[SDAN-752] Allow Basic auth for ATOM and RSS#1418
Merged
marwoodandrew merged 2 commits intosuperdesk:developfrom Jan 9, 2026
Merged
[SDAN-752] Allow Basic auth for ATOM and RSS#1418marwoodandrew merged 2 commits intosuperdesk:developfrom
marwoodandrew merged 2 commits intosuperdesk:developfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+75
to
+82
| if supports_basic_auth and auth.lower().startswith("basic"): | ||
| base64_payload = auth.split(" ", 1)[1] | ||
|
|
||
| credentials_bytes = base64.b64decode(base64_payload) | ||
| credentials = credentials_bytes.decode("utf-8") | ||
| username, password = credentials.split(":", 1) | ||
|
|
||
| return username if username else password |
There was a problem hiding this comment.
The Basic Auth parsing logic lacks error handling for malformed input. The code should handle potential exceptions from:
auth.split(" ", 1)[1]when there's no space after "Basic"base64.b64decode(base64_payload)when the payload is invalid base64credentials_bytes.decode("utf-8")when the decoded bytes are not valid UTF-8credentials.split(":", 1)when the credentials don't contain a colon
Without proper error handling, malformed Basic Auth headers will cause unhandled exceptions. Consider wrapping this logic in a try-except block and returning None on any parsing errors, allowing the authentication to fail gracefully.
petrjasek
approved these changes
Jan 5, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Purpose
Allow the ATOM and RSS News API endpoints to authenticate using Basic Authentication
What has changed
An additional Authentication method has been added to the required endpoints
Steps to test
Use Postman or Curl or similar utility to make requests against the ATOM and RSS endpoints
Checklist
lodash.getwith optional chaining for modified code segmentsResolves: SDAN-752