How to pass basic authentication details in http filter plugin

Hi,
I am using logstash HTTP filter plugin.
I want to pass basic authentication details such as username, and password in the request.

Could you please suggest, how we can post a request using header, body, and basic-authentication in every single request?

The http filter has options to supply the body and headers. Basic authentication is just another header.

Do i use like below?
http {
url => "https://myapi/v1/token"

verb => "POST"

  "BasicAuth" => {
	    "Username" =>"xxxxx"
        "Password" => "dddaaaaa"
    }
 

headers => {
"Content-Type" => "application/x-www-form-urlencoded"
}

body => {
"grant_type" => "password"
"username" => "user"
"password" => "password"
"scope" => "myscope"
}

}

No, basic authentication is just another header. There is no support in the filter to encode it for you. You would use something like

headers => {
    "Content-Type" => "application/x-www-form-urlencoded"
    "Authorization" => "Basic aHR0cHdhdGNoOmY="
}

Hi ,

Thank you for your response .I have username and password but how to generate the token that is used along with Basic in 'Authorization'.

Step 3 of this shows you how to encode the string.

Hi,

I am using post method and logstash http filter. I was used linux command to convert username:password to base64 encode and used in header section.I am getting error client_error=>"undefined method `encoding' for #Hash:0x68246"

filter {

http {
url => "https://myapi/v1/token"

verb => "POST"

headers => {
   "Content-Type" => "application/x-www-form-urlencoded"
    "Authorization" => "Basic Xh4NXidHdONjk="
}
	
body => {
"grant_type" => "password" 
"username" => "username" 
"password" => "password" 
"scope" => "54ff4"
}

}
}

Where are you getting that error? Is it from logstash? From the API? Is there a stack trace?

HI ,
I am getting error in logstash

{
"host" => "Zxxxxx",
"@timestamp" => 2019-09-26T21:26:47.779Z,
"tags" => [
[0] "_httprequestfailure"
],
"@version" => "1",
"message" => "w\r"
}

I cannot find it in the code, but I do not think it makes sense to supply the body as a hash when you are using a text encoding. If the body were a string then calling String.encode on it would make sense.

What actual text does the API need in the body of the request.

I was tested with curl command and its working
curl --silent --write-out "HTTPSTATUS:%{http_code}" -H "Authorization: Basic Xh4NXidHdONjk=" -H 'Accept: application/json' -H 'Content-Type: application/x-www-form-urlencoded' 'https://myapi/v1/token' -d 'grant_type'='password' -d 'username'={username} -d 'password'={password} -d 'scope'=${scope})

But when I am using below, it's throwing error

http {
url => "https://myapi/v1/token"

verb => "POST"

headers => {
   "Content-Type" => "application/x-www-form-urlencoded"
    "Authorization" => "Basic Xh4NXidHdONjk="
}
	
body => {
"grant_type" => "password" 
"username" => "username" 
"password" => "password" 
"scope" => "54ff4"
}
}

Try adding the option

body_format => "json"

No luck. I found other error

filter{
http {
url => "https://myapi/v1/token""

verb => "POST"

headers => {
   "Content-Type" => "application/x-www-form-urlencoded"
    "Accept" => "application/json"
	"Authorization" => "Basic  Xh4NXidHdONjk="
}

body => {
"grant_type" => "password"
"username" => "username"
"password" => "password"
"scope" => "54ff4"
}

body_format =>"json"
target_body => "response_message"
}
}

[2019-09-26T23:27:32,645][ERROR][logstash.filters.http ] error during HTTP request {:url=>"https://myapi/v1/token", :code=>400, :response=>"{"error":"invalid_request",
"error_description":"response_type or grant_type is required"}"}
{
"message" => "h\r",
"@timestamp" => 2019-09-26T22:27:29.583Z,
"@version" => "1",
"host" => "Zxxxxx",
"tags" => [
[0] "_httprequestfailure"
]
}

OK, so please answer my question about what text the API expects to receive. What text does

curl --silent --write-out "HTTPSTATUS:%{http_code}" -H "Authorization: Basic Xh4NXidHdONjk=" -H 'Accept: application/json' -H 'Content-Type: application/x-www-form-urlencoded' 'https://myapi/v1/token' -d 'grant_type'='password' -d 'username'={username} -d 'password'={password} -d 'scope'=${scope})

generate in the request body. Once you have figured that out, put it in a string in the http filter using

body => "your body goes here"

Request would be like this

> curl -k -v -i -u <API Key for V3>:<API Secret for V3> 'https://myapi/v3/token' -d 'grant_type=password&username=<User Id>&password=< Password>&scope=<AreaUUID>'

How can we send data in http filter that is being send in -d curl command. Lets assume below curl command example and in -d ,curl command sends "payload to send"

curl -H "Transfer-Encoding: chunked" -d "payload to send" http://example
.com

You can use

body => "payload to send" body_format => "text"

It is working find with ruby filter and similar code snippet is used.
Thank you so much .

With http filter it was really tough my situation so used ruby to get the details.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.