Merge pull request #61 from logicmonitor/59-authentication-needs-bett…

…er-string-empty-check Fix auth selection edge case.
logicmonitor · Oct 26, 2023 · 85de512 · 85de512
2 parents c1bb8c8 + a8949a2
commit 85de512
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 20 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -1,4 +1,4 @@
 FROM fluent/fluentd-kubernetes-daemonset:v1.16-debian-forward-1
 USER root
-RUN gem install fluent-plugin-lm-logs -v 1.2.0
+RUN gem install fluent-plugin-lm-logs -v 1.2.1
 RUN gem install fluent-plugin-multi-format-parser -v 1.0.0
diff --git a/lib/fluent/plugin/out_lm.rb b/lib/fluent/plugin/out_lm.rb
@@ -83,11 +83,11 @@ def start
 
     def configure_auth
       @use_bearer_instead_of_lmv1 = false
-      if @access_id == nil || @access_key == nil
-        log.info "Access Id or access key null. Using bearer token for authentication."
+      if is_blank(@access_id) || is_blank(@access_key)
+        log.info "Access Id or access key blank / null. Using bearer token for authentication."
         @use_bearer_instead_of_lmv1 = true
       end
-      if @use_bearer_instead_of_lmv1 && @bearer_token == nil
+      if @use_bearer_instead_of_lmv1 && is_blank(@bearer_token)
         log.error "Bearer token not specified. Either access_id and access_key both or bearer_token must be specified for authentication with Logicmonitor."
         raise ArgumentError, 'No valid authentication specified. Either access_id and access_key both or bearer_token must be specified for authentication with Logicmonitor.'
       end
@@ -244,5 +244,14 @@ def generate_token(events)
         return "LMv1 #{@access_id}:#{signature}:#{timestamp}"
       end
     end
+
+    def is_blank(str)
+      if str.nil? || str.to_s.strip.empty?
+        return true
+      else
+        return false
+      end
+    end
+
   end
 end
diff --git a/lib/fluent/plugin/version.rb b/lib/fluent/plugin/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LmLogsFluentPlugin
-    VERSION = '1.2.0'
+    VERSION = '1.2.1'
 end
diff --git a/test/plugin/test_auth.rb b/test/plugin/test_auth.rb
@@ -34,10 +34,10 @@ def create_valid_subject
       tag = "lm.test"
       time = Time.parse("2020-08-23T00:53:15+00:00")
       record = {
-                "message" => "Hello there",  
-                "timestamp" => "2020-10-30T00:29:08.629701504Z" 
+                "message" => "Hello there",
+                "timestamp" => "2020-10-30T00:29:08.629701504Z"
                      }
-      events = [record]  
+      events = [record]
 
       result = plugin.generate_token(events)
       assert_match "LMv1 abcd:", result
@@ -51,16 +51,16 @@ def create_valid_subject
       plugin.configure_auth()
       tag = "lm.test"
       time = Time.parse("2020-08-23T00:53:15+00:00").to_i
-      record = {"message" => "Hello from test",  
-                "timestamp" => "2020-10-30T00:29:08.629701504Z" 
+      record = {"message" => "Hello from test",
+                "timestamp" => "2020-10-30T00:29:08.629701504Z"
               }
 
-      events = [record]  
+      events = [record]
 
       result = plugin.generate_token(events)
-        
+
       assert_match "Bearer abcd", result
-    end 
+    end
 
     test "when access id /key bearer all specified, use lmv1 " do
         plugin = create_driver(%[
@@ -71,15 +71,57 @@ def create_valid_subject
         plugin.configure_auth()
         tag = "lm.test"
         time = Time.parse("2020-08-23T00:53:15+00:00").to_i
-        record = {"message" => "Hello from test",  
-                  "timestamp" => "2020-10-30T00:29:08.629701504Z" 
+        record = {"message" => "Hello from test",
+                  "timestamp" => "2020-10-30T00:29:08.629701504Z"
                 }
-  
-        events = [record]  
-  
+
+        events = [record]
+
         result = plugin.generate_token(events)
-          
+
         assert_match "LMv1 abcd:", result
     end
+
+    test "no null/empty value alllowd for access_id/access_key/bearer_token " do
+      plugin = create_driver(%[
+        access_id
+        access_key abcd
+        bearer_token abcd
+      ]).instance
+      plugin.configure_auth()
+      tag = "lm.test"
+      time = Time.parse("2020-08-23T00:53:15+00:00").to_i
+      record = {"message" => "Hello from test",
+                "timestamp" => "2020-10-30T00:29:08.629701504Z"
+              }
+
+      events = [record]
+
+      result = plugin.generate_token(events)
+
+      assert_match "Bearer abcd", result
+
+      plugin2 = create_driver(%[
+        access_id
+        access_key abcd
+        bearer_token
+      ]).instance
+      assert_raise(ArgumentError) { plugin2.configure_auth() }
+
+      plugin3 = create_driver(%[
+        access_id abcd
+        access_key
+        bearer_token
+      ]).instance
+      assert_raise(ArgumentError) { plugin3.configure_auth() }
+
+      plugin4 = create_driver(%[
+        access_id
+        access_key
+        bearer_token
+      ]).instance
+      assert_raise(ArgumentError) { plugin4.configure_auth() }
+
+    end
   end
-end
+end