add support for api-key auth

2025-01-10 15:19:30 -06:00 · 2025-01-10 15:19:30 -06:00 · cba1111f29
parent 0c639d6877
commit cba1111f29
5 changed files with 35 additions and 12 deletions
--- a/go.mod
+++ b/go.mod
@ -13,7 +13,7 @@ require (
 	github.com/prometheus/common v0.61.0
 	github.com/spf13/pflag v1.0.6-0.20201009195203-85dd5c8bc61c
 	github.com/stretchr/testify v1.10.0
-	github.com/unpoller/unifi/v5 v5.0.7
+	github.com/unpoller/unifi/v5 v5.1.0
 	golang.org/x/crypto v0.31.0
 	golang.org/x/net v0.33.0
 	golang.org/x/term v0.28.0
--- a/go.sum
+++ b/go.sum
@ -75,8 +75,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
-github.com/unpoller/unifi/v5 v5.0.7 h1:Dj5HY2Nhdic4Ygvh2YYW6QKIZjXCSo9IBzVDKaj86Zg=
-github.com/unpoller/unifi/v5 v5.0.7/go.mod h1:G45KRuSH9PFrIUFmDTzWEEM/E/e7GuyXp36AVOfhm7I=
+github.com/unpoller/unifi/v5 v5.1.0 h1:ubX/dugKUXvUlxDupoyPcnevck34dTFDFm3M2n4T75o=
+github.com/unpoller/unifi/v5 v5.1.0/go.mod h1:G45KRuSH9PFrIUFmDTzWEEM/E/e7GuyXp36AVOfhm7I=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
--- a/pkg/inputunifi/input.go
+++ b/pkg/inputunifi/input.go
@ -47,6 +47,7 @@ type Controller struct {
 	CertPaths  []string     `json:"ssl_cert_paths" toml:"ssl_cert_paths" xml:"ssl_cert_path"  yaml:"ssl_cert_paths"`
 	User       string       `json:"user"           toml:"user"           xml:"user"           yaml:"user"`
 	Pass       string       `json:"pass"           toml:"pass"           xml:"pass"           yaml:"pass"`
+	APIKey     string       `json:"api_key"        toml:"api_key"        xml:"api_key"        yaml:"api_key"`
 	URL        string       `json:"url"            toml:"url"            xml:"url"            yaml:"url"`
 	Sites      []string     `json:"sites"          toml:"sites"          xml:"site"           yaml:"sites"`
 	Unifi      *unifi.Unifi `json:"-"              toml:"-"              xml:"-"              yaml:"-"`
@ -124,6 +125,7 @@ func (u *InputUnifi) getUnifi(c *Controller) error {
 	c.Unifi, err = unifi.NewUnifi(&unifi.Config{
 		User:      c.User,
 		Pass:      c.Pass,
+		APIKey:    c.APIKey,
 		URL:       c.URL,
 		SSLCert:   certs,
 		VerifySSL: *c.VerifySSL,
@ -255,6 +257,11 @@ func (u *InputUnifi) setDefaults(c *Controller) { //nolint:cyclop
 		c.Pass = u.getPassFromFile(strings.TrimPrefix(c.Pass, "file://"))
 	}

+	if strings.HasPrefix(c.APIKey, "file://") {
+		c.APIKey = u.getPassFromFile(strings.TrimPrefix(c.APIKey, "file://"))
+	}
+
+	if c.APIKey == "" {
 		if c.Pass == "" {
 			c.Pass = defaultPass
 		}
@ -262,6 +269,11 @@ func (u *InputUnifi) setDefaults(c *Controller) { //nolint:cyclop
 		if c.User == "" {
 			c.User = defaultUser
 		}
+	} else {
+		// clear out user/pass combo, only use API-key
+		c.User = ""
+		c.Pass = ""
+	}

 	if len(c.Sites) == 0 {
 		c.Sites = []string{defaultSite}
@ -324,12 +336,22 @@ func (u *InputUnifi) setControllerDefaults(c *Controller) *Controller { //nolint
 		c.Pass = u.getPassFromFile(strings.TrimPrefix(c.Pass, "file://"))
 	}

+	if strings.HasPrefix(c.APIKey, "file://") {
+		c.APIKey = u.getPassFromFile(strings.TrimPrefix(c.APIKey, "file://"))
+	}
+
+	if c.APIKey == "" {
 		if c.Pass == "" {
-		c.Pass = u.Default.Pass
+			c.Pass = defaultPass
 		}

 		if c.User == "" {
-		c.User = u.Default.User
+			c.User = defaultUser
+		}
+	} else {
+		// clear out user/pass combo, only use API-key
+		c.User = ""
+		c.Pass = ""
 	}

 	if len(c.Sites) == 0 {
--- a/pkg/inputunifi/interface.go
+++ b/pkg/inputunifi/interface.go
@ -124,7 +124,7 @@ func (u *InputUnifi) logController(c *Controller) {
 		u.Logf("   => Version: %s (%s)", c.Unifi.ServerVersion, c.Unifi.UUID)
 	}

-	u.Logf("   => Username: %s (has password: %v)", c.User, c.Pass != "")
+	u.Logf("   => Username: %s (has password: %v) (has api-key: %v)", c.User, c.Pass != "", c.APIKey != "")
 	u.Logf("   => Hash PII %v / Drop PII %v / Poll Sites: %s", *c.HashPII, *c.DropPII, strings.Join(c.Sites, ", "))
 	u.Logf("   => Save Sites %v / Save DPI %v (metrics)", *c.SaveSites, *c.SaveDPI)
 	u.Logf("   => Save Events %v / Save IDs %v (logs)", *c.SaveEvents, *c.SaveIDs)
--- a/pkg/inputunifi/updateweb.go
+++ b/pkg/inputunifi/updateweb.go
@ -51,6 +51,7 @@ func formatControllers(controllers []*Controller) []*Controller {
 			SaveSites:  c.SaveSites,
 			User:       c.User,
 			Pass:       strconv.FormatBool(c.Pass != ""),
+			APIKey:     strconv.FormatBool(c.APIKey != ""),
 			URL:        c.URL,
 			Sites:      c.Sites,
 			ID:         id,