From 9cb121c76a2694e8015a436d825fe90d106cab43 Mon Sep 17 00:00:00 2001 From: h0nIg Date: Tue, 6 Aug 2024 08:12:13 +0200 Subject: [PATCH] feat(common.cookie): Allow usage of secrets for header (#15640) Co-authored-by: Josh Powers --- plugins/common/cookie/cookie.go | 14 +++++++++++--- plugins/common/cookie/cookie_test.go | 6 ++++-- plugins/inputs/http/README.md | 2 +- plugins/outputs/http/README.md | 2 +- 4 files changed, 17 insertions(+), 7 deletions(-) diff --git a/plugins/common/cookie/cookie.go b/plugins/common/cookie/cookie.go index 9428ee2bc0ea2..68219dbf46437 100644 --- a/plugins/common/cookie/cookie.go +++ b/plugins/common/cookie/cookie.go @@ -20,7 +20,7 @@ type CookieAuthConfig struct { URL string `toml:"cookie_auth_url"` Method string `toml:"cookie_auth_method"` - Headers map[string]string `toml:"cookie_auth_headers"` + Headers map[string]*config.Secret `toml:"cookie_auth_headers"` // HTTP Basic Auth Credentials Username string `toml:"cookie_auth_username"` @@ -98,11 +98,19 @@ func (c *CookieAuthConfig) auth() error { } for k, v := range c.Headers { + secret, err := v.Get() + if err != nil { + return err + } + + headerVal := secret.String() if strings.EqualFold(k, "host") { - req.Host = v + req.Host = headerVal } else { - req.Header.Add(k, v) + req.Header.Add(k, headerVal) } + + secret.Destroy() } resp, err := c.client.Do(req) diff --git a/plugins/common/cookie/cookie_test.go b/plugins/common/cookie/cookie_test.go index edd40bac5b798..d801483eae0a0 100644 --- a/plugins/common/cookie/cookie_test.go +++ b/plugins/common/cookie/cookie_test.go @@ -37,6 +37,8 @@ var fakeCookie = &http.Cookie{ Value: "this is an auth cookie", } +var reqHeaderValSecret = config.NewSecret([]byte(reqHeaderVal)) + type fakeServer struct { *httptest.Server *int32 @@ -123,7 +125,7 @@ func TestAuthConfig_Start(t *testing.T) { Username string Password string Body string - Headers map[string]string + Headers map[string]*config.Secret } type args struct { renewal time.Duration @@ -157,7 +159,7 @@ func TestAuthConfig_Start(t *testing.T) { endpoint: authEndpointWithHeader, }, fields: fields{ - Headers: map[string]string{reqHeaderKey: reqHeaderVal}, + Headers: map[string]*config.Secret{reqHeaderKey: &reqHeaderValSecret}, }, firstAuthCount: 1, lastAuthCount: 3, diff --git a/plugins/inputs/http/README.md b/plugins/inputs/http/README.md index a245ae3df4d24..7593762d84da8 100644 --- a/plugins/inputs/http/README.md +++ b/plugins/inputs/http/README.md @@ -18,7 +18,7 @@ See the [CONFIGURATION.md][CONFIGURATION.md] for more details. ## Secret-store support This plugin supports secrets from secret-stores for the `username`, `password`, -`token` and `headers` option. +`token`, `headers`, and `cookie_auth_headers` option. See the [secret-store documentation][SECRETSTORE] for more details on how to use them. diff --git a/plugins/outputs/http/README.md b/plugins/outputs/http/README.md index 51812563e2692..99f7f37d71af0 100644 --- a/plugins/outputs/http/README.md +++ b/plugins/outputs/http/README.md @@ -16,7 +16,7 @@ See the [CONFIGURATION.md][CONFIGURATION.md] for more details. ## Secret-store support This plugin supports secrets from secret-stores for the `username`, `password` -and `headers` option. +`headers`, and `cookie_auth_headers` option. See the [secret-store documentation][SECRETSTORE] for more details on how to use them.