Make index.attach() work with cookie headers

index.attach() uses the receivers/stream endpoint.

Author: Shakeel Mohamed

splunklib/binding.py

@@ -224,7 +224,9 @@ def f():
     """
     @wraps(request_fun)
     def wrapper(self, *args, **kwargs):
-        if self.token is _NoAuthenticationToken:
+        # TODO: verify this logic is correct with tests
+        if self.token is _NoAuthenticationToken and \
+                        self.cookie is _NoAuthenticationToken:
             # Not yet logged in.
             if self.autologin and self.username and self.password:
                 # This will throw an uncaught

splunklib/client.py

@@ -67,7 +67,7 @@
 import socket
 import contextlib
 
-from binding import Context, HTTPError, AuthenticationError, namespace, UrlEncoded, _encode
+from binding import Context, HTTPError, AuthenticationError, namespace, UrlEncoded, _encode, _NoAuthenticationToken
 from data import record
 import data
 
@@ -1900,9 +1900,6 @@ def attach(self, host=None, source=None, sourcetype=None):
         if sourcetype is not None: args['sourcetype'] = sourcetype
         path = UrlEncoded(PATH_RECEIVERS_STREAM + "?" + urllib.urlencode(args), skip_encode=True)
 
-        # FIXME: BUG, can't seem to use receivers/stream by writing Cookie: xyz
-        # but it works fine with with the Authorization: xyz header
-
         # Since we need to stream to the index connection, we have to keep
         # the connection open and use the Splunk extension headers to note
         # the input mode
@@ -1913,6 +1910,10 @@ def attach(self, host=None, source=None, sourcetype=None):
                    "Authorization: %s\r\n" % self.service.token,
                    "X-Splunk-Input-Mode: Streaming\r\n",
                    "\r\n"]
+        # If we have a cookie, use it instead of "Authorization: ..."
+        if self.service.cookie is not _NoAuthenticationToken:
+            headers[3] = "Cookie: %s\r\n" % self.service.cookie
+        
         for h in headers:
             sock.write(h)
         return sock