @@ -265,6 +265,7 @@ class Connection(NetworkConnectionBase): headers.update(self._auth) url_kwargs['headers'] = headers else: + url_kwargs['force_basic_auth'] = True url_kwargs['url_username'] = self.get_option('remote_user') url_kwargs['url_password'] = self.get_option('password')