From a401e4cdd124eaf32e217f2c00f7fe475d99c1bc Mon Sep 17 00:00:00 2001
From: Holger Obermaier <40787752+ho-ob@users.noreply.github.com>
Date: Wed, 20 Sep 2023 17:41:12 +0200
Subject: [PATCH] Add basic authentication support

---
 sinks/httpSink.go | 22 ++++++++++++++++++++++
 sinks/httpSink.md |  4 ++++
 2 files changed, 26 insertions(+)

diff --git a/sinks/httpSink.go b/sinks/httpSink.go
index f00e4a3..7592932 100644
--- a/sinks/httpSink.go
+++ b/sinks/httpSink.go
@@ -24,6 +24,11 @@ type HttpSinkConfig struct {
 	// JSON web tokens for authentication (Using the *Bearer* scheme)
 	JWT string `json:"jwt,omitempty"`
 
+	// Basic authentication
+	Username     string `json:"username"`
+	Password     string `json:"password"`
+	useBasicAuth bool
+
 	// time limit for requests made by the http client
 	Timeout string `json:"timeout,omitempty"`
 	timeout time.Duration
@@ -198,6 +203,11 @@ func (s *HttpSink) Flush() error {
 			req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", s.config.JWT))
 		}
 
+		// Set basic authentication
+		if s.config.useBasicAuth {
+			req.SetBasicAuth(s.config.Username, s.config.Password)
+		}
+
 		// Do request
 		res, err = s.client.Do(req)
 		if err != nil {
@@ -254,6 +264,18 @@ func NewHttpSink(name string, config json.RawMessage) (Sink, error) {
 	if len(s.config.URL) == 0 {
 		return nil, errors.New("`url` config option is required for HTTP sink")
 	}
+
+	// Check basic authentication config
+	if len(s.config.Username) > 0 || len(s.config.Password) > 0 {
+		s.config.useBasicAuth = true
+	}
+	if s.config.useBasicAuth && len(s.config.Username) == 0 {
+		return nil, errors.New("basic authentication requires username")
+	}
+	if s.config.useBasicAuth && len(s.config.Password) == 0 {
+		return nil, errors.New("basic authentication requires password")
+	}
+
 	if len(s.config.IdleConnTimeout) > 0 {
 		t, err := time.ParseDuration(s.config.IdleConnTimeout)
 		if err == nil {
diff --git a/sinks/httpSink.md b/sinks/httpSink.md
index 02aad01..a90a134 100644
--- a/sinks/httpSink.md
+++ b/sinks/httpSink.md
@@ -13,6 +13,8 @@ The `http` sink uses POST requests to a HTTP server to submit the metrics in the
     ],
     "url" : "https://my-monitoring.example.com:1234/api/write",
     "jwt" : "blabla.blabla.blabla",
+    "username": "myUser",
+    "password": "myPW",
     "timeout": "5s",
     "idle_connection_timeout" : "5s",
     "flush_delay": "2s",
@@ -24,6 +26,8 @@ The `http` sink uses POST requests to a HTTP server to submit the metrics in the
 - `meta_as_tags`: Move specific meta information to the tags in the output (optional)
 - `url`: The full URL of the endpoint
 - `jwt`: JSON web tokens for authentication (Using the *Bearer* scheme)
+- `username`: username for basic authentication
+- `password`: password for basic authentication
 - `timeout`: General timeout for the HTTP client (default '5s')
 - `max_retries`: Maximum number of retries to connect to the http server
 - `idle_connection_timeout`: Timeout for idle connections (default '120s'). Should be larger than the measurement interval to keep the connection open