diff --git a/docs/index.md b/docs/index.md index 801f933c4..2830a2a4e 100644 --- a/docs/index.md +++ b/docs/index.md @@ -62,7 +62,7 @@ provider "netbox" { ### Required -- `api_token` (String) Netbox API authentication token. Can be set via the `NETBOX_API_TOKEN` environment variable. +- `api_token` (String) Netbox API authentication token. Supports both v1 tokens (`Authorization: Token `) and v2 tokens (`Authorization: Bearer nbt_.`). V2 tokens are auto-detected by their `nbt_` prefix. Can be set via the `NETBOX_API_TOKEN` environment variable. - `server_url` (String) Location of Netbox server including scheme (http or https) and optional port. Can be set via the `NETBOX_SERVER_URL` environment variable. ### Optional diff --git a/netbox/client.go b/netbox/client.go index 5a8d38829..64c02442d 100644 --- a/netbox/client.go +++ b/netbox/client.go @@ -3,6 +3,7 @@ package netbox import ( "fmt" "net/http" + "strings" "time" netboxclient "github.com/fbreckle/go-netbox/netbox/client" @@ -81,7 +82,11 @@ func (cfg *Config) Client() (*netboxclient.NetBoxAPI, error) { } transport := httptransport.NewWithClient(parsedURL.Host, parsedURL.Path+netboxclient.DefaultBasePath, desiredRuntimeClientSchemes, httpClient) - transport.DefaultAuthentication = httptransport.APIKeyAuth("Authorization", "header", fmt.Sprintf("Token %v", cfg.APIToken)) + authScheme := "Token" + if strings.HasPrefix(cfg.APIToken, "nbt_") { + authScheme = "Bearer" + } + transport.DefaultAuthentication = httptransport.APIKeyAuth("Authorization", "header", fmt.Sprintf("%s %v", authScheme, cfg.APIToken)) transport.SetLogger(log.StandardLogger()) netboxClient := netboxclient.New(transport, nil) diff --git a/netbox/client_test.go b/netbox/client_test.go index 1d0466e3a..47c9756f7 100644 --- a/netbox/client_test.go +++ b/netbox/client_test.go @@ -87,6 +87,45 @@ func TestAdditionalHeadersSet(t *testing.T) { client.Status.StatusList(req, nil) } +func TestV1TokenUsesTokenScheme(t *testing.T) { + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + auth := r.Header.Get("Authorization") + assert.Equal(t, "Token 07b12b765127747e4afd56cb531b7bf9c61f3c30", auth) + })) + defer ts.Close() + + config := Config{ + APIToken: "07b12b765127747e4afd56cb531b7bf9c61f3c30", + ServerURL: ts.URL, + } + + client, err := config.Client() + assert.NoError(t, err) + + req := status.NewStatusListParams() + client.Status.StatusList(req, nil) +} + +func TestV2TokenUsesBearerScheme(t *testing.T) { + v2Token := "nbt_abc1234567890abcdef.checksum1234" + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + auth := r.Header.Get("Authorization") + assert.Equal(t, "Bearer "+v2Token, auth) + })) + defer ts.Close() + + config := Config{ + APIToken: v2Token, + ServerURL: ts.URL, + } + + client, err := config.Client() + assert.NoError(t, err) + + req := status.NewStatusListParams() + client.Status.StatusList(req, nil) +} + /* TODO func TestInvalidHttpsCertificate(t *testing.T) {} */ diff --git a/netbox/provider.go b/netbox/provider.go index 0951229d2..1caee774d 100644 --- a/netbox/provider.go +++ b/netbox/provider.go @@ -225,7 +225,7 @@ func Provider() *schema.Provider { Type: schema.TypeString, Required: true, DefaultFunc: schema.EnvDefaultFunc("NETBOX_API_TOKEN", nil), - Description: "Netbox API authentication token. Can be set via the `NETBOX_API_TOKEN` environment variable.", + Description: "Netbox API authentication token. Supports both v1 tokens (`Authorization: Token `) and v2 tokens (`Authorization: Bearer nbt_.`). V2 tokens are auto-detected by their `nbt_` prefix. Can be set via the `NETBOX_API_TOKEN` environment variable.", }, "allow_insecure_https": { Type: schema.TypeBool,