Feature request: oauth2 authentication types

prometheus / blackbox_exporter

Blackbox prober exporter

https://prometheus.io

Apache License 2.0

4.58k stars 1.04k forks source link

Feature request: oauth2 authentication types #829

Open alanmcg opened 2 years ago

alanmcg commented 2 years ago

the oauth2 implementation doesn't seem to support anything other than just client_id and client_secret. I have a system which requires client_id and client_secret plus a username and password to be sent in the body of the request to authenticate.

Is it possible to add the ability to specify the body of the request in the oauth2 implementation?

jeansey commented 2 years ago

I could use OAuth2 «Resource Owner Password Credentials Grant» flow (with username and password) with blackbox 0.20.0 using the following config :

      oauth2:
        client_id: "my_client_app"
        client_secret: "my_client_app_secret"
        scopes:
          - "scope"
        token_url: "https://www.example.com/auth/token"
        endpoint_params:
          grant_type: "password"
          username: "test@example.com"
          password: "password"

I tested this on a private OAuth2 server, not sure it will work with others :sweat_smile:

alanmcg commented 2 years ago

I believe those are sent as URL parameters, not in the body, so doesn't solve the problem unfortunately