Telegraf: Authentication option for httpjson plugin

good idea, shouldn't be too difficult to add

@NRMK81 I noticed that the httpjson input allows sending of headers and one could also send credentials in the url. Is this issue already complete or can you clarify the what method of credentials you would like supported?

The one I'd like to see is Digest auth as it currently cant be done using the HTTP headers functionality.

This would be a good addition.

@danielnelson so would something like "http://user:[email protected]/test.json" work when using httpjson plugin? Or how can http basic auth be used currently? If basic auth is currently not supported i clearly give this request a +1.

I believe it should passthrough the userinfo section in your url. Basic auth adds an Authorization header and sets it to Basic base64(username:password). You can do this currently although it requires you to compute the base64 value manually, so we should probably add a username, password option.

I've been toying around with using the Authorization Basic header in the httpjson plugin but having some issues. I'm sure the syntax I'm using is at fault. Below is what I have configured when testing.

[inputs.httpjson.headers]
  X-Auth-Token = "Basic <token_pulled_from_postman>"
  apiVersion = "v1"

I've tried removing Basic and just leaving the token but both ways gives me an authentication failure.

I think you would want this for a standard http server using basic auth:

  [inputs.httpjson.headers]
    Authorization = "Basic aG93ZHk6ZG9vZHk="

The example base64 is the result of:

echo -ne howdy:doody | base64

Try it out with curl first:

$ curl --user howdy:doody http://localhost:9999 -v
* Rebuilt URL to: http://localhost:9999/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 9999 (#0)
* Server auth using Basic with user 'howdy'
> GET / HTTP/1.1
> Host: localhost:9999
> Authorization: Basic aG93ZHk6ZG9vZHk=
> User-Agent: curl/7.54.1
> Accept: */*

@danielnelson That is what I did shortly after commenting and it does work!

What about Digest Authentication. Is it possible to use ? The curl command works:
curl --user aaa:bbb "http://xxx.yyy" --digest -v
but how to use it in telegraf ?
Authorization: Digest username="root", realm="Forbidden", nonce="04d5b48c5e6c8b9b3dd84af4ce6b7643", uri="/", cnonce="OTEyZTZkMTExZjk1NDAxM2EyMDdlMThlNDc4MTM4MGM=", nc=00000001, qop=auth, response="a2ac73d78e199580a2c8546ac4ba7229", opaque="7a6a2abf367f778892c5db364070449f", algorithm="MD5"

@marianob85 No, we don't currently have support for this.

Shame we don't have digest - I am not much of a go programmer - but did have a look and doesn't look too much to add it. Anyway - I found a useful workaround for anyone still looking at this. Just use the exec plugin and curl:

[[inputs.exec]]
  commands = [
    "curl -m 10 --digest -u 'user:pass' http://myurl.com"
  ]
  timeout = "5s"

  data_format = "json"
  name_override = "myoverride"

I opened #4524 specifically for HTTP Digest Authentication. Since the httpjson input is now deprecated we should add it to the http input.

For those looking for HTTP Basic Authentication, the http input currently supports this.