Use pip install through private repostiory protected by .htaccess ?

[vbabiy]

Hi,

I would like protected a private Python Index repository with ".htaccess" file.

When I use pip to install some package from this repository, I've this error :

Getting page http://pypi.is-webdesign.com/simple/
Could not fetch URL http://pypi.is-webdesign.com/simple/: HTTP Error 401: Unauthorized

How can I use login/password parameters with pip ?

Pip don't support this feature ? If not it's planned ?

Regards,
Stephane

---

• Bitbucket: https://bitbucket.org/ianb/pip/issue/188
• Originally Reported By: Stéphane Klein
• Originally Created At: 2010-11-15 13:46:58

[vbabiy]

pip supports basic auth via its URLOpener,
http://bitbucket.org/ianb/pip/src/tip/pip/download.py#cl-67

Just use a URL like http://username:password@server/whatever/

---

Original Comment By: Jannis Leidel

[vbabiy]

With 0.8.1 pip version I can do :

pip install -f http://username:password@example.com/simple/ my_package

I don't know if this feature is documented or not.

I'll look that as soon as.

Regards, Stephane

---

Original Comment By: Stéphane Klein

[vbabiy]

Jannis, I tried as you said but it didn't works for me when using HTTPS.

Can someone confirm it for me? Is it a known bug?

Thanks! :-)

---

Original Comment By: Guilherme Gondim

[vbabiy]

I can confirm it doesn't work with https. I get the following error:

Traceback (most recent call last):

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.6.3-py2.6.egg/pip/basecommand.py", line 115, in main

    self.run(options, args)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.6.3-py2.6.egg/pip/commands/install.py", line 155, in run

    requirement_set.install_files(finder, force_root_egg_info=self.bundle,

bundle=self.bundle)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.6.3-py2.6.egg/pip/req.py", line 823, in install_files

    url = finder.find_requirement(req_to_install, upgrade=self.upgrade)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.6.3-py2.6.egg/pip/index.py", line 55, in find_requirement

    page = self._get_page(main_index_url, req)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.6.3-py2.6.egg/pip/index.py", line 282, in _get_page

    return HTMLPage.get_page(link, req, cache=self.cache)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.6.3-py2.6.egg/pip/index.py", line 363, in get_page

    resp = urllib2.urlopen(url)

  File "/usr/lib/python2.6/urllib2.py", line 126, in urlopen

    return _opener.open(url, data, timeout)

  File "/usr/lib/python2.6/urllib2.py", line 391, in open

    response = self._open(req, data)

  File "/usr/lib/python2.6/urllib2.py", line 409, in _open

    '_open', req)

  File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain

    result = func(*args)

  File "/usr/lib/python2.6/urllib2.py", line 1169, in https_open

    return self.do_open(httplib.HTTPSConnection, req)

  File "/usr/lib/python2.6/urllib2.py", line 1107, in do_open

    h = http_class(host, timeout=req.timeout) # will parse host:port

  File "/usr/lib/python2.6/httplib.py", line 1101, in __init__

    HTTPConnection.__init__(self, host, port, strict, timeout)

  File "/usr/lib/python2.6/httplib.py", line 657, in __init__

    self._set_hostport(host, port)

  File "/usr/lib/python2.6/httplib.py", line 682, in _set_hostport

    raise InvalidURL("nonnumeric port: '%s'" % host[i+1:])

InvalidURL: nonnumeric port: 'mypass@my.private.server.com'

---

Original Comment By: Ian Lewis

[vbabiy]

Newer versions of pip seem to throw the following error when using a username
and password:

Traceback (most recent call last):

  File "/usr/lib/python2.6/threading.py", line 532, in __bootstrap_inner

    self.run()

  File "/usr/lib/python2.6/threading.py", line 484, in run

    self.__target(*self.__args, **self.__kwargs)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.8.1-py2.6.egg/pip/index.py", line 241, in _get_queued_page

    page = self._get_page(location, req)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.8.1-py2.6.egg/pip/index.py", line 326, in _get_page

    return HTMLPage.get_page(link, req, cache=self.cache)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.8.1-py2.6.egg/pip/index.py", line 424, in get_page

    content_type = cls._get_content_type(url)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.8.1-py2.6.egg/pip/index.py", line 486, in _get_content_type

    resp = urlopen(req)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.8.1-py2.6.egg/pip/download.py", line 88, in call

    response = self.get_response(url)

