Add HTTP basic auth login.

pkg/cmd/grafana-kiosk/main.go

@@ -41,6 +41,8 @@ type Args struct {
 	WindowPosition          string
 	WindowSize              string
 	ScaleFactor             string
+	BasicAuthUsername       string
+	BasicAuthPassword       string
 }
 
 // ProcessArgs processes and handles CLI arguments.
@@ -69,6 +71,8 @@ func ProcessArgs(cfg interface{}) Args {
 	flagSettings.StringVar(&processedArgs.Audience, "audience", "", "idtoken audience")
 	flagSettings.StringVar(&processedArgs.KeyFile, "keyfile", "key.json", "idtoken json credentials")
 	flagSettings.StringVar(&processedArgs.APIKey, "apikey", "", "apikey")
+	flagSettings.StringVar(&processedArgs.BasicAuthUsername, "basic-username", "", "Specify HTTP basic auth username.")
+	flagSettings.StringVar(&processedArgs.BasicAuthPassword, "basic-password", "", "Specify HTTP basic auth password.")
 
 	fu := flagSettings.Usage
 	flagSettings.Usage = func() {
@@ -195,6 +199,10 @@ func main() {
 		cfg.IDToken.KeyFile = args.KeyFile
 
 		cfg.APIKey.APIKey = args.APIKey
+
+		//
+		cfg.BasicAuth.Username = args.BasicAuthUsername
+		cfg.BasicAuth.Password = args.BasicAuthPassword
 	}
 
 	// make sure the url has content

pkg/kiosk/anonymous_login.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"time"
 
+	"github.com/chromedp/cdproto/network"
 	"github.com/chromedp/chromedp"
 )
 
@@ -45,7 +46,15 @@ func GrafanaKioskAnonymous(cfg *Config, messages chan string) {
 	/*
 		Launch chrome and look for main-view element
 	*/
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
 	if err := chromedp.Run(taskCtx,
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
 		chromedp.Navigate(generatedURL),
 		chromedp.WaitVisible(`//div[@class="main-view"]`, chromedp.BySearch),
 	); err != nil {
@@ -55,6 +64,10 @@ func GrafanaKioskAnonymous(cfg *Config, messages chan string) {
 	for {
 		messageFromChrome := <-messages
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)

pkg/kiosk/apikey_login.go

@@ -46,9 +46,13 @@ func GrafanaKioskAPIKey(cfg *Config, messages chan string) {
 	/*
 		Launch chrome and look for main-view element
 	*/
+	if len(cfg.BasicAuth.Username) != 0 {
+		log.Fatal("Grafana Kiosk API login cannot be combined with http basic auth login.")
+	}
 	headers := map[string]interface{}{
 		"Authorization": "Bearer " + cfg.APIKey.APIKey,
 	}
+
 	if err := chromedp.Run(taskCtx,
 		network.Enable(),
 		network.SetExtraHTTPHeaders(network.Headers(headers)),

pkg/kiosk/aws_login.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"time"
 
+	"github.com/chromedp/cdproto/network"
 	"github.com/chromedp/chromedp"
 	"github.com/chromedp/chromedp/kb"
 )
@@ -46,7 +47,16 @@ func GrafanaKioskAWSLogin(cfg *Config, messages chan string) {
 	// Give browser time to load next page (this can be prone to failure, explore different options vs sleeping)
 	time.Sleep(2000 * time.Millisecond)
 
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
+
 	if err := chromedp.Run(taskCtx,
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
 		chromedp.Navigate(generatedURL),
 		chromedp.WaitVisible(`//a[contains(@href,'login/sso')]`, chromedp.BySearch),
 		chromedp.Click(`//a[contains(@href,'login/sso')]`, chromedp.BySearch),
@@ -70,6 +80,10 @@ func GrafanaKioskAWSLogin(cfg *Config, messages chan string) {
 	for {
 		messageFromChrome := <-messages
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)

pkg/kiosk/config.go

@@ -49,12 +49,18 @@ type APIKey struct {
 	APIKey string `yaml:"apikey" env:"KIOSK_APIKEY_APIKEY" env-description:"APIKEY"`
 }
 
