Merge pull request #42 from hsshss/username_auth

Username and password authentication

acceptance-tests/acceptance.bats

@@ -21,6 +21,11 @@
   [ "$status" -eq 0 ]
 }
 
+@test "Pass when using a non-default db, and a password with username" {
+  run tests/select-db-with-username-password.sh
+  [ "$status" -eq 0 ]
+}
+
 @test "Dumping / restoring all databases" {
   run tests/multiple-dbs.sh
   [ "$status" -eq 0 ]

acceptance-tests/redis-confs/users.acl

@@ -0,0 +1,2 @@
+user default on >somepassword allkeys allchannels +@all
+user test on >testpassword allkeys allchannels +@all

acceptance-tests/redis-confs/with_password.conf

@@ -1,2 +1,2 @@
 port 6380
-requirepass somepassword
+requirepass somepassword

acceptance-tests/redis-confs/with_username_and_password.conf

@@ -0,0 +1,2 @@
+port 6380
+aclfile /usr/local/etc/redis/users.acl

acceptance-tests/tests/select-db-with-password.sh

@@ -3,15 +3,15 @@
 export DB=2
 export REDIS_PORT=6380
 export REDISDUMPGO_AUTH=somepassword
-export REDISCMD="redis-cli -h redis_secure -p $REDIS_PORT --pass $REDISDUMPGO_AUTH -n 2"
+export REDISCMD="redis-cli -h redis_with_password -p $REDIS_PORT --pass $REDISDUMPGO_AUTH -n 2"
 
 echo "-> Filling Redis with Mock Data..."
 $REDISCMD FLUSHDB
 /generator -output resp -type strings -n 100 | $REDISCMD --pipe
 DBSIZE=`$REDISCMD dbsize`
 
 echo "-> Dumping DB..."
-time /redis-dump-go -host redis_secure -n 250 -port $REDIS_PORT -db $DB -output resp >backup
+time /redis-dump-go -host redis_with_password -n 250 -port $REDIS_PORT -db $DB -output resp >backup
 
 echo "-> Flushing DB and restoring dump..."
 $REDISCMD FLUSHDB

acceptance-tests/tests/select-db-with-username-password.sh

@@ -0,0 +1,29 @@
+#!/bin/sh -e
+
+export DB=2
+export REDIS_PORT=6380
+export REDIS_USER=test
+export REDISDUMPGO_AUTH=testpassword
+export REDISCMD="redis-cli -h redis_with_username_and_password -p $REDIS_PORT --user $REDIS_USER --pass $REDISDUMPGO_AUTH -n 2"
+echo $REDISCMD
+echo "-> Filling Redis with Mock Data..."
+$REDISCMD FLUSHDB
+/generator -output resp -type strings -n 100 | $REDISCMD --pipe
+DBSIZE=`$REDISCMD dbsize`
+
+echo "-> Dumping DB..."
+time /redis-dump-go -host redis_with_username_and_password -n 250 -port $REDIS_PORT -db $DB -user $REDIS_USER -output resp >backup
+
+echo "-> Flushing DB and restoring dump..."
+$REDISCMD FLUSHDB
+$REDISCMD --pipe <backup
+NEWDBSIZE=`$REDISCMD dbsize`
+echo "Redis has $DBSIZE entries"
+echo "-> Comparing DB sizes..."
+if [ $DBSIZE -ne $NEWDBSIZE ]; then
+  echo "ERROR - restored DB has $NEWDBSIZE elements, expected $DBSIZE"
+  exit 1
+else
+  echo "OK - $NEWDBSIZE elements"
+  exit 0
+fi

docker-compose.yml

@@ -5,7 +5,7 @@ services:
     image: "redis:alpine"
     ports:
       - "6379:6379"
-  redis_secure:
+  redis_with_password:
     image: "redis:alpine"
     volumes:
       - ./acceptance-tests/redis-confs:/usr/local/etc/redis
@@ -15,6 +15,16 @@ services:
         protocol: tcp
         mode: host
     entrypoint: ["/usr/local/bin/redis-server", "/usr/local/etc/redis/with_password.conf"]
+  redis_with_username_and_password:
+    image: "redis:alpine"
+    volumes:
+      - ./acceptance-tests/redis-confs:/usr/local/etc/redis
+    ports:
+      - target: 6381
+        published: 6381
+        protocol: tcp
+        mode: host
+    entrypoint: ["/usr/local/bin/redis-server", "/usr/local/etc/redis/with_username_and_password.conf"]
   tests:
     image: "alpine:latest"
     volumes:
@@ -23,6 +33,7 @@ services:
       - ./bin/redis-dump-go:/redis-dump-go
     depends_on:
       - "redis"
-      - "redis_secure"
+      - "redis_with_password"
+      - "redis_with_username_and_password"
     working_dir: /acceptance-tests
-    entrypoint: ["/acceptance-tests/entrypoint.sh"]
+    entrypoint: ["/acceptance-tests/entrypoint.sh"]

