gitea/routers/web/metrics.go

// Copyright 2018 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package web

import (
	"crypto/subtle"
	"net/http"

	"code.gitea.io/gitea/modules/setting"

	"github.com/prometheus/client_golang/prometheus/promhttp"
)

// Metrics validate auth token and render prometheus metrics
func Metrics(resp http.ResponseWriter, req *http.Request) {
	if setting.Metrics.Token == "" {
		promhttp.Handler().ServeHTTP(resp, req)
		return
	}
	header := req.Header.Get("Authorization")
	if header == "" {
		http.Error(resp, "", 401)
		return
	}
	got := []byte(header)
	want := []byte("Bearer " + setting.Metrics.Token)
	if subtle.ConstantTimeCompare(got, want) != 1 {
		http.Error(resp, "", 401)
		return
	}
	promhttp.Handler().ServeHTTP(resp, req)
}
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`// Copyright 2018 The Gitea Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

Refactor routers directory (#15800) * refactor routers directory * move func used for web and api to common * make corsHandler a function to prohibit side efects * rm unused func Co-authored-by: 6543 <6543@obermui.de> 2021-06-08 23:33:54 +00:00			`package web`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00
			`import (`
routers: do not leak secrets via timing side channel (#7364) * routers: do not leak secrets via timing side channel * routers/repo: do not leak secrets via timing side channel 2019-07-06 17:03:13 +00:00			`"crypto/subtle"`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`"net/http"`
routers: do not leak secrets via timing side channel (#7364) * routers: do not leak secrets via timing side channel * routers/repo: do not leak secrets via timing side channel 2019-07-06 17:03:13 +00:00
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`"code.gitea.io/gitea/modules/setting"`
Use gitea forked macaron (#7933) Signed-off-by: Tamal Saha <tamal@appscode.com> 2019-08-23 16:40:30 +00:00
			`"github.com/prometheus/client_golang/prometheus/promhttp"`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`)`

			`// Metrics validate auth token and render prometheus metrics`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`func Metrics(resp http.ResponseWriter, req *http.Request) {`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`if setting.Metrics.Token == "" {`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`promhttp.Handler().ServeHTTP(resp, req)`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`return`
			`}`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`header := req.Header.Get("Authorization")`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`if header == "" {`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`http.Error(resp, "", 401)`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`return`
			`}`
routers: do not leak secrets via timing side channel (#7364) * routers: do not leak secrets via timing side channel * routers/repo: do not leak secrets via timing side channel 2019-07-06 17:03:13 +00:00			`got := []byte(header)`
			`want := []byte("Bearer " + setting.Metrics.Token)`
			`if subtle.ConstantTimeCompare(got, want) != 1 {`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`http.Error(resp, "", 401)`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`return`
			`}`
Move metrics from macaron to chi (#13601) 2020-11-17 20:50:06 +00:00			`promhttp.Handler().ServeHTTP(resp, req)`
Prometheus endpoint (#5256) * Add prometheus collector and route * dep ensure -add github.com/prometheus/client_golang/prometheus * dep ensure -update github.com/golang/protobuf * add metrics to reserved usernames * add comment head in metrics package * fix style imports * add metrics settings * add bearer token check * mapping metrics configs * fix lint * update config cheat sheet * update conf sample, typo fix 2018-11-05 03:20:00 +00:00			`}`