From ca53ce10815e903b4e238f73364a0a59e7e83068 Mon Sep 17 00:00:00 2001 From: Daniel Bornkessel Date: Tue, 8 Jan 2013 16:56:19 +0100 Subject: [PATCH 1/3] Implement simple basic auth for the exporter So this can be quickly thrown into public projects until better methods of authentications are available --- registry.go | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/registry.go b/registry.go index 5af343a..a1747f1 100644 --- a/registry.go +++ b/registry.go @@ -9,6 +9,7 @@ the LICENSE file. package registry import ( + "encoding/base64" "encoding/json" "github.com/matttproud/golang_instrumentation/maths" "github.com/matttproud/golang_instrumentation/metrics" @@ -117,6 +118,31 @@ func (r *Registry) Register(name string, metric metrics.Metric) { } } +func (register *Registry) YieldProtectedExporter(username, password string) http.HandlerFunc { + exporter := register.YieldExporter() + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + authenticated := false + + if auth := r.Header.Get("Authorization"); auth != "" { + base64Encoded := strings.SplitAfter(auth, " ")[1] + decoded, err := base64.URLEncoding.DecodeString(base64Encoded) + if err == nil { + usernamePassword := strings.Split(string(decoded), ":") + if usernamePassword[0] == username && usernamePassword[1] == password { + authenticated = true + } + } + } + + if authenticated { + exporter.ServeHTTP(w, r) + } else { + http.Error(w, "access forbidden", 403) + } + }) +} + /* Create a http.HandlerFunc that is tied to r Registry such that requests against it generate a representation of the housed metrics. From 45f6fe3bf10b1d490efa98a6d193b0ddc4fc51bf Mon Sep 17 00:00:00 2001 From: Daniel Bornkessel Date: Wed, 9 Jan 2013 12:47:33 +0100 Subject: [PATCH 2/3] Constantize string --- registry.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/registry.go b/registry.go index a1747f1..20ff203 100644 --- a/registry.go +++ b/registry.go @@ -24,6 +24,7 @@ const ( jsonContentType = "application/json" contentType = "Content-Type" jsonSuffix = ".json" + authorization = "Authorization" ) /* @@ -124,7 +125,7 @@ func (register *Registry) YieldProtectedExporter(username, password string) http return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { authenticated := false - if auth := r.Header.Get("Authorization"); auth != "" { + if auth := r.Header.Get(authorization); auth != "" { base64Encoded := strings.SplitAfter(auth, " ")[1] decoded, err := base64.URLEncoding.DecodeString(base64Encoded) if err == nil { From 3dbf5d550bdc0384bd5e4c54dff83a0f79a349d3 Mon Sep 17 00:00:00 2001 From: Daniel Bornkessel Date: Wed, 9 Jan 2013 12:48:33 +0100 Subject: [PATCH 3/3] Rename YieldProtectedExporter -> YieldBasicAuthExporter --- registry.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/registry.go b/registry.go index 20ff203..2460c23 100644 --- a/registry.go +++ b/registry.go @@ -119,7 +119,7 @@ func (r *Registry) Register(name string, metric metrics.Metric) { } } -func (register *Registry) YieldProtectedExporter(username, password string) http.HandlerFunc { +func (register *Registry) YieldBasicAuthExporter(username, password string) http.HandlerFunc { exporter := register.YieldExporter() return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {