feat: support headers for http plugin with cookie auth (#10404)

2022-01-11 22:31:28 +00:00 · 2022-01-11 22:31:28 +00:00 · 48b981bd4e
parent 457c98f4c2
commit 48b981bd4e
6 changed files with 42 additions and 3 deletions
--- a/plugins/common/cookie/cookie.go
+++ b/plugins/common/cookie/cookie.go
@ -19,6 +19,8 @@ type CookieAuthConfig struct {
 	URL    string `toml:"cookie_auth_url"`
 	Method string `toml:"cookie_auth_method"`

+	Headers map[string]string `toml:"cookie_auth_headers"`
+
 	// HTTP Basic Auth Credentials
 	Username string `toml:"cookie_auth_username"`
 	Password string `toml:"cookie_auth_password"`
@ -90,6 +92,14 @@ func (c *CookieAuthConfig) auth() error {
 		req.SetBasicAuth(c.Username, c.Password)
 	}

+	for k, v := range c.Headers {
+		if strings.ToLower(k) == "host" {
+			req.Host = v
+		} else {
+			req.Header.Add(k, v)
+		}
+	}
+
 	resp, err := c.client.Do(req)
 	if err != nil {
 		return err
--- a/plugins/common/cookie/cookie_test.go
+++ b/plugins/common/cookie/cookie_test.go
@ -18,14 +18,17 @@ import (
 )

 const (
-	reqUser   = "testUser"
-	reqPasswd = "testPassword"
-	reqBody   = "a body"
+	reqUser      = "testUser"
+	reqPasswd    = "testPassword"
+	reqBody      = "a body"
+	reqHeaderKey = "hello"
+	reqHeaderVal = "world"

 	authEndpointNoCreds                   = "/auth"
 	authEndpointWithBasicAuth             = "/authWithCreds"
 	authEndpointWithBasicAuthOnlyUsername = "/authWithCredsUser"
 	authEndpointWithBody                  = "/authWithBody"
+	authEndpointWithHeader                = "/authWithHeader"
 )

 var fakeCookie = &http.Cookie{
@ -49,6 +52,12 @@ func newFakeServer(t *testing.T) fakeServer {
 			switch r.URL.Path {
 			case authEndpointNoCreds:
 				authed()
+			case authEndpointWithHeader:
+				if !cmp.Equal(r.Header.Get(reqHeaderKey), reqHeaderVal) {
+					w.WriteHeader(http.StatusUnauthorized)
+					return
+				}
+				authed()
 			case authEndpointWithBody:
 				body, err := io.ReadAll(r.Body)
 				require.NoError(t, err)
@ -112,6 +121,7 @@ func TestAuthConfig_Start(t *testing.T) {
 		Username string
 		Password string
 		Body     string
+		Headers  map[string]string
 	}
 	type args struct {
 		renewal  time.Duration
@ -138,6 +148,20 @@ func TestAuthConfig_Start(t *testing.T) {
 			firstHTTPResponse: http.StatusOK,
 			lastHTTPResponse:  http.StatusOK,
 		},
+		{
+			name: "success no creds, no body, default method, header set",
+			args: args{
+				renewal:  renewal,
+				endpoint: authEndpointWithHeader,
+			},
+			fields: fields{
+				Headers: map[string]string{reqHeaderKey: reqHeaderVal},
+			},
+			firstAuthCount:    1,
+			lastAuthCount:     3,
+			firstHTTPResponse: http.StatusOK,
+			lastHTTPResponse:  http.StatusOK,
+		},
 		{
 			name: "success with creds, no body",
 			fields: fields{
@ -213,6 +237,7 @@ func TestAuthConfig_Start(t *testing.T) {
 				Username: tt.fields.Username,
 				Password: tt.fields.Password,
 				Body:     tt.fields.Body,
+				Headers:  tt.fields.Headers,
 				Renewal:  config.Duration(tt.args.renewal),
 			}
 			if err := c.initializeClient(srv.Client()); tt.wantErr != nil {
--- a/plugins/inputs/http/README.md
+++ b/plugins/inputs/http/README.md
@ -54,6 +54,7 @@ The HTTP input plugin collects metrics from one or more HTTP(S) endpoints.  The
  # cookie_auth_method = "POST"
  # cookie_auth_username = "username"
  # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
  # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
  ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
  # cookie_auth_renewal = "5m"
--- a/plugins/inputs/http/http.go
+++ b/plugins/inputs/http/http.go
@ -90,6 +90,7 @@ var sampleConfig = `
  # cookie_auth_method = "POST"
  # cookie_auth_username = "username"
  # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
  # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
  ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
  # cookie_auth_renewal = "5m"
--- a/plugins/outputs/http/README.md
+++ b/plugins/outputs/http/README.md
@ -40,6 +40,7 @@ batch format by default.
  # cookie_auth_method = "POST"
  # cookie_auth_username = "username"
  # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
  # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
  ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
  # cookie_auth_renewal = "5m"
--- a/plugins/outputs/http/http.go
+++ b/plugins/outputs/http/http.go
@ -58,6 +58,7 @@ var sampleConfig = `
  # cookie_auth_method = "POST"
  # cookie_auth_username = "username"
  # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
  # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
  ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
  # cookie_auth_renewal = "5m"