+type HTTPBasicAuth struct {
+	Username string `yaml:"basicauth-username" env:"KIOSK_BASICAUTH_USERNAME" env-description:"HTTP basic auth username"`
+	Password string `yaml:"basicauth-password" env:"KIOSK_BASICAUTH_PASSWORD" env-description:"HTTP basic auth password"`
+}
+
 // Config configuration for backend.
 type Config struct {
-	BuildInfo BuildInfo `yaml:"buildinfo"`
-	General   General   `yaml:"general"`
-	Target    Target    `yaml:"target"`
-	GoAuth    GoAuth    `yaml:"goauth"`
-	IDToken   IDToken   `yaml:"idtoken"`
-	APIKey    APIKey    `yaml:"apikey"`
+	BuildInfo BuildInfo     `yaml:"buildinfo"`
+	General   General       `yaml:"general"`
+	Target    Target        `yaml:"target"`
+	GoAuth    GoAuth        `yaml:"goauth"`
+	IDToken   IDToken       `yaml:"idtoken"`
+	APIKey    APIKey        `yaml:"apikey"`
+	BasicAuth HTTPBasicAuth `yaml:"BasicAuth"`
 }

pkg/kiosk/grafana_com_login.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"time"
 
+	"github.com/chromedp/cdproto/network"
 	"github.com/chromedp/chromedp"
 	"github.com/chromedp/chromedp/kb"
 )
@@ -50,8 +51,17 @@ func GrafanaKioskGCOM(cfg *Config, messages chan string) {
 
 	// chromedp.WaitVisible(`//*[@href="login/grafana_com"]/i`, chromedp.BySearch),
 
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
+
 	// Click the grafana_com login button
 	if err := chromedp.Run(taskCtx,
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
 		chromedp.Navigate(generatedURL),
 		chromedp.ActionFunc(func(context.Context) error {
 			log.Println("waiting for login dialog")
@@ -74,6 +84,10 @@ func GrafanaKioskGCOM(cfg *Config, messages chan string) {
 	time.Sleep(3000 * time.Millisecond)
 	// Fill out grafana_com login page
 	if err := chromedp.Run(taskCtx,
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
 		chromedp.WaitVisible(`//input[@name="login"]`, chromedp.BySearch),
 		chromedp.SendKeys(`//input[@name="login"]`, cfg.Target.Username, chromedp.BySearch),
 		chromedp.Click(`#submit`, chromedp.ByID),
@@ -85,6 +99,10 @@ func GrafanaKioskGCOM(cfg *Config, messages chan string) {
 	for {
 		messageFromChrome := <-messages
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)

pkg/kiosk/grafana_genericoauth_login.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"time"
 
+	"github.com/chromedp/cdproto/network"
 	"github.com/chromedp/chromedp"
 	"github.com/chromedp/chromedp/kb"
 )
@@ -47,15 +48,26 @@ func GrafanaKioskGenericOauth(cfg *Config, messages chan string) {
 
 	// Click the OAUTH login button
 	log.Println("Oauth_Auto_Login enabled: ", cfg.GoAuth.AutoLogin)
-
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
 	if cfg.GoAuth.AutoLogin {
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)
 		}
 	} else {
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 			chromedp.WaitVisible(`//*[@href="login/generic_oauth"]`, chromedp.BySearch),
 			chromedp.Click(`//*[@href="login/generic_oauth"]`, chromedp.BySearch),
@@ -70,6 +82,10 @@ func GrafanaKioskGenericOauth(cfg *Config, messages chan string) {
 
 	// Fill out OAUTH login page
 	if err := chromedp.Run(taskCtx,
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
 		chromedp.WaitVisible(`//input[@name="`+cfg.GoAuth.UsernameField+`"]`, chromedp.BySearch),
 		chromedp.SendKeys(`//input[@name="`+cfg.GoAuth.UsernameField+`"]`, cfg.Target.Username, chromedp.BySearch),
 		chromedp.SendKeys(`//input[@name="`+cfg.GoAuth.PasswordField+`"]`, cfg.Target.Password+kb.Enter, chromedp.BySearch),
@@ -80,6 +96,10 @@ func GrafanaKioskGenericOauth(cfg *Config, messages chan string) {
 	for {
 		messageFromChrome := <-messages
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)

pkg/kiosk/grafana_idtoken_login.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/chromedp/cdproto/cdp"
 	"github.com/chromedp/cdproto/fetch"
+	"github.com/chromedp/cdproto/network"
 
 	"github.com/chromedp/chromedp"
 
@@ -56,6 +57,11 @@ func GrafanaKioskIDToken(cfg *Config, messages chan string) {
 		panic(err)
 	}
 
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
+
 	chromedp.ListenTarget(taskCtx, func(ev interface{}) {
 		//nolint:gocritic // future events can be handled here
 		switch ev := ev.(type) {
@@ -78,14 +84,23 @@ func GrafanaKioskIDToken(cfg *Config, messages chan string) {
 		}
 	})
 
