Basic authentication for HTTP remote state backend

This commit is contained in:
Ben Slusky 2017-01-19 21:01:38 -05:00
parent 570af34f0f
commit e3b20c3508
2 changed files with 35 additions and 5 deletions

View File

@ -44,20 +44,40 @@ func httpFactory(conf map[string]string) (Client, error) {
}
}
return &HTTPClient{
ret := &HTTPClient{
URL: url,
Client: client,
}, nil
}
if username, ok := conf["username"]; ok && username != "" {
ret.Username = username
}
if password, ok := conf["password"]; ok && password != "" {
ret.Password = password
}
return ret, nil
}
// HTTPClient is a remote client that stores data in Consul or HTTP REST.
type HTTPClient struct {
URL *url.URL
Client *http.Client
URL *url.URL
Client *http.Client
Username string
Password string
}
func (c *HTTPClient) Get() (*Payload, error) {
resp, err := c.Client.Get(c.URL.String())
req, err := http.NewRequest("GET", c.URL.String(), nil)
if err != nil {
return nil, err
}
// Prepare the request
if c.Username != "" {
req.SetBasicAuth(c.Username, c.Password)
}
// Make the request
resp, err := c.Client.Do(req)
if err != nil {
return nil, err
}
@ -141,6 +161,9 @@ func (c *HTTPClient) Put(data []byte) error {
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Content-MD5", b64)
req.ContentLength = int64(len(data))
if c.Username != "" {
req.SetBasicAuth(c.Username, c.Password)
}
// Make the request
resp, err := c.Client.Do(req)
@ -164,6 +187,11 @@ func (c *HTTPClient) Delete() error {
return fmt.Errorf("Failed to make HTTP request: %s", err)
}
// Prepare the request
if c.Username != "" {
req.SetBasicAuth(c.Username, c.Password)
}
// Make the request
resp, err := c.Client.Do(req)
if err != nil {

View File

@ -36,5 +36,7 @@ data "terraform_remote_state" "foo" {
The following configuration options are supported:
* `address` - (Required) The address of the REST endpoint
* `username` - (Optional) The username for HTTP basic authentication
* `password` - (Optional) The password for HTTP basic authentication
* `skip_cert_verification` - (Optional) Whether to skip TLS verification.
Defaults to `false`.