Support for apt repositories which require authentication/authorization is not something that the ROS Infrastructure team anticipates being on our roadmap which means that this support would need to be driven by community interest.

rosdep currently interacts with system apt repositories by invoking existing command line tools.
My first question is to ask whether rosdep needs any special support or if configuring authorization for a specific repository could be done within apt and not require any special handling in rosdep. If explicit authentication handling is required, my initial expectations for a pull request from the community to be reviewable would include:

• Links to documentation describing the authorization/authentication interface being implemented.
• A plan for automated testing of the authenticated code flow since it will need to be maintained by the rosdep team.

Ah, my bad, reading through my message now I understand how it could be confusing. I am not referring on rosdep supporting authenticated/authorized APT repos - this it already supports given as you said it doesn't interact directly with the repos itself but through the distribution's tools.

My question is more in line with supporting rosdep source lists that are behind a server that requires authentication.
E.g. adding an extra file under /etc/ros/rosdep/sources.list.d/ that would require an entry such as:

yaml https://user:[email protected]/ros/rosdep.yaml

Currently, rosdep when parsing this makes the assumption that everything after : is the port number.

This is a pretty reasonable request. I hashed out a preliminary PR in #892. Please give that a shot and provide feedback if it works for you.

@cottsay have a look at #895 and let me know what you think!