From 145312c3acd91a7e61af712293dc8a1ac3691239 Mon Sep 17 00:00:00 2001
From: Kyle Havlovitz <kylehav@gmail.com>
Date: Wed, 17 Aug 2016 15:11:59 -0400
Subject: [PATCH] Added NOMAD_HTTP_AUTH env var for basic auth

---
 api/api.go      | 30 ++++++++++++++++++++++++++++++
 api/api_test.go | 13 +++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/api/api.go b/api/api.go
index 0535cf50bea..207f6510f61 100644
--- a/api/api.go
+++ b/api/api.go
@@ -10,6 +10,7 @@ import (
 	"net/url"
 	"os"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/go-cleanhttp"
@@ -74,6 +75,15 @@ type WriteMeta struct {
 	RequestTime time.Duration
 }
 
+// HttpBasicAuth is used to authenticate http client with HTTP Basic Authentication
+type HttpBasicAuth struct {
+	// Username to use for HTTP Basic Authentication
+	Username string
+
+	// Password to use for HTTP Basic Authentication
+	Password string
+}
+
 // Config is used to configure the creation of a client
 type Config struct {
 	// Address is the address of the Nomad agent
@@ -86,6 +96,9 @@ type Config struct {
 	// used if not provided.
 	HttpClient *http.Client
 
+	// HttpAuth is the auth info to use for http access.
+	HttpAuth *HttpBasicAuth
+
 	// WaitTime limits how long a Watch will block. If not provided,
 	// the agent default values will be used.
 	WaitTime time.Duration
@@ -100,6 +113,21 @@ func DefaultConfig() *Config {
 	if addr := os.Getenv("NOMAD_ADDR"); addr != "" {
 		config.Address = addr
 	}
+	if auth := os.Getenv("NOMAD_HTTP_AUTH"); auth != "" {
+		var username, password string
+		if strings.Contains(auth, ":") {
+			split := strings.SplitN(auth, ":", 2)
+			username = split[0]
+			password = split[1]
+		} else {
+			username = auth
+		}
+
+		config.HttpAuth = &HttpBasicAuth{
+			Username: username,
+			Password: password,
+		}
+	}
 	return config
 }
 
@@ -211,6 +239,8 @@ func (r *request) toHTTP() (*http.Request, error) {
 		username := r.url.User.Username()
 		password, _ := r.url.User.Password()
 		req.SetBasicAuth(username, password)
+	} else if r.config.HttpAuth != nil {
+		req.SetBasicAuth(r.config.HttpAuth.Username, r.config.HttpAuth.Password)
 	}
 
 	req.Header.Add("Accept-Encoding", "gzip")
diff --git a/api/api_test.go b/api/api_test.go
index a64e29e1ad1..1caf9db033d 100644
--- a/api/api_test.go
+++ b/api/api_test.go
@@ -5,6 +5,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"os"
+	"strings"
 	"testing"
 	"time"
 
@@ -90,15 +91,27 @@ func TestRequestTime(t *testing.T) {
 
 func TestDefaultConfig_env(t *testing.T) {
 	url := "http://1.2.3.4:5678"
+	auth := []string{"nomaduser", "12345"}
 
 	os.Setenv("NOMAD_ADDR", url)
 	defer os.Setenv("NOMAD_ADDR", "")
 
+	os.Setenv("NOMAD_HTTP_AUTH", strings.Join(auth, ":"))
+	defer os.Setenv("NOMAD_HTTP_AUTH", "")
+
 	config := DefaultConfig()
 
 	if config.Address != url {
 		t.Errorf("expected %q to be %q", config.Address, url)
 	}
+
+	if config.HttpAuth.Username != auth[0] {
+		t.Errorf("expected %q to be %q", config.HttpAuth.Username, auth[0])
+	}
+
+	if config.HttpAuth.Password != auth[1] {
+		t.Errorf("expected %q to be %q", config.HttpAuth.Password, auth[1])
+	}
 }
 
 func TestSetQueryOptions(t *testing.T) {