From 05ae7f3a332a37ec56b82bffb2fca5f1ede11994 Mon Sep 17 00:00:00 2001
From: Half-Shot <will@half-shot.uk>
Date: Fri, 12 Aug 2022 12:20:39 +0100
Subject: [PATCH 1/5] Add checkToken back to addAppServicePath and ensure
metrics doesn't require a token
---
src/bridge.ts | 3 ++-
src/components/prometheusmetrics.ts | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/bridge.ts b/src/bridge.ts
index cbdc26b2..b1825eff 100644
--- a/src/bridge.ts
+++ b/src/bridge.ts
@@ -967,6 +967,7 @@ export class Bridge {
public addAppServicePath(opts: {
method: "GET"|"PUT"|"POST"|"DELETE",
path: string,
+ checkToken?: boolean,
handler: (req: ExRequest, respose: ExResponse, next: NextFunction) => void,
}): void {
if (!this.appservice) {
@@ -975,7 +976,7 @@ export class Bridge {
const app: Application = this.appservice.expressApp;
app[opts.method.toLowerCase() as "get"|"put"|"post"|"delete"](opts.path, (req, res, ...args) => {
- if (!this.requestCheckToken(req)) {
+ if (opts.checkToken === false || !this.requestCheckToken(req)) {
return res.status(403).send({
errcode: "M_FORBIDDEN",
error: "Bad token supplied,"
diff --git a/src/components/prometheusmetrics.ts b/src/components/prometheusmetrics.ts
index 6e411359..5bb98334 100644
--- a/src/components/prometheusmetrics.ts
+++ b/src/components/prometheusmetrics.ts
@@ -398,6 +398,7 @@ export class PrometheusMetrics {
public addAppServicePath(bridge: Bridge): void {
bridge.addAppServicePath({
method: "GET",
+ checkToken: false,
path: "/metrics",
handler: async (_req: Request, res: Response) => {
try {
From 370b0b268d92a2b1286d79292062d9e0068e2181 Mon Sep 17 00:00:00 2001
From: Half-Shot <will@half-shot.uk>
Date: Fri, 12 Aug 2022 12:22:58 +0100
Subject: [PATCH 2/5] changelog
---
changelog.d/435.bugfix | 1 +
1 file changed, 1 insertion(+)
create mode 100644 changelog.d/435.bugfix
diff --git a/changelog.d/435.bugfix b/changelog.d/435.bugfix
new file mode 100644
index 00000000..f9ea83ba
--- /dev/null
+++ b/changelog.d/435.bugfix
@@ -0,0 +1 @@
+Fix bug introduced in 5.0.0 which caused the `/metrics` endpoint to request authentication. The endpoint no longer requires authentication.
\ No newline at end of file
From 2fd952b78edda66b310cecc9e37f27d90df76142 Mon Sep 17 00:00:00 2001
From: Half-Shot <will@half-shot.uk>
Date: Fri, 12 Aug 2022 12:41:52 +0100
Subject: [PATCH 3/5] Add `authenticate` flag
---
src/bridge.ts | 8 ++++----
src/components/prometheusmetrics.ts | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/bridge.ts b/src/bridge.ts
index b1825eff..70578ced 100644
--- a/src/bridge.ts
+++ b/src/bridge.ts
@@ -960,23 +960,23 @@ export class Bridge {
* @param opts Named options
* @param opts.method The HTTP method name.
* @param opts.path Path to the endpoint.
- * @param opts.checkToken Should the token be automatically checked. Defaults to true.
+ * @param opts.authenticate Should the token be automatically checked. Defaults to true.
* @param opts.handler Function to handle requests
* to this endpoint.
*/
public addAppServicePath(opts: {
method: "GET"|"PUT"|"POST"|"DELETE",
path: string,
- checkToken?: boolean,
+ authenticate: boolean,
handler: (req: ExRequest, respose: ExResponse, next: NextFunction) => void,
}): void {
if (!this.appservice) {
throw Error('Cannot call addAppServicePath before calling .run()');
}
const app: Application = this.appservice.expressApp;
-
+ const authenticate = opts.authenticate ?? true;
app[opts.method.toLowerCase() as "get"|"put"|"post"|"delete"](opts.path, (req, res, ...args) => {
- if (opts.checkToken === false || !this.requestCheckToken(req)) {
+ if (authenticate && !this.requestCheckToken(req)) {
return res.status(403).send({
errcode: "M_FORBIDDEN",
error: "Bad token supplied,"
diff --git a/src/components/prometheusmetrics.ts b/src/components/prometheusmetrics.ts
index 5bb98334..92c25ec4 100644
--- a/src/components/prometheusmetrics.ts
+++ b/src/components/prometheusmetrics.ts
@@ -398,7 +398,7 @@ export class PrometheusMetrics {
public addAppServicePath(bridge: Bridge): void {
bridge.addAppServicePath({
method: "GET",
- checkToken: false,
+ authenticate: false,
path: "/metrics",
handler: async (_req: Request, res: Response) => {
try {
From b378193a532d7b0d5e38c4b2eebef12271fcb177 Mon Sep 17 00:00:00 2001
From: Half-Shot <will@half-shot.uk>
Date: Fri, 12 Aug 2022 12:46:33 +0100
Subject: [PATCH 4/5] forgot to make it optional!
---
src/bridge.ts | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/bridge.ts b/src/bridge.ts
index 70578ced..f67d3408 100644
--- a/src/bridge.ts
+++ b/src/bridge.ts
@@ -967,7 +967,7 @@ export class Bridge {
public addAppServicePath(opts: {
method: "GET"|"PUT"|"POST"|"DELETE",
path: string,
- authenticate: boolean,
+ authenticate?: boolean,
handler: (req: ExRequest, respose: ExResponse, next: NextFunction) => void,
}): void {
if (!this.appservice) {
From 49bcc55aaaf0a46c54788e72162bfd512217b3c1 Mon Sep 17 00:00:00 2001
From: Half-Shot <will@half-shot.uk>
Date: Fri, 12 Aug 2022 12:46:53 +0100
Subject: [PATCH 5/5] Sort options
---
src/bridge.ts | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/bridge.ts b/src/bridge.ts
index f67d3408..1e349fd2 100644
--- a/src/bridge.ts
+++ b/src/bridge.ts
@@ -958,10 +958,10 @@ export class Bridge {
* Install a custom handler for an incoming HTTP API request. This allows
* callers to add extra functionality, implement new APIs, etc...
* @param opts Named options
- * @param opts.method The HTTP method name.
- * @param opts.path Path to the endpoint.
* @param opts.authenticate Should the token be automatically checked. Defaults to true.
* @param opts.handler Function to handle requests
+ * @param opts.method The HTTP method name.
+ * @param opts.path Path to the endpoint.
* to this endpoint.
*/
public addAppServicePath(opts: {