improve http request handling for sources and support multiple paths on same netloc

[abn]

This change refactors HTTP repository source implementations. The following changes have been made.

• CacheControl cache now lives within Authenticator.
• Authenticator manages unique sessions for individual netloc.
• CacheControl usage now respects disable cache parameter in repos.
• Certificate and authentication logic is now managed solely within
    Authenticator for source repositories taking advantage of recent
    enhancements.
• Support same netloc with multiple path's in Authenticator.
• Clean up and unifiy redundant logic in credential access.

These changes should allow for better handling of cases like those described in #3041. Additionally, this forms the foundation for unifying HTTP specific logic within the code base and possibly allowing for migration of requests etc. if/when required.

Additionally, also cleans up some type hinting issues pertaining to http repo only attributes.

Co-Authors: @Darsstar @agni-sairent

Closes: #5108
Closes: #5463
Resolves: #5651

[Darsstar]

Azure DevOps Aftifacts Feed + keyring still works 😄

I'm just going to mention #5463 and tag @agni-sairent so that both of you know about each other's PR.

[abn]

@Darsstar 🍰 Thank you for testing that much appreciated and for the #5463.

@agni-sairent would you mind if I pulled in your changes into this PR so its all tidy? I am guessing the use case things like gitlab etc where there are project specific credentials?

[agni-sairent]

@abn go for it! I don't mind at all 😄
You're exactly right, our use case is multiple gitlab repos/package registries with different credentials.

[abn]

@Darsstar @agni-sairent I have landed that change at abn#1 for now - might need a couple of iterations. Feedback/testing appreciated. I just reused tests from #5463 - well, whatever was net new.

This PR can go ahead without those changes as this does not change existing functionality.

[KundaPanda]

I am looking forward to seeing either one of these PRs merged, so I went forward and tried your version but discovered some odd behaviour.

• If I specify a custom source, which only contains specific packages, and I try to install another package from pypi (in my case, pytz), poetry cannot resolve it. (Because test depends on pytz (^2022.1), which doesn't exist, version solving failed.)

  • This issue disappears once I have removed the source from pyproject.toml. After adding custom source(s) back, the issue arises again.
  • All custom repositories are set as secondary, and adding an official pypi source as default did not help either.
  • Oddly enough, I have only encountered this issue with pytz, which I am able to install as whl, so it might be unrelated to this PR and only specific (maybe?) to year-based version names.
  • This happens on Issue #5107: Support multiple respositories on same host with different credentials. #5463 as well.

• Custom packages need to be specified with source; otherwise, poetry only looks on pypi.org and fails with 404.

  • This does not happen on Issue #5107: Support multiple respositories on same host with different credentials. #5463.

EDIT: First issue happens on master as well, second already described in #5476

[Darsstar]

Almost there! Lots of nice refactoring!

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.