prometheus / blackbox_exporter

Blackbox prober exporter
https://prometheus.io
Apache License 2.0
4.69k stars 1.05k forks source link

Feature request: oauth2 authentication types #829

Open alanmcg opened 3 years ago

alanmcg commented 3 years ago

the oauth2 implementation doesn't seem to support anything other than just client_id and client_secret. I have a system which requires client_id and client_secret plus a username and password to be sent in the body of the request to authenticate.

Is it possible to add the ability to specify the body of the request in the oauth2 implementation?

jeansey commented 2 years ago

I could use OAuth2 «Resource Owner Password Credentials Grant» flow (with username and password) with blackbox 0.20.0 using the following config :

      oauth2:
        client_id: "my_client_app"
        client_secret: "my_client_app_secret"
        scopes:
          - "scope"
        token_url: "https://www.example.com/auth/token"
        endpoint_params:
          grant_type: "password"
          username: "test@example.com"
          password: "password"

I tested this on a private OAuth2 server, not sure it will work with others :sweat_smile:

alanmcg commented 2 years ago

I believe those are sent as URL parameters, not in the body, so doesn't solve the problem unfortunately

keklabs commented 1 month ago

I also want to use this kind of "Resource Owner Password Credentials Grant» flow", but putting "secrets" to configuration is not good idea. For client_secret there is possibility to use "client_secret_file" instead.

But for "password" - is there some way how to do it the same way ? Like "password_file" reference.