diff --git a/src/Controller/Index/Index.php b/src/Controller/Index/Index.php
index 530c7e2..b32a3f3 100644
--- a/src/Controller/Index/Index.php
+++ b/src/Controller/Index/Index.php
@@ -31,16 +31,18 @@ public function __construct(
public function execute(): ResultInterface
{
- $token = sprintf('Bearer %s', $this->config->getToken());
- $authorizationHeader = $this->getRequest()->getHeader('Authorization');
-
- if ($token !== $authorizationHeader) {
- /** @var \Magento\Framework\Controller\Result\Raw $result */
- $result = $this->resultFactory->create(ResultFactory::TYPE_RAW);
- $result->setHttpResponseCode(Http::STATUS_CODE_401);
- $result->setContents('You are not allowed to see these metrics.');
-
- return $result;
+ if ($this->config->getTokenValidationEnabled()) {
+ $token = sprintf('Bearer %s', $this->config->getToken());
+ $authorizationHeader = $this->getRequest()->getHeader('Authorization');
+
+ if ($token !== $authorizationHeader) {
+ /** @var \Magento\Framework\Controller\Result\Raw $result */
+ $result = $this->resultFactory->create(ResultFactory::TYPE_RAW);
+ $result->setHttpResponseCode(Http::STATUS_CODE_401);
+ $result->setContents('You are not allowed to see these metrics.');
+
+ return $result;
+ }
}
return $this->prometheusResultFactory->create();
diff --git a/src/Data/Config.php b/src/Data/Config.php
index 7a310f8..7ca9f96 100644
--- a/src/Data/Config.php
+++ b/src/Data/Config.php
@@ -12,6 +12,7 @@ class Config
{
private const CONFIG_PATH_METRICS_ENABLED = 'metric_configuration/metric/metric_status';
private const CONFIG_PATH_AUTH_TOKEN = 'metric_configuration/security/token';
+ private const CONFIG_PATH_TOKEN_VALIDATION_ENABLED = 'metric_configuration/security/enable_token';
private $config;
private $metricsSource;
@@ -38,6 +39,11 @@ public function getDefaultMetrics(): array
return array_column($this->metricsSource->toOptionArray(), 'value');
}
+ public function getTokenValidationEnabled(?string $scopeCode = null): bool
+ {
+ return $this->config->isSetFlag(self::CONFIG_PATH_TOKEN_VALIDATION_ENABLED, ScopeInterface::SCOPE_STORE, $scopeCode);
+ }
+
public function getToken(?string $scopeCode = null): string
{
return $this->config->getValue(self::CONFIG_PATH_AUTH_TOKEN, ScopeInterface::SCOPE_STORE, $scopeCode) ?? '';
diff --git a/src/etc/adminhtml/system.xml b/src/etc/adminhtml/system.xml
index f812a99..663a946 100644
--- a/src/etc/adminhtml/system.xml
+++ b/src/etc/adminhtml/system.xml
@@ -25,15 +25,25 @@
This section contains security related configurations. We recommend using the Bearer Token in your Prometheus Scrape Config.
+
+
+ Magento\Config\Model\Config\Source\Yesno
+
RunAsRoot\PrometheusExporter\Block\Adminhtml\System\Config\DisabledText
+
+ 1
+
Generate
Click 'Generate' to generate a random auth token, that you can use for your scrape config.
RunAsRoot\PrometheusExporter\Block\Adminhtml\System\Config\TokenGenerator
+
+ 1
+