Learn more about these different git repos.
Other Git URLs
No commits found
Commit adf68f2 fixes this pull-request
Pull-Request has been merged by mikem
Read-only methods can be (in most cases) public - now you have me curious. Does Koji have a read-only method that requires authentication?
Read-only methods can be (in most cases) public
Does Koji have a read-only method that requires authentication?
Yes, several of the host methods for example.
I see, thanks. I was curious if there was any security sensitive information.
Reading hub/kojihub.py, it looks like this is done with host = Host() and host.verify(), and each of the HostExports methods has that pattern. Most of those RPCs do something with the host object. For example host.isEnabled evaluates "am I enabled or not", or host.getHostTasks evaluates the tasks specific to the logged-in host.
hub/kojihub.py
host = Host()
host.verify()
HostExports
host
host.isEnabled
host.getHostTasks
So for these read-only methods, the authentication mechanism is a convenient way to reference the kojid instance's data, and it's not a way to restrict sensitive information.