Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add basic authentication #967

Merged
merged 5 commits into from
Dec 15, 2024
Merged

Add basic authentication #967

merged 5 commits into from
Dec 15, 2024

Conversation

joernchen
Copy link
Contributor

This PR adds Basic Authentication capabilities in front of redis_exporter.

@oliver006
Copy link
Owner

Thanks for the PR!
I'll try to have a look in the next few days.

@codecov Codecov
Copy link

codecov bot commented Dec 13, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 84.61538% with 4 lines in your changes missing coverage. Please review.

Project coverage is 82.08%. Comparing base (d9ccc72) to head (b0aabba).
Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
main.go 0.00% 4 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #967      +/-   ##
==========================================
+ Coverage   82.05%   82.08%   +0.02%     
==========================================
  Files          18       18              
  Lines        2636     2662      +26     
==========================================
+ Hits         2163     2185      +22     
- Misses        386      390       +4     
  Partials       87       87

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@coveralls
Copy link

coveralls commented Dec 13, 2024
edited
Loading

Pull Request Test Coverage Report for Build 12331988242

Details

  • 23 of 27 (85.19%) changed or added relevant lines in 2 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.007%) to 85.399%
Changes Missing Coverage Covered Lines Changed/Added Lines %
main.go 0 4 0.0%
Totals Coverage Status
Change from base Build 11605907462: -0.007%
Covered Lines: 2281
Relevant Lines: 2671
💛 - Coveralls

oliver006
oliver006 reviewed Dec 14, 2024
View reviewed changes
exporter/http.go Outdated
@@ -12,6 +14,12 @@ import (
)

func (e *Exporter) ServeHTTP(w http.ResponseWriter, r *http.Request) {
err := e.verifyBasicAuth(r.BasicAuth())
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: you can combine this with line 18 for tighter scoping
if err := verifyBasicAuth(...); err != nil {

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did so in b0aabba

exporter/http_test.go
@@ -393,6 +393,135 @@ func TestReloadHandlers(t *testing.T) {
}
}

func TestIsBasicAuthConfigured(t *testing.T) {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

exporter/http.go
}

userCorrect := subtle.ConstantTimeCompare([]byte(user), []byte(e.options.BasicAuthUsername))
passCorrect := subtle.ConstantTimeCompare([]byte(password), []byte(e.options.BasicAuthPassword))
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: looks like you're always using these as byte[] instead of string so might as well just move the conversion into the "setter" in main.go:206/207

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've decided to leave this as it is for now, I hope that's fine.

exporter/http_test.go
BasicAuthPassword: tt.configPass,
})

err := e.verifyBasicAuth(tt.providedUser, tt.providedPass, tt.authHeaderSet)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with having a test that calls verifyBasicAuth() directly but I'd definitely would like to see tests that use a http client to make a real HTTP request (plenty of examples in this file).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the review!

I've addressed the missing tests and added a proper status code for failed authentication in b0aabba

oliver006
oliver006 approved these changes Dec 15, 2024
View reviewed changes
Copy link
Owner

@oliver006 oliver006 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work!

@oliver006 oliver006 merged commit 51783a5 into oliver006:master Dec 15, 2024
8 of 9 checks passed
@oliver006
Copy link
Owner

Released as https://github.com/oliver006/redis_exporter/releases/tag/v1.67.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oliver006 oliver006 oliver006 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@joernchen @oliver006 @coveralls