Authorization

2022-06-07 19:22:52 +02:00 · 2022-06-07 19:22:52 +02:00 · 856da41b72
commit 856da41b72
parent 94d0f55738
2 changed files with 56 additions and 0 deletions
--- a/pkg/acquisition/modules/loki/loki.go
+++ b/pkg/acquisition/modules/loki/loki.go
@ -7,6 +7,7 @@ https://grafana.com/docs/loki/latest/api/#get-lokiapiv1tail
 import (
 	"bytes"
 	"context"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@ -58,6 +59,7 @@ type LokiSource struct {
 	lokiReady     string
 	dialer        *websocket.Dialer
 	header        http.Header
+	auth          *url.Userinfo
 }

 func (l *LokiSource) GetMetrics() []prometheus.Collector {
@ -75,6 +77,13 @@ func (l *LokiSource) Configure(config []byte, logger *log.Entry) error {
 	if err != nil {
 		return errors.Wrap(err, "Cannot parse LokiAcquisition configuration")
 	}
+	u, err := url.Parse(l.Config.URL)
+	if err != nil {
+		return err
+	}
+	if u.User != nil {
+		l.auth = u.User
+	}
 	err = l.buildUrl()
 	if err != nil {
 		return errors.Wrap(err, "Cannot build Loki url")
@ -96,6 +105,9 @@ func (l *LokiSource) prepareConfig() error {
 	for k, v := range l.Config.Headers {
 		l.header.Set(k, v)
 	}
+	if l.auth != nil {
+		l.header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(l.auth.String())))
+	}
 	return nil
 }

@ -163,6 +175,9 @@ func (l *LokiSource) ConfigureByDSN(dsn string, labels map[string]string, logger
 	if u.Host == "localhost" || u.Host == "127.0.0.1" || u.Host == "[::1]" {
 		scheme = "http"
 	}
+	if u.User != nil {
+		l.auth = u.User
+	}
 	l.Config.URL = fmt.Sprintf("%s://%s", scheme, u.Host)
 	params := u.Query()
 	if q := params.Get("query"); q != "" {
--- a/pkg/acquisition/modules/loki/loki_test.go
+++ b/pkg/acquisition/modules/loki/loki_test.go
@ -24,6 +24,7 @@ func TestConfiguration(t *testing.T) {
 	tests := []struct {
 		config      string
 		expectedErr string
+		password    string
 	}{
 		{
 			config:      `foobar: asd`,
@ -51,6 +52,16 @@ url: http://localhost:3100/
 `,
 			expectedErr: "",
 		},
+		{
+
+			config: `
+mode: tail
+source: loki
+url: http://foo:bar@localhost:3100/
+`,
+			expectedErr: "",
+			password:    "bar",
+		},
 	}
 	subLogger := log.WithFields(log.Fields{
 		"type": "loki",
@ -59,6 +70,16 @@ url: http://localhost:3100/
 		lokiSource := LokiSource{}
 		err := lokiSource.Configure([]byte(test.config), subLogger)
 		cstest.AssertErrorContains(t, err, test.expectedErr)
+		if test.password == "" {
+			if lokiSource.auth != nil {
+				t.Fatalf("No auth should be here : %v", lokiSource.auth)
+			}
+		} else {
+			p, _ := lokiSource.auth.Password()
+			if test.password != p {
+				t.Fatalf("Bad password %s != %s", test.password, p)
+			}
+		}
 	}
 }

@ -69,6 +90,7 @@ func TestConfigureDSN(t *testing.T) {
 		dsn         string
 		expectedErr string
 		since       time.Duration
+		password    string
 	}{
 		{
 			name:        "Wrong scheme",
@ -95,6 +117,11 @@ func TestConfigureDSN(t *testing.T) {
 			dsn:   "loki://127.0.0.1:3100/?since=3h",
 			since: 3 * time.Hour,
 		},
+		{
+			name:     "Basic Auth",
+			dsn:      "loki://login:password@localhost:3100",
+			password: "password",
+		},
 	}

 	for _, test := range tests {
@ -108,6 +135,20 @@ func TestConfigureDSN(t *testing.T) {
 		if lokiSource.Config.Since != test.since {
 			t.Fatalf("Invalid since %v", lokiSource.Config.Since)
 		}
+		if test.password == "" {
+			if lokiSource.auth != nil {
+				t.Fatalf("Password should be empty : %v", lokiSource.auth)
+			}
+		} else {
+			p, _ := lokiSource.auth.Password()
+			if test.password != p {
+				t.Fatalf("Wrong password : %s != %s", test.password, p)
+			}
+			a := lokiSource.header.Get("authorization")
+			if !strings.HasPrefix(a, "Basic ") {
+				t.Fatalf("Bad auth header : %s", a)
+			}
+		}
 	}
 }