feat: support authentication via headers

shreemaan-abhishek · shreemaan-abhishek · commit bc82019dedf2 · 2026-02-10T12:43:03.000+05:45
Signed-off-by: Abhishek Choudhary &lt;shreemaan.abhishek@gmail.com&gt;
diff --git a/apisix/plugins/elasticsearch-logger.lua b/apisix/plugins/elasticsearch-logger.lua
@@ -62,8 +62,20 @@ local schema = {
                     type = "string",
                     minLength = 1
                 },
+                header_name = {
+                    type = "string",
+                    minLength = 1
+                },
+                header_value = {
+                    type = "string",
+                    minLength = 1
+                }
             },
-            required = {"username", "password"},
+            oneOf = {
+                {required = {"username", "password"}},
+                {required = {"header_name", "header_value"}},
+                {maxProperties = 0},
+            }
         },
         timeout = {
             type = "integer",
@@ -135,18 +147,38 @@ function _M.check_schema(conf, schema_type)
 end
 
 
+local function fill_auth_info(conf)
+    local headers = {}
+    if conf.auth.username ~= nil and conf.auth.password ~= nil then
+        local authorization = "Basic " .. ngx.encode_base64(
+            conf.auth.username .. ":" .. conf.auth.password
+        )
+        headers["Authorization"] = authorization
+        return headers
+    end
+    if conf.auth.header_name ~= nil and conf.auth.header_value ~= nil then
+        headers[conf.auth.header_name] = conf.auth.header_value
+        return headers
+    end
+    return nil
+end
+
+
 local function get_es_major_version(uri, conf)
     local httpc = http.new()
     if not httpc then
         return nil, "failed to create http client"
     end
+
     local headers = {}
     if conf.auth then
-        local authorization = "Basic " .. ngx.encode_base64(
-            conf.auth.username .. ":" .. conf.auth.password
-        )
-        headers["Authorization"] = authorization
+        local auth_headers = fill_auth_info(conf)
+        if not auth_headers then
+            return nil, "failed to fill auth info"
+        end
+        headers = auth_headers
     end
+
     httpc:set_timeout(conf.timeout * 1000)
     local res, err = httpc:request_uri(uri, {
         ssl_verify = conf.ssl_verify,
@@ -230,10 +262,12 @@ local function send_to_elasticsearch(conf, entries)
         ["Accept"] = "application/vnd.elasticsearch+json"
     }
     if conf.auth then
-        local authorization = "Basic " .. ngx.encode_base64(
-            conf.auth.username .. ":" .. conf.auth.password
-        )
-        headers["Authorization"] = authorization
+        local auth_headers = fill_auth_info(conf)
+        if auth_headers then
+            for k, v in pairs(auth_headers) do
+                headers[k] = v
+            end
+        end
     end
 
     core.log.info("uri: ", uri, ", body: ", body)
diff --git a/t/plugin/elasticsearch-logger2.t b/t/plugin/elasticsearch-logger2.t
@@ -119,3 +119,54 @@ location /t {
 --- error_log
 max pending entries limit exceeded. discarding entry
 --- timeout: 5
+
+
+
+=== TEST 2: set route with header auth
+--- config
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+            local code, body = t('/apisix/admin/routes/1', ngx.HTTP_PUT, {
+                uri = "/hello",
+                upstream = {
+                    type = "roundrobin",
+                    nodes = {
+                        ["127.0.0.1:1980"] = 1
+                    }
+                },
+                plugins = {
+                    ["elasticsearch-logger"] = {
+                        endpoint_addr = "http://127.0.0.1:9201",
+                        field = {
+                            index = "services"
+                        },
+                        auth = {
+                            header_name = "Authorization",
+                            header_value = "ZWxhc3RpYzoxMjM0NTY="
+                        },
+                        batch_max_size = 1,
+                        inactive_timeout = 1
+                    }
+                }
+            })
+
+            if code >= 300 then
+                ngx.status = code
+            end
+            ngx.say(body)
+        }
+    }
+--- response_body
+passed
+
+
+
+=== TEST 3: test route (auth success)
+--- request
+GET /hello
+--- wait: 2
+--- response_body
+hello world
+--- error_log
+Batch Processor[elasticsearch-logger] successfully processed the entries
