Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add basic authentication #967

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Add basic authentication #967

wants to merge 5 commits into from
+273 −0

Conversation

joernchen
Copy link

This PR adds Basic Authentication capabilities in front of redis_exporter.

@oliver006
Copy link
Owner

Thanks for the PR!
I'll try to have a look in the next few days.

@codecov Codecov
Copy link

codecov bot commented Dec 13, 2024

Codecov Report

Attention: Patch coverage is 69.23077% with 8 lines in your changes missing coverage. Please review.

Project coverage is 81.93%. Comparing base (d9ccc72) to head (94011b9).

Files with missing lines Patch % Lines
exporter/http.go 81.81% 3 Missing and 1 partial ⚠️
main.go 0.00% 4 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #967      +/-   ##
==========================================
- Coverage   82.05%   81.93%   -0.13%     
==========================================
  Files          18       18              
  Lines        2636     2662      +26     
==========================================
+ Hits         2163     2181      +18     
- Misses        386      393       +7     
- Partials       87       88       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@coveralls
Copy link

Pull Request Test Coverage Report for Build 12276941968

Details

  • 20 of 27 (74.07%) changed or added relevant lines in 2 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.1%) to 85.286%
Changes Missing Coverage Covered Lines Changed/Added Lines %
exporter/http.go 20 23 86.96%
main.go 0 4 0.0%
Totals Coverage Status
Change from base Build 11605907462: -0.1%
Covered Lines: 2278
Relevant Lines: 2671
💛 - Coveralls

oliver006
oliver006 reviewed Dec 14, 2024
View reviewed changes
exporter/http.go Outdated
@@ -12,6 +14,12 @@ import (
)

func (e *Exporter) ServeHTTP(w http.ResponseWriter, r *http.Request) {
err := e.verifyBasicAuth(r.BasicAuth())
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: you can combine this with line 18 for tighter scoping
if err := verifyBasicAuth(...); err != nil {

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did so in b0aabba

exporter/http_test.go
@@ -393,6 +393,135 @@ func TestReloadHandlers(t *testing.T) {
}
}

func TestIsBasicAuthConfigured(t *testing.T) {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

exporter/http.go
}

userCorrect := subtle.ConstantTimeCompare([]byte(user), []byte(e.options.BasicAuthUsername))
passCorrect := subtle.ConstantTimeCompare([]byte(password), []byte(e.options.BasicAuthPassword))
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: looks like you're always using these as byte[] instead of string so might as well just move the conversion into the "setter" in main.go:206/207

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've decided to leave this as it is for now, I hope that's fine.

exporter/http_test.go
BasicAuthPassword: tt.configPass,
})

err := e.verifyBasicAuth(tt.providedUser, tt.providedPass, tt.authHeaderSet)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with having a test that calls verifyBasicAuth() directly but I'd definitely would like to see tests that use a http client to make a real HTTP request (plenty of examples in this file).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the review!

I've addressed the missing tests and added a proper status code for failed authentication in b0aabba

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oliver006 oliver006 oliver006 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@joernchen @oliver006 @coveralls