No, not currently. You might be able to get close by using client side
SSL certificates, but then you also have to enable that across
everything in Gerrit.
Can I ask what you are trying to do? Maybe there is an alternative
that is workable at the present tim?
Clone the repository and fetch the file from the local copy?
This is still possible, its just a bit of work to get the request
phrased right to get the cookie. :-(
> However, someone else working on this noted:
>> Most websites I’ve seen using Basic http auth, cause a browser-native
>> dialog box to popup in response to a some kind of a basic auth challenge
>> http response (error code 401). The Gerrit link I saw, uses a coded JS
>> input form. At first glance, hence, this doesn’t appear to be a case of basic
>> auth.
Its not HTTP basic auth. Basic auth has a ton of problems. Since the
browser vendors never fixed authentication, site owners went and built
their own solutions in HTML. Since site owners built their own
solutions in HTML, browser vendors were never motivated to make
browser based authentication work. And so on. I'm not happy this is
the still state of the web now 15 years later.
>> Now it may be that clicking the “Sign in” link at the top issues an http reques
>> (via JS I’m guessing) to some URL which in turn responds with a 401 error
>> challenge. We’d at least need to know that URL to start with – we tried
>> decoding the JS dialog box but the JS code we saw was non-trivial to walk
>> through.
Don't try to dig into the JavaScript. Its obfuscated and compressed to
save transfer space and make it load faster in the browser's parser.
Use the developer tools feature of your browser to inspect the XHR
network request the JavaScript makes when you sign-in. It should be
doing a POST to the /gerrit/rpc/UserPassAuthService. The POST is a
JSON-RPC 2.0 request containing the username and password as
positional arguments.
The response will be a small JSON that says nothing, or an error. If
there was no error, there should also be a Set-Cookie header supplying
you with a cookie named GerritAccount. This cookie will provide
authentication in future requests.