-	if err := chromedp.Run(taskCtx, enableFetch(generatedURL)); err != nil {
+	if err := chromedp.Run(taskCtx,
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		network.Enable(),
+		network.SetExtraHTTPHeaders(network.Headers(headers)),
+		enableFetch(generatedURL)); err != nil {
 		panic(err)
 	}
 
 	// blocking wait
 	for {
 		messageFromChrome := <-messages
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)

pkg/kiosk/listen_chrome_events.go

@@ -5,6 +5,7 @@ import (
 	"log"
 
 	"github.com/chromedp/cdproto/inspector"
+	"github.com/chromedp/cdproto/network"
 	"github.com/chromedp/cdproto/runtime"
 	"github.com/chromedp/chromedp"
 )
@@ -17,6 +18,11 @@ const (
 )
 
 func listenChromeEvents(taskCtx context.Context, cfg *Config, events chromeEvents) {
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
+
 	chromedp.ListenTarget(taskCtx, func(ev interface{}) {
 		switch ev := ev.(type) {
 		case *runtime.EventConsoleAPICalled:
@@ -30,7 +36,12 @@ func listenChromeEvents(taskCtx context.Context, cfg *Config, events chromeEvent
 			if events&targetCrashed != 0 {
 				log.Printf("target crashed, reload...")
 				go func() {
-					_ = chromedp.Run(taskCtx, chromedp.Reload())
+					_ = chromedp.Run(taskCtx,
+						network.Enable(),
+						network.SetExtraHTTPHeaders(network.Headers(headers)),
+						network.Enable(),
+						network.SetExtraHTTPHeaders(network.Headers(headers)),
+						chromedp.Reload())
 				}()
 			}
 		default:

pkg/kiosk/local_login.go

@@ -7,6 +7,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/chromedp/cdproto/network"
 	"github.com/chromedp/chromedp"
 	"github.com/chromedp/chromedp/kb"
 )
@@ -50,6 +51,11 @@ func GrafanaKioskLocal(cfg *Config, messages chan string) {
 	log.Printf("Sleeping %d MS before navigating to url", cfg.General.PageLoadDelayMS)
 	time.Sleep(time.Duration(cfg.General.PageLoadDelayMS) * time.Millisecond)
 
+	headers := make(map[string]interface{})
+	if len(cfg.BasicAuth.Username) != 0 && len(cfg.BasicAuth.Password) != 0 {
+		headers["Authorization"] = GenerateHTTPBasicAuthHeader(cfg.BasicAuth.Username, cfg.BasicAuth.Password)
+	}
+
 	if cfg.GoAuth.AutoLogin {
 		// if AutoLogin is set, get the base URL and append the local login bypass before navigating to the full url
 		startIndex := strings.Index(cfg.Target.URL, "://") + 3
@@ -60,6 +66,10 @@ func GrafanaKioskLocal(cfg *Config, messages chan string) {
 		log.Println("Bypassing Azure AD autoLogin at ", bypassURL)
 
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(bypassURL),
 			chromedp.WaitVisible(`//input[@name="user"]`, chromedp.BySearch),
 			chromedp.SendKeys(`//input[@name="user"]`, cfg.Target.Username, chromedp.BySearch),
@@ -71,6 +81,10 @@ func GrafanaKioskLocal(cfg *Config, messages chan string) {
 		}
 	} else {
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 			chromedp.WaitVisible(`//input[@name="user"]`, chromedp.BySearch),
 			chromedp.SendKeys(`//input[@name="user"]`, cfg.Target.Username, chromedp.BySearch),
@@ -84,6 +98,10 @@ func GrafanaKioskLocal(cfg *Config, messages chan string) {
 	for {
 		messageFromChrome := <-messages
 		if err := chromedp.Run(taskCtx,
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
+			network.Enable(),
+			network.SetExtraHTTPHeaders(network.Headers(headers)),
 			chromedp.Navigate(generatedURL),
 		); err != nil {
 			panic(err)

pkg/kiosk/utils.go

@@ -1,6 +1,7 @@
 package kiosk
 
 import (
+	"encoding/base64"
 	"fmt"
 	"log"
 	"net/url"
@@ -105,3 +106,9 @@ func generateExecutorOptions(dir string, cfg *Config) []chromedp.ExecAllocatorOp
 
 	return execAllocatorOption
 }
+
+func GenerateHTTPBasicAuthHeader(username string, password string) string {
+	auth := username + ":" + password
+	encodedAuth := base64.StdEncoding.EncodeToString([]byte(auth))
+	return "Basic " + encodedAuth
+}