influxdata · reimda · Jan 11, 2022 · Jan 8, 2022
diff --git a/plugins/common/cookie/cookie.go b/plugins/common/cookie/cookie.go
@@ -19,6 +19,8 @@ type CookieAuthConfig struct {
 	URL    string `toml:"cookie_auth_url"`
 	Method string `toml:"cookie_auth_method"`
 
+	Headers map[string]string `toml:"cookie_auth_headers"`
+
 	// HTTP Basic Auth Credentials
 	Username string `toml:"cookie_auth_username"`
 	Password string `toml:"cookie_auth_password"`
@@ -90,6 +92,14 @@ func (c *CookieAuthConfig) auth() error {
 		req.SetBasicAuth(c.Username, c.Password)
 	}
 
+	for k, v := range c.Headers {
+		if strings.ToLower(k) == "host" {
+			req.Host = v
+		} else {
+			req.Header.Add(k, v)
+		}
+	}
+
 	resp, err := c.client.Do(req)
 	if err != nil {
 		return err

diff --git a/plugins/common/cookie/cookie_test.go b/plugins/common/cookie/cookie_test.go
@@ -18,14 +18,17 @@ import (
 )
 
 const (
-	reqUser   = "testUser"
-	reqPasswd = "testPassword"
-	reqBody   = "a body"
+	reqUser      = "testUser"
+	reqPasswd    = "testPassword"
+	reqBody      = "a body"
+	reqHeaderKey = "hello"
+	reqHeaderVal = "world"
 
 	authEndpointNoCreds                   = "/auth"
 	authEndpointWithBasicAuth             = "/authWithCreds"
 	authEndpointWithBasicAuthOnlyUsername = "/authWithCredsUser"
 	authEndpointWithBody                  = "/authWithBody"
+	authEndpointWithHeader                = "/authWithHeader"
 )
 
 var fakeCookie = &http.Cookie{
@@ -49,6 +52,12 @@ func newFakeServer(t *testing.T) fakeServer {
 			switch r.URL.Path {
 			case authEndpointNoCreds:
 				authed()
+			case authEndpointWithHeader:
+				if !cmp.Equal(r.Header.Get(reqHeaderKey), reqHeaderVal) {
+					w.WriteHeader(http.StatusUnauthorized)
+					return
+				}
+				authed()
 			case authEndpointWithBody:
 				body, err := io.ReadAll(r.Body)
 				require.NoError(t, err)
@@ -112,6 +121,7 @@ func TestAuthConfig_Start(t *testing.T) {
 		Username string
 		Password string
 		Body     string
+		Headers  map[string]string
 	}
 	type args struct {
 		renewal  time.Duration
@@ -138,6 +148,20 @@ func TestAuthConfig_Start(t *testing.T) {
 			firstHTTPResponse: http.StatusOK,
 			lastHTTPResponse:  http.StatusOK,
 		},
+		{
+			name: "success no creds, no body, default method, header set",
+			args: args{
+				renewal:  renewal,
+				endpoint: authEndpointWithHeader,
+			},
+			fields: fields{
+				Headers: map[string]string{reqHeaderKey: reqHeaderVal},
+			},
+			firstAuthCount:    1,
+			lastAuthCount:     3,
+			firstHTTPResponse: http.StatusOK,
+			lastHTTPResponse:  http.StatusOK,
+		},
 		{
 			name: "success with creds, no body",
 			fields: fields{
@@ -213,6 +237,7 @@ func TestAuthConfig_Start(t *testing.T) {
 				Username: tt.fields.Username,
 				Password: tt.fields.Password,
 				Body:     tt.fields.Body,
+				Headers:  tt.fields.Headers,
 				Renewal:  config.Duration(tt.args.renewal),
 			}
 			if err := c.initializeClient(srv.Client()); tt.wantErr != nil {

diff --git a/plugins/inputs/http/README.md b/plugins/inputs/http/README.md
@@ -54,6 +54,7 @@ The HTTP input plugin collects metrics from one or more HTTP(S) endpoints.  The
   # cookie_auth_method = "POST"
   # cookie_auth_username = "username"
   # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
   # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
   ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
   # cookie_auth_renewal = "5m"

diff --git a/plugins/inputs/http/http.go b/plugins/inputs/http/http.go
@@ -90,6 +90,7 @@ var sampleConfig = `
   # cookie_auth_method = "POST"
   # cookie_auth_username = "username"
   # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
   # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
   ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
   # cookie_auth_renewal = "5m"

diff --git a/plugins/outputs/http/README.md b/plugins/outputs/http/README.md
@@ -40,6 +40,7 @@ batch format by default.
   # cookie_auth_method = "POST"
   # cookie_auth_username = "username"
   # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
   # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
   ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
   # cookie_auth_renewal = "5m"

diff --git a/plugins/outputs/http/http.go b/plugins/outputs/http/http.go
@@ -58,6 +58,7 @@ var sampleConfig = `
   # cookie_auth_method = "POST"
   # cookie_auth_username = "username"
   # cookie_auth_password = "pa$$word"
+  # cookie_auth_headers = '{"Content-Type": "application/json", "X-MY-HEADER":"hello"}'
   # cookie_auth_body = '{"username": "user", "password": "pa$$word", "authenticate": "me"}'
   ## cookie_auth_renewal not set or set to "0" will auth once and never renew the cookie
   # cookie_auth_renewal = "5m"