diff --git a/plugins/common/cookie/cookie.go b/plugins/common/cookie/cookie.go index 9428ee2bc0ea2..68219dbf46437 100644 --- a/plugins/common/cookie/cookie.go +++ b/plugins/common/cookie/cookie.go @@ -20,7 +20,7 @@ type CookieAuthConfig struct { URL string `toml:"cookie_auth_url"` Method string `toml:"cookie_auth_method"` - Headers map[string]string `toml:"cookie_auth_headers"` + Headers map[string]*config.Secret `toml:"cookie_auth_headers"` // HTTP Basic Auth Credentials Username string `toml:"cookie_auth_username"` @@ -98,11 +98,19 @@ func (c *CookieAuthConfig) auth() error { } for k, v := range c.Headers { + secret, err := v.Get() + if err != nil { + return err + } + + headerVal := secret.String() if strings.EqualFold(k, "host") { - req.Host = v + req.Host = headerVal } else { - req.Header.Add(k, v) + req.Header.Add(k, headerVal) } + + secret.Destroy() } resp, err := c.client.Do(req) diff --git a/plugins/common/cookie/cookie_test.go b/plugins/common/cookie/cookie_test.go index edd40bac5b798..d801483eae0a0 100644 --- a/plugins/common/cookie/cookie_test.go +++ b/plugins/common/cookie/cookie_test.go @@ -37,6 +37,8 @@ var fakeCookie = &http.Cookie{ Value: "this is an auth cookie", } +var reqHeaderValSecret = config.NewSecret([]byte(reqHeaderVal)) + type fakeServer struct { *httptest.Server *int32 @@ -123,7 +125,7 @@ func TestAuthConfig_Start(t *testing.T) { Username string Password string Body string - Headers map[string]string + Headers map[string]*config.Secret } type args struct { renewal time.Duration @@ -157,7 +159,7 @@ func TestAuthConfig_Start(t *testing.T) { endpoint: authEndpointWithHeader, }, fields: fields{ - Headers: map[string]string{reqHeaderKey: reqHeaderVal}, + Headers: map[string]*config.Secret{reqHeaderKey: &reqHeaderValSecret}, }, firstAuthCount: 1, lastAuthCount: 3,