main.go

@@ -108,6 +108,7 @@ func realMain() int {
 	s := redisdump.Host{
 		Host:       c.Host,
 		Port:       c.Port,
+		Username:   c.Username,
 		Password:   redisPassword,
 		TlsHandler: tlshandler,
 	}

pkg/config/config.go

@@ -10,6 +10,7 @@ type Config struct {
 	Host      string
 	Port      int
 	Db        int
+	Username  string
 	Filter    string
 	Noscan    bool
 	BatchSize int
@@ -44,6 +45,7 @@ func FromFlags(progName string, args []string) (Config, string, error) {
 	flags.StringVar(&c.Host, "host", "127.0.0.1", "Server host")
 	flags.IntVar(&c.Port, "port", 6379, "Server port")
 	flags.IntVar(&c.Db, "db", -1, "only dump this database (default: all databases)")
+	flags.StringVar(&c.Username, "user", "", "Username")
 	flags.StringVar(&c.Filter, "filter", "*", "Key filter to use")
 	flags.BoolVar(&c.Noscan, "noscan", false, "Use KEYS * instead of SCAN - for Redis <=2.8")
 	flags.IntVar(&c.BatchSize, "batchSize", 1000, "HSET/RPUSH/SADD/ZADD only add 'batchSize' items at a time")

pkg/config/config_test.go

@@ -62,6 +62,20 @@ func TestFromFlags(t *testing.T) {
 				Output:    "commands",
 			},
 		},
+		{
+			[]string{"-host", "redis", "-port", "1234", "-batchSize", "10", "-user", "test"},
+			Config{
+				Db:        -1,
+				Host:      "redis",
+				Port:      1234,
+				Filter:    "*",
+				BatchSize: 10,
+				NWorkers:  10,
+				WithTTL:   true,
+				Output:    "resp",
+				Username:  "test",
+			},
+		},
 		{
 			[]string{"-db", "1"},
 			Config{

pkg/redisdump/redisdump.go

@@ -327,12 +327,16 @@ func RedisURL(redisHost string, redisPort string) string {
 	return fmt.Sprintf("redis://%s:%s", redisHost, redisPort)
 }
 
-func redisDialOpts(redisPassword string, tlsHandler *TlsHandler, db *uint8) ([]radix.DialOpt, error) {
+func redisDialOpts(redisUsername string, redisPassword string, tlsHandler *TlsHandler, db *uint8) ([]radix.DialOpt, error) {
 	dialOpts := []radix.DialOpt{
 		radix.DialTimeout(5 * time.Minute),
 	}
 	if redisPassword != "" {
-		dialOpts = append(dialOpts, radix.DialAuthPass(redisPassword))
+		if redisUsername != "" {
+			dialOpts = append(dialOpts, radix.DialAuthUser(redisUsername, redisPassword))
+		} else {
+			dialOpts = append(dialOpts, radix.DialAuthPass(redisPassword))
+		}
 	}
 	if tlsHandler != nil {
 		tlsCfg, err := tlsConfig(tlsHandler)
@@ -385,6 +389,7 @@ func dumpDB(client radix.Client, db *uint8, filter string, nWorkers int, withTTL
 type Host struct {
 	Host       string
 	Port       int
+	Username   string
 	Password   string
 	TlsHandler *TlsHandler
 }
@@ -396,7 +401,7 @@ func DumpServer(s Host, db *uint8, filter string, nWorkers int, withTTL bool, ba
 	redisURL := RedisURL(s.Host, fmt.Sprint(s.Port))
 	getConnFunc := func(db *uint8) func(network, addr string) (radix.Conn, error) {
 		return func(network, addr string) (radix.Conn, error) {
-			dialOpts, err := redisDialOpts(s.Password, s.TlsHandler, db)
+			dialOpts, err := redisDialOpts(s.Username, s.Password, s.TlsHandler, db)
 			if err != nil {
 				return nil, err
 			}

pkg/redisdump/redisdump_test.go

@@ -241,27 +241,37 @@ func TestParseKeyspaceInfo(t *testing.T) {
 
 func TestRedisDialOpts(t *testing.T) {
 	for i, testCase := range []struct {
+		redisUsername string
 		redisPassword string
 		tlsHandler    *TlsHandler
 		db            uint8
 		nDialOpts     int
 		err           error
 	}{
 		{
+			"",
 			"",
 			nil,
 			1,
 			2,
 			nil,
 		}, {
+			"",
+			"test",
+			&TlsHandler{},
+			1,
+			4,
+			nil,
+		}, {
+			"test",
 			"test",
 			&TlsHandler{},
 			1,
 			4,
 			nil,
 		},
 	} {
-		dOpts, err := redisDialOpts(testCase.redisPassword, testCase.tlsHandler, &testCase.db)
+		dOpts, err := redisDialOpts(testCase.redisUsername, testCase.redisPassword, testCase.tlsHandler, &testCase.db)
 		if err != testCase.err {
 			t.Errorf("expected error to be %+v, got %+v", testCase.err, err)
 		}