From 8a65496787c6fdfc61b0cf4b7628d0f751e41f23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Mierzwa?= <l.mierzwa@gmail.com>
Date: Tue, 17 Apr 2018 21:52:50 -0700
Subject: [PATCH] Set Basic Auth on proxied requests if user:pass is set in the
 Alertmanager URI

---
 proxy.go      |  7 +++++++
 proxy_test.go | 10 ++++++++++
 2 files changed, 17 insertions(+)

diff --git a/proxy.go b/proxy.go
index 2aca36a90..4d3b43173 100644
--- a/proxy.go
+++ b/proxy.go
@@ -31,6 +31,13 @@ func NewAlertmanagerProxy(alertmanager *alertmanager.Alertmanager) (*httputil.Re
 		Director: func(req *http.Request) {
 			req.URL.Scheme = upstreamURL.Scheme
 			req.URL.Host = upstreamURL.Host
+
+			if upstreamURL.User.Username() != "" {
+				username := upstreamURL.User.Username()
+				password, _ := upstreamURL.User.Password()
+				req.SetBasicAuth(username, password)
+			}
+
 			// drop Accept-Encoding header so we always get uncompressed reponses from
 			// upstream, there's a gzip middleware that's global so we don't want it
 			// to gzip twice
diff --git a/proxy_test.go b/proxy_test.go
index 0d099413e..813140e3e 100644
--- a/proxy_test.go
+++ b/proxy_test.go
@@ -162,6 +162,16 @@ var proxyHeaderTests = []proxyHeaderTest{
 		authUser:         "foo",
 		authPass:         "bar",
 	},
+	{
+		method:           "POST",
+		localPath:        "/proxy/alertmanager/dummy/api/v1/silences",
+		upstreamURI:      "http://alertmanager.example.com/api/v1/silences",
+		code:             200,
+		alertmanagerURI:  "http://foo@alertmanager.example.com",
+		alertmanagerHost: "alertmanager.example.com",
+		authUser:         "foo",
+		authPass:         "",
+	},
 }
 
 func TestProxyHeaders(t *testing.T) {