  File "/home/ian/.virtualenvs/test/lib/python2.6/site-

packages/pip-0.8.1-py2.6.egg/pip/download.py", line 107, in get_response

    scheme, netloc, path, query, frag = urlparse.urlsplit(url)

  File "/usr/lib/python2.6/urlparse.py", line 147, in urlsplit

    i = url.find(':')

  File "/usr/lib/python2.6/urllib2.py", line 218, in __getattr__

    raise AttributeError, attr

AttributeError: find

The problem occurs when pip tries to do a head request on the archive file but
hits a 401. https://bitbucket.org/ianb/pip/src/tip/pip/download.py#cl-86

The url passed to self.get_response() is a urllib2.Request object but
get_response() tries to call urlsplit() on it. which throws the above error.
The file seems to download though.

---

Original Comment By: Ian Lewis

[brutasse]

Looks like this is fixed, I have a private index under HTTPS + basic auth and it just works with --index-url https://user:pass@example.com.

Can anybody confirm this and close the issue?

[saxix]

Just added a pull request (#786) linked to this topic.

[jacobsvante]

@brutasse I can confirm. Close this?

[diegows]

1.5.6 still has the issue.

[Ivoz]

Can we confirm exactly the issue now being talked about?

[diegows]

Sorry. Works for me. My mistake :-D
On Jul 18, 2014 5:20 AM, "Matt Iversen" notifications@github.com wrote:

Can we confirm exactly the issue now being talked about?

—
Reply to this email directly or view it on GitHub
#51 (comment).

[robsonpeixoto]

Still necessary put the username and password in the URL?

[vladignatyev]

Is it supported in pip==6.0.8?

[vladignatyev]

I use private PyPI index and run installation like this:
pip install <my_package> --cert=<required_for_some_reason> --extra-index-url https://username:password@pypi.domain.com/simple/ --allow-all-external

and then it works, but asks for username and password interactively. It's not a case when this script ran outside the shell with CLI.

Please confirm if it's linked to the issue discussed here or suggest if I should create another issue, or please point out the solution.

[bcbrown]

@vladignatyev I just ran into the same problem you mentioned, of it asking for user/password interactively. I narrowed down the problem to having a symbol in the password that needs url-encoding. If I don't url-encode the password, the URL can't be parsed. If I do url-encode the password, I think pip isn't url-decoding it before attempting to authenticate.

[mjwillson]

I have this issue too with pip 7.1.2. There's a symbol in the password that needs url-encoding, pip fails to authenticate (gets a 401 response) and prompts for username/password interactively. It then works fine if I enter the user/pass interactively. Like @bcbrown I suspect it's not url-decoding the password.

[ghost]

PLEASE FIX THIS ASAP PIP 8.1.2

[kopf]

Just ran into this using 9.0.3.... Is this seriously still an issue?

[olt]

Parsing the username/password from the URL only works when the port is specified.
(At least on Debian 9, Python 2.7.13, pip 18.1, but I had this issue on other systems as well)

This queries for username/password:pip install -f https://user:pass@example.com/pkgs requests
This works:pip install -f https://user:pass@example.com:443/pkgs requests

[siddhism]

This works with pip 18.1 but broken in latest version (19.1), Confirmed after reverting back to 18.1 it works.

[alercunha]

Parsing the username/password from the URL only works when the port is specified.
(At least on Debian 9, Python 2.7.13, pip 18.1, but I had this issue on other systems as well)

This queries for username/password:pip install -f https://user:pass@example.com/pkgs requests
This works:pip install -f https://user:pass@example.com:443/pkgs requests

@olt I had the same issue using pip 19.1.1 and managed to get it working by putting the port as you suggested. Pretty obscure workaround, I wish I could upvote your answer more.