Adding MSA server security

[papagala]

Summary

This PR adds security/authentication support for calling custom MSA servers in Boltz, enabling the use of both basic authentication and API token authentication when accessing protected MSA endpoints.

Changes

• MSA Server Authentication Support:

  • Added support for Basic Authentication using --msa_server_username and --msa_server_password CLI options, or via the BOLTZ_MSA_USERNAME and BOLTZ_MSA_PASSWORD environment variables.
  • Added support for API Key/Token Authentication using --api_key_header and --api_key_value CLI options, or via the MSA_API_KEY_VALUE environment variable.
  • Ensured only one authentication method (basic or API key) can be used at a time, with clear error messages if both are provided.
  • Authentication is now properly passed to all MSA server requests.

• Documentation:

  • Updated the README to clearly explain both authentication methods, including usage examples and environment variable support.
  • Clarified that only one authentication method can be used at a time.

Motivation

Many custom MSA servers require authentication for access. This PR enables Boltz users to securely provide credentials—either via basic auth or API token—when calling such servers, making Boltz compatible with a wider range of enterprise and protected deployments. Additionally if no authentication is required, everything works as before so it is simply optional.

See the "Authentication to MSA Server" section in the README for details and usage examples.
These changes make it easier for users to securely provide credentials for MSA server access, reduce confusion around environment variable names, and ensure the documentation matches the actual code behavior.

See the "Authentication to MSA Server" section in the README for details and usage examples.
s

[jwohlwend]

Thanks for this contribution! Since this is not relevant to most users, I do not want to crowed the main README. Could you please move the instructions to the docs and maybe just add a single line on the main README that links to it?

[papagala]

Thanks for this contribution! Since this is not relevant to most users, I do not want to crowed the main README. Could you please move the instructions to the docs and maybe just add a single line on the main README that links to it?

That's a great idea, I have moved the information to the docs.

[jwohlwend]

Thanks a bunch, great PR!!

[papagala]

Thanks a bunch, great PR!!

My pleasure. Now I just realized it would have been a good idea to bump the patch to 2.1.2 should I open a pull request to bump the version? Else, please let me know when it is bumped so that I can document which specific pyproject.toml has the security upgrade.

Thanks for the openness and happy to contribute.

[papagala]

@jwohlwend should I bump the minor version of the open source to patch to 2.1.2? It would be useful to be able to point to this change easier.

[jwohlwend]

this was merged and released with 2.2.0!