Merge pull request #77 from kaleido-io/auth-token-support

Auth token support

README.md

@@ -65,6 +65,13 @@ Currently the types of test that can be run against a remote node are limited to
 it most suitable for test types `token_mint`, `custom_ethereum_contract` and `custom_fabric_contract` since these don't need
 responses to be received from other members of the FireFly network.
 
+To provide authentication when authenticating against a node endpoint, you can provide either of the following credentials in the `instances.yaml` under each `node` entry:
+
+- bearer token - set the access token as the `authToken` value
+- basic auth - set the username and password as the `authUsername` and `authPassword` values
+
+> `authToken` takes precedence over `authUsername` and `authPassword` values
+
 As a result, running the CLI consists of providing an `instances.yaml` file describe the test configuration
 and an instance index or name indicating which instance the process should run:
 

cmd/run.go

@@ -170,10 +170,12 @@ func generateRunnerConfigFromInstance(instance *conf.InstanceConfig, perfConfig
 		if perfConfig.Nodes[instance.ManualNodeIndex].AuthUsername != "" {
 			runnerConfig.WebSocket.AuthUsername = perfConfig.Nodes[instance.ManualNodeIndex].AuthUsername
 		}
-
 		if perfConfig.Nodes[instance.ManualNodeIndex].AuthPassword != "" {
 			runnerConfig.WebSocket.AuthPassword = perfConfig.Nodes[instance.ManualNodeIndex].AuthPassword
 		}
+		if perfConfig.Nodes[instance.ManualNodeIndex].AuthToken != "" {
+			runnerConfig.WebSocket.AuthToken = perfConfig.Nodes[instance.ManualNodeIndex].AuthToken
+		}
 	} else {
 		// Read endpoint information from the stack JSON
 		log.Infof("Running test against stack \"%s\"\n", perfConfig.StackJSONPath)

internal/conf/conf.go

@@ -18,6 +18,7 @@ package conf
 
 import (
 	"crypto/tls"
+	"fmt"
 	"net/url"
 	"time"
 
@@ -97,6 +98,7 @@ type NodeConfig struct {
 	APIEndpoint  string `json:"apiEndpoint,omitempty" yaml:"apiEndpoint,omitempty"`
 	AuthUsername string `json:"authUsername,omitempty" yaml:"authUsername,omitempty"`
 	AuthPassword string `json:"authPassword,omitempty" yaml:"authPassword,omitempty"`
+	AuthToken    string `json:"authToken,omitempty" yaml:"authToken,omitempty"`
 }
 
 type MessageOptions struct {
@@ -135,14 +137,15 @@ type FireFlyWsConfig struct {
 	HeartbeatInterval      time.Duration `mapstructure:"heartbeatInterval" json:"heartbeatInterval" yaml:"heartbeatInterval"`
 	AuthUsername           string        `mapstructure:"authUsername" json:"authUsername" yaml:"authUsername"`
 	AuthPassword           string        `mapstructure:"authPassword" json:"authPassword" yaml:"authPassword"`
+	AuthToken              string        `mapstructure:"authToken" json:"authToken" yaml:"authToken"`
 	DisableTLSVerification bool          `mapstructure:"disableTLSVerification" json:"disableTLSVerification" yaml:"disableTLSVerification"`
 	ConnectionTimeout      time.Duration `mapstructure:"connectionTimeout" json:"connectionTimeout" yaml:"connectionTimeout"`
 }
 
 func GenerateWSConfig(nodeURL string, conf *FireFlyWsConfig) *wsclient.WSConfig {
 	t, _ := url.QueryUnescape(conf.WSPath)
 
-	return &wsclient.WSConfig{
+	wsConfig := wsclient.WSConfig{
 		HTTPURL:                nodeURL,
 		WSKeyPath:              t,
 		ReadBufferSize:         conf.ReadBufferSize,
@@ -151,13 +154,22 @@ func GenerateWSConfig(nodeURL string, conf *FireFlyWsConfig) *wsclient.WSConfig
 		MaximumDelay:           conf.MaximumDelay,
 		InitialConnectAttempts: conf.InitialConnectAttempts,
 		HeartbeatInterval:      conf.HeartbeatInterval,
-		AuthUsername:           conf.AuthUsername,
-		AuthPassword:           conf.AuthPassword,
 		ConnectionTimeout:      conf.ConnectionTimeout,
 		TLSClientConfig: &tls.Config{
 			InsecureSkipVerify: conf.DisableTLSVerification,
 		},
 	}
+
+	if conf.AuthToken != "" {
+		wsConfig.HTTPHeaders = fftypes.JSONObject{
+			"Authorization": fmt.Sprintf("Bearer %s", conf.AuthToken),
+		}
+	} else {
+		wsConfig.AuthUsername = conf.AuthUsername
+		wsConfig.AuthPassword = conf.AuthPassword
+	}
+
+	return &wsConfig
 }
 
 var (

internal/perf/perf.go

@@ -271,7 +271,11 @@ func New(config *conf.RunnerConfig, reportBuilder *util.Report) PerfRunner {
 
 func (pr *perfRunner) Init() (err error) {
 	pr.client = getFFClient(pr.sender)
-	pr.client.SetBasicAuth(pr.cfg.WebSocket.AuthUsername, pr.cfg.WebSocket.AuthPassword)
+	if pr.cfg.WebSocket.AuthToken != "" {
+		pr.client.Header.Set("Authorization", fmt.Sprintf("Bearer %s", pr.cfg.WebSocket.AuthToken))
+	} else {
+		pr.client.SetBasicAuth(pr.cfg.WebSocket.AuthUsername, pr.cfg.WebSocket.AuthPassword)
+	}
 	// Set request retry with backoff
 	pr.client.
 		SetRetryCount(10).