Add authentication to the ntfy hook #644
|
@ -1029,6 +1029,16 @@ properties:
|
|||
description: |
|
||||
The address of your self-hosted ntfy.sh instance.
|
||||
example: https://ntfy.your-domain.com
|
||||
username:
|
||||
type: string
|
||||
description: |
|
||||
The username used for authentication.
|
||||
example: testuser
|
||||
password:
|
||||
type: string
|
||||
description: |
|
||||
The password used for authentication.
|
||||
example: fakepassword
|
||||
start:
|
||||
type: object
|
||||
properties:
|
||||
|
|
|
@ -56,10 +56,26 @@ def ping_monitor(hook_config, config_filename, state, monitoring_log_level, dry_
|
|||
'X-Tags': state_config.get('tags'),
|
||||
}
|
||||
|
||||
username = hook_config.get('username')
|
||||
password = hook_config.get('password')
|
||||
|
||||
auth = None
|
||||
if (username and password) is not None:
|
||||
auth = requests.auth.HTTPBasicAuth(username, password)
|
||||
Tom-Hubrecht marked this conversation as resolved
|
||||
logger.info(f'{config_filename}: Using basic auth with user {username} for Ntfy')
|
||||
elif username is not None:
|
||||
logger.warn(
|
||||
f'{config_filename}: Password missing for Ntfy authentication, defaulting to no auth'
|
||||
)
|
||||
elif password is not None:
|
||||
witten marked this conversation as resolved
witten
commented
I like that you've split this out with warnings. But this logic might be a little more intuitive if it was something like:
I like that you've split this out with warnings. But this logic might be a little more intuitive if it was something like:
```python
if username is None:
... # warn about missing username
elif password is None:
... # warn about missing password
else:
... # do basic auth
```
witten
commented
Although I will say that the way you did it has the distinct benefit of skipping the warning if both username and password are missing! Although I will say that the way you did it has the distinct benefit of skipping the warning if *both* username and password are missing!
|
||||
logger.warn(
|
||||
f'{config_filename}: Username missing for Ntfy authentication, defaulting to no auth'
|
||||
)
|
||||
|
||||
if not dry_run:
|
||||
logging.getLogger('urllib3').setLevel(logging.ERROR)
|
||||
try:
|
||||
response = requests.post(f'{base_url}/{topic}', headers=headers)
|
||||
response = requests.post(f'{base_url}/{topic}', headers=headers, auth=auth)
|
||||
if not response.ok:
|
||||
response.raise_for_status()
|
||||
except requests.exceptions.RequestException as error:
|
||||
|
|
|
@ -38,6 +38,7 @@ def test_ping_monitor_minimal_config_hits_hosted_ntfy_on_fail():
|
|||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=None,
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
|
||||
module.ping_monitor(
|
||||
|
@ -45,6 +46,51 @@ def test_ping_monitor_minimal_config_hits_hosted_ntfy_on_fail():
|
|||
)
|
||||
|
||||
|
||||
def test_ping_monitor_with_auth_hits_hosted_ntfy_on_fail():
|
||||
hook_config = {
|
||||
'topic': topic,
|
||||
'username': 'testuser',
|
||||
'password': 'fakepassword',
|
||||
}
|
||||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=module.requests.auth.HTTPBasicAuth('testuser', 'fakepassword'),
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
|
||||
module.ping_monitor(
|
||||
hook_config, 'config.yaml', module.monitor.State.FAIL, monitoring_log_level=1, dry_run=False
|
||||
)
|
||||
|
||||
|
||||
def test_ping_monitor_auth_with_no_username_warning():
|
||||
hook_config = {'topic': topic, 'password': 'fakepassword'}
|
||||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=None,
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
flexmock(module.logger).should_receive('warning').once()
|
||||
|
||||
module.ping_monitor(
|
||||
hook_config, 'config.yaml', module.monitor.State.FAIL, monitoring_log_level=1, dry_run=False
|
||||
)
|
||||
|
||||
|
||||
def test_ping_monitor_auth_with_no_password_warning():
|
||||
hook_config = {'topic': topic, 'username': 'testuser'}
|
||||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=None,
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
flexmock(module.logger).should_receive('warning').once()
|
||||
|
||||
module.ping_monitor(
|
||||
hook_config, 'config.yaml', module.monitor.State.FAIL, monitoring_log_level=1, dry_run=False
|
||||
)
|
||||
|
||||
|
||||
def test_ping_monitor_minimal_config_does_not_hit_hosted_ntfy_on_start():
|
||||
hook_config = {'topic': topic}
|
||||
flexmock(module.requests).should_receive('post').never()
|
||||
|
@ -76,6 +122,7 @@ def test_ping_monitor_minimal_config_hits_selfhosted_ntfy_on_fail():
|
|||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{custom_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=None,
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
|
||||
module.ping_monitor(
|
||||
|
@ -95,7 +142,7 @@ def test_ping_monitor_minimal_config_does_not_hit_hosted_ntfy_on_fail_dry_run():
|
|||
def test_ping_monitor_custom_message_hits_hosted_ntfy_on_fail():
|
||||
hook_config = {'topic': topic, 'fail': custom_message_config}
|
||||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}', headers=custom_message_headers,
|
||||
f'{default_base_url}/{topic}', headers=custom_message_headers, auth=None
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
|
||||
module.ping_monitor(
|
||||
|
@ -108,6 +155,7 @@ def test_ping_monitor_custom_state_hits_hosted_ntfy_on_start():
|
|||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.START),
|
||||
auth=None,
|
||||
).and_return(flexmock(ok=True)).once()
|
||||
|
||||
module.ping_monitor(
|
||||
|
@ -124,6 +172,7 @@ def test_ping_monitor_with_connection_error_logs_warning():
|
|||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=None,
|
||||
).and_raise(module.requests.exceptions.ConnectionError)
|
||||
flexmock(module.logger).should_receive('warning').once()
|
||||
|
||||
|
@ -145,6 +194,7 @@ def test_ping_monitor_with_other_error_logs_warning():
|
|||
flexmock(module.requests).should_receive('post').with_args(
|
||||
f'{default_base_url}/{topic}',
|
||||
headers=return_default_message_headers(module.monitor.State.FAIL),
|
||||
auth=None,
|
||||
).and_return(response)
|
||||
flexmock(module.logger).should_receive('warning').once()
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user
This logic looks completely correct, but it was initially confusing for me. Not a big deal, just letting you know in case you want to clarify it.
I made it explicit