Add fallback to basic auth for machine accounts

pkg/horreum/configs.go

@@ -18,10 +18,20 @@ func NewDefaultHorreumCredentials() HorreumCredentials {
 	}
 }
 
+type AuthMethod int64
+
+const (
+	// BEARER authentication method where a token is provided from the OIDC server
+	BEARER = iota
+	// BASIC encodes username and password in the HTTP request
+	BASIC
+)
+
 type ClientConfiguration struct {
 	HttpClient            *http.Client
 	ParentTransport       http.RoundTripper
 	UseDefaultMiddlewares bool
+	AuthMethod            AuthMethod
 	Options               []abstractions.RequestOption
 }
 
@@ -30,6 +40,7 @@ func NewDefaultClientConfiguration() ClientConfiguration {
 		HttpClient:            nil,
 		ParentTransport:       nil,
 		UseDefaultMiddlewares: true,
+		AuthMethod:            BEARER,
 		Options:               []abstractions.RequestOption{},
 	}
 }

pkg/horreum/horreum.go

@@ -2,7 +2,9 @@ package horreum
 
 import (
 	"context"
+	"encoding/base64"
 	"fmt"
+	"log"
 
 	nethttp "net/http"
 
@@ -20,10 +22,11 @@ var version string
 type HorreumClient struct {
 	baseUrl      string
 	credentials  *HorreumCredentials
+	AuthMethod   AuthMethod
 	clientConfig *ClientConfiguration
 
-	RawClient   *raw_client.HorreumRawClient
-	AuthProvder authentication.AuthenticationProvider
+	RawClient    *raw_client.HorreumRawClient
+	AuthProvider authentication.AuthenticationProvider
 }
 
 func setupAuthProvider(baseUrl string, username string, password string) (authentication.AccessTokenProvider, error) {
@@ -51,18 +54,29 @@ func NewHorreumClient(baseUrl string, credentials *HorreumCredentials, clientCon
 		clientConfig: clientConfig,
 
 		// By default, set auth provider to anonymous one
-		AuthProvder: &authentication.AnonymousAuthenticationProvider{},
+		AuthProvider: &authentication.AnonymousAuthenticationProvider{},
 	}
 
 	if credentials != nil {
 		if credentials.Username != nil && credentials.Password != nil {
-			provider, err := setupAuthProvider(baseUrl, *credentials.Username, *credentials.Password)
-			if err != nil {
-				return nil, fmt.Errorf("error setting up keycloak provider: %w", err)
+			if clientConfig == nil || clientConfig.AuthMethod == BEARER {
+				provider, err := setupAuthProvider(baseUrl, *credentials.Username, *credentials.Password)
+				if err != nil {
+					return nil, fmt.Errorf("error setting up keycloak provider: %w", err)
+				}
+				log.Default().Println("Using OIDC bearer token for authentication")
+				client.AuthProvider = authentication.NewBaseBearerTokenAuthenticationProvider(provider)
+			} else if clientConfig.AuthMethod == BASIC {
+				basic := "Basic " + base64.StdEncoding.EncodeToString([]byte(*credentials.Username+":"+*credentials.Password))
+				provider, err := authentication.NewApiKeyAuthenticationProvider(basic, "Authentication", authentication.HEADER_KEYLOCATION)
+				if err != nil {
+					return nil, fmt.Errorf("error setting up auth provider: %w", err)
+				}
+				log.Default().Println("Using Basic HTTP authentication")
+				client.AuthProvider = provider
 			}
-			client.AuthProvder = authentication.NewBaseBearerTokenAuthenticationProvider(provider)
 		} else if credentials.Password != nil {
-			return nil, fmt.Errorf("providing password without username, have you missed something?")
+			return nil, fmt.Errorf("provided password without username")
 		}
 	}
 
@@ -92,7 +106,7 @@ func NewHorreumClient(baseUrl string, credentials *HorreumCredentials, clientCon
 		httpClient = http.GetDefaultClient(middlewares...)
 	}
 
-	adapter, err := http.NewNetHttpRequestAdapterWithParseNodeFactoryAndSerializationWriterFactoryAndHttpClient(client.AuthProvder, nil, nil, httpClient)
+	adapter, err := http.NewNetHttpRequestAdapterWithParseNodeFactoryAndSerializationWriterFactoryAndHttpClient(client.AuthProvider, nil, nil, httpClient)
 	if err != nil {
 		return nil, fmt.Errorf("error creating client adapter: %w", err)
 	}

pkg/horreum/horreum_integration_test.go

@@ -55,7 +55,7 @@ func TestMissingTokenWithAnonymous(t *testing.T) {
 		Method:      abstractions.GET,
 		UrlTemplate: "/api",
 	}
-	err := client.AuthProvder.AuthenticateRequest(ctx, req, nil)
+	err := client.AuthProvider.AuthenticateRequest(ctx, req, nil)
 
 	a.Nil(err)
 	a.Nil(req.Headers)
@@ -68,7 +68,7 @@ func TestExistingTokenWithAuthentication(t *testing.T) {
 		Method: abstractions.GET,
 	}
 	req.SetUri(url.URL{Scheme: "https", Host: "localhost:8080", Path: "api/"})
-	err := client.AuthProvder.AuthenticateRequest(ctx, req, nil)
+	err := client.AuthProvider.AuthenticateRequest(ctx, req, nil)
 
 	a.Nil(err)
 	a.NotNil(req.Headers)

pkg/horreum/horreum_test.go

@@ -1,6 +1,7 @@
 package horreum
 
 import (
+	"github.com/microsoft/kiota-abstractions-go/authentication"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -25,7 +26,7 @@ func TestMissingMissingPasswordWithUsername(t *testing.T) {
 		Password: &password,
 	}, nil)
 	assert.NotNil(t, err)
-	assert.Equal(t, "providing password without username, have you missed something?", err.Error())
+	assert.Equal(t, "provided password without username", err.Error())
 }
 
 func TestAuthProviderSetupFailure(t *testing.T) {
@@ -39,6 +40,16 @@ func TestAuthProviderSetupFailure(t *testing.T) {
 	assert.Contains(t, err.Error(), "connection refused")
 }
 
+func TestBasicAuthSetup(t *testing.T) {
+	client, _ := NewHorreumClient("http://localhost:9999", &HorreumCredentials{
+		Username: &username,
+		Password: &password,
+	}, &ClientConfiguration{
+		AuthMethod: BASIC,
+	})
+	assert.IsType(t, &authentication.ApiKeyAuthenticationProvider{}, client.AuthProvider)
+}
+
 func TestGetClientVersion(t *testing.T) {
 	a, client := setup(t)
 

pkg/raw_client/kiota-lock.json

@@ -1,5 +1,5 @@
 {
-  "descriptionHash": "D4C9DE28DD80B52063C404E3BD76DEFB6D1B5BE494A972E00C7CD01BDB79F14EC3984E1D2EE279F3EAA317CE0B269D2B65C448D4FBE94827F9ECDFB1C4F03AAA",
+  "descriptionHash": "CC743E7085C92D0A86A5EE0838B70BE7950CA4511A335383F3AD590B71BEC4B5F1CA65FC7449D3BBE410F9AF031E78DB5A1E0A4878585944637A7F353C85BF7C",
   "descriptionLocation": "../../openapi/openapi.yaml",
   "lockFileVersion": "1.0.0",
   "kiotaVersion": "1.15.0",