resonatehq · dfarr · Jul 15, 2024 · Jun 18, 2024 · Jun 18, 2024 · Jun 18, 2024
diff --git a/cmd/root.go b/cmd/root.go
@@ -49,6 +49,7 @@ func init() {
 	rootCmd.SetErr(os.Stderr)
 }
 
+
 func initConfig() {
 	if cfgFile != "" {
 		viper.SetConfigFile(cfgFile)

diff --git a/cmd/serve/serve.go b/cmd/serve/serve.go
@@ -56,6 +56,7 @@ func ServeCmd() *cobra.Command {
 			api := api.New(config.API.Size, metrics)
 			aio := aio.New(config.AIO.Size, metrics)
 
+
 			// instantiate api subsystems
 			http := http.New(api, config.API.Subsystems.Http)
 			grpc := grpc.New(api, config.API.Subsystems.Grpc)
@@ -190,16 +191,14 @@ func ServeCmd() *cobra.Command {
 	cmd.Flags().Duration("api-http-timeout", 10*time.Second, "http server graceful shutdown timeout")
 	cmd.Flags().String("api-grpc-addr", "0.0.0.0:50051", "grpc server address")
 	cmd.Flags().String("api-base-url", "http://localhost:8001", "base url to automatically generate absolute URLs for the server's resources")
-	cmd.Flags().String("api-http-auth-username", "", "username for basic auth")
-	cmd.Flags().String("api-http-auth-password", "", "password for basic auth")
+	cmd.Flags().StringToString("api-http-auth", map[string]string{}, "basic auth username/password pairs")
 
+	_ = viper.BindPFlag("api.subsystems.http.auth", cmd.Flags().Lookup("api-http-auth"))
 	_ = viper.BindPFlag("api.size", cmd.Flags().Lookup("api-size"))
 	_ = viper.BindPFlag("api.subsystems.http.addr", cmd.Flags().Lookup("api-http-addr"))
 	_ = viper.BindPFlag("api.subsystems.http.timeout", cmd.Flags().Lookup("api-http-timeout"))
 	_ = viper.BindPFlag("api.subsystems.grpc.addr", cmd.Flags().Lookup("api-grpc-addr"))
 	_ = viper.BindPFlag("api.baseUrl", cmd.Flags().Lookup("api-base-url"))
-	_ = viper.BindPFlag("api.subsystems.http.auth.username", cmd.Flags().Lookup("api-http-auth-username"))
-	_ = viper.BindPFlag("api.subsystems.http.auth.password", cmd.Flags().Lookup("api-http-auth-password"))
 
 	// aio
 	// Store

diff --git a/go.mod b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/spf13/viper v1.18.2
 	github.com/stretchr/testify v1.9.0
 	google.golang.org/grpc v1.64.0
-	google.golang.org/protobuf v1.34.1
+	google.golang.org/protobuf v1.34.2
 )
 
 require (

diff --git a/go.sum b/go.sum
@@ -183,8 +183,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 h1:
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY=
 google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY=
 google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg=
-google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
-google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=

diff --git a/internal/app/subsystems/api/http/http.go b/internal/app/subsystems/api/http/http.go
@@ -7,23 +7,16 @@ import (
 
 	"github.com/go-playground/validator/v10"
 	"github.com/resonatehq/resonate/internal/app/subsystems/api/service"
-	"github.com/resonatehq/resonate/internal/util"
-
 	"log/slog"
 
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"
 	"github.com/resonatehq/resonate/internal/api"
 )
 
-type Auth struct {
-	Username string
-	Password string
-}
-
 type Config struct {
 	Addr    string
-	Auth    *Auth
+	Auth    map[string]string
 	Timeout time.Duration
 }
 
@@ -32,6 +25,7 @@ type Http struct {
 	server *http.Server
 }
 
+
 func New(api api.API, config *Config) api.Subsystem {
 	gin.SetMode(gin.ReleaseMode)
 
@@ -48,15 +42,8 @@ func New(api api.API, config *Config) api.Subsystem {
 
 	// Authentication
 	authorized := r.Group("/")
-	if config.Auth.Username != "" || config.Auth.Password != "" {
-		util.Assert(config.Auth.Username != "", "http basic auth username is required")
-		util.Assert(config.Auth.Password != "", "http basic auth password is required")
-
-		accounts := gin.Accounts{
-			config.Auth.Username: config.Auth.Password,
-		}
-		basicAuthMiddleware := gin.BasicAuth(accounts)
-		authorized.Use(basicAuthMiddleware)
+	if len(config.Auth) > 0 {
+		authorized.Use(gin.BasicAuth(config.Auth))
 	}
 
 	// Promises API

diff --git a/internal/app/subsystems/api/http/http_test.go b/internal/app/subsystems/api/http/http_test.go
@@ -26,7 +26,7 @@ type httpTest struct {
 	client    *http.Client
 }
 
-func setup(auth *Auth) *httpTest {
+func setup(auth map[string]string) *httpTest {
 	api := &test.API{}
 	errors := make(chan error)
 	subsystem := New(api, &Config{
@@ -56,25 +56,21 @@ func (t *httpTest) teardown() error {
 func TestHttpServer(t *testing.T) {
 	for _, ts := range []struct {
 		name          string
-		auth          *Auth
+		auth          map[string]string
 		reqUsername   string
 		reqPassword   string
 		statusOveride int
 	}{
-		{
-			name: "NoAuth",
-			auth: &Auth{},
-		},
 		{
 			name:        "BasicAuthCorrectCredentials",
-			auth:        &Auth{Username: "username", Password: "password"},
-			reqUsername: "username",
-			reqPassword: "password",
+			auth:        map[string]string{"user1": "pass1"},
+			reqUsername: "user1",
+			reqPassword: "pass1",
 		},
 		{
 			name:          "BasicAuthIncorrectCredentials",
-			auth:          &Auth{Username: "username", Password: "password"},
-			reqUsername:   "username",
+			auth:          map[string]string{"user1": "pass1"},
+			reqUsername:   "user1",
 			reqPassword:   "notthepassword",
 			statusOveride: 401,
 		},