From bb6f32f069deea04b48ef24c4917e59fb5a3e34b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= <anders.f.bjorklund@gmail.com>
Date: Thu, 9 Apr 2026 22:09:33 +0200
Subject: [PATCH] Handle basic http authentication

While not ideal from a security standpoint, the basic auth
with the username and password in the URL is sometimes used.

New deployments (and things outside testing) should prefer to
use netrc or token instead of passing the password in URL.
---
 src/storage_client.cpp | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/storage_client.cpp b/src/storage_client.cpp
index 0776976..81220d9 100644
--- a/src/storage_client.cpp
+++ b/src/storage_client.cpp
@@ -229,6 +229,21 @@ CURL* StorageClient::create_easy_handle(HttpRequest* request)
   curl_easy_setopt(handle, CURLOPT_WRITEDATA, request);
   curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, write_callback);
 
+  CURLU *h = curl_url();
+  curl_url_set(h, CURLUPART_URL, request->url.c_str(), 0);
+  char *username = nullptr;
+  char *password = nullptr;
+  curl_url_get(h, CURLUPART_USER, &username, 0);
+  curl_url_get(h, CURLUPART_PASSWORD, &password, 0);
+  if (username || password) {
+    curl_easy_setopt(handle, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
+    curl_easy_setopt(handle, CURLOPT_USERNAME, username);
+    curl_easy_setopt(handle, CURLOPT_PASSWORD, password);
+  }
+  curl_free(username);
+  curl_free(password);
+  curl_url_cleanup(h);
+
   if (_config.use_netrc) {
     curl_easy_setopt(handle, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
     if (_config.netrc_file) {