danmarg
danmarg
This is necessary for AppEngine usage, where the standard HTTP client from net/http is not allowed.
This makes it easier to authenticate on headless machines, and eliminates the need for Flask or a local webserver. Also removed the YAML config (replaced with a built-in .ini config).
As described on https://github.com/nitrous-io/autoparts/issues/10.
We initially wrote here that the HTTP request that triggers a challenge/response should serve an HTTP 401 response code and a `Sec-Session-Challenge` header. But per https://datatracker.ietf.org/doc/html/rfc2616#section-10.4.2, a 401 MUST return...