Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(elasticsearch sink): Add HTTP Basic authorization #749

Merged
merged 3 commits into from Aug 13, 2019
Merged

feat(elasticsearch sink): Add HTTP Basic authorization #749

merged 3 commits into from Aug 13, 2019

Conversation

bruceg
Copy link
Member

@bruceg bruceg commented Aug 13, 2019

This adds support for HTTP Basic authorization to the elasticsearch sink.

Closes #472

@bruceg
Remove unnecessary clones in elasticsearch config build
adb328c 
Signed-off-by: Bruce Guenter <bruce@untroubled.org>
@bruceg
Add support for HTTP Basic authentication to the elasticsearch sink
65ae114 
Signed-off-by: Bruce Guenter <bruce@untroubled.org>
binarylogic
binarylogic reviewed Aug 13, 2019
View reviewed changes
src/sinks/elasticsearch.rs

let policy = FixedRetryPolicy::new(
retry_attempts,
Duration::from_secs(retry_backoff_secs),
HttpRetryLogic,
);

let authorization = config.basic_auth.clone().map(|auth| {
let token = format!("{}:{}", auth.user, auth.password);
format!("Basic {}", base64::encode(token.as_bytes()))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is correct, but wanted to make sure base64url is not required here instead.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't believe so, since it's not going into the url.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AFAIK the authorization token uses the standard base64 character set.

lukesteensen
lukesteensen approved these changes Aug 13, 2019
View reviewed changes
Copy link
Member

@lukesteensen lukesteensen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, thank you!

src/sinks/elasticsearch.rs

let policy = FixedRetryPolicy::new(
retry_attempts,
Duration::from_secs(retry_backoff_secs),
HttpRetryLogic,
);

let authorization = config.basic_auth.clone().map(|auth| {
let token = format!("{}:{}", auth.user, auth.password);
format!("Basic {}", base64::encode(token.as_bytes()))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't believe so, since it's not going into the url.

@bruceg bruceg merged commit a2196b8 into master Aug 13, 2019
@bruceg bruceg deleted the elasticsearch-basic-auth branch August 13, 2019 22:02
@binarylogic binarylogic mentioned this pull request Aug 26, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@binarylogic binarylogic binarylogic left review comments

@lukesteensen lukesteensen lukesteensen approved these changes

Assignees

@lukesteensen lukesteensen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support Elasticsearch basic auth (x-pack) security
3 participants
@bruceg @lukesteensen @binarylogic