root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 266 Packages Projects Releases Wiki Activity
grafana/pkg/api/apikey.go

208 lines
5.7 KiB
Go
Raw Normal View History

API token -> API key rename
2015-01-27 15:26:11 +08:00
package api
import (
Chore: Handle wrapped errors (#29223) * Chore: Handle wrapped errors Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-11-19 20:34:28 +08:00
"errors"
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments
2021-11-29 17:18:01 +08:00
"net/http"
Remove Macaron ParamsInt64 function from code base (#43810) * draft commit * change all calls * Compilation errors
2022-01-15 00:55:57 +08:00
"strconv"
pkg/util: Check errors (#19832) * pkg/util: Check errors * pkg/services: DRY up code
2019-10-23 16:40:12 +08:00
"time"
New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440
2015-02-27 00:23:28 +08:00
"github.com/grafana/grafana/pkg/api/dtos"
Chore: Moves common and response into separate packages (#30298) * Chore: moves common and response into separate packages * Chore: moves common and response into separate packages * Update pkg/api/utils/common.go Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: changes after PR comments * Chore: move wrap to routing package * Chore: move functions in common to response package * Chore: move functions in common to response package * Chore: formats imports Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-15 21:43:20 +08:00
"github.com/grafana/grafana/pkg/api/response"
New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440
2015-02-27 00:23:28 +08:00
"github.com/grafana/grafana/pkg/components/apikeygen"
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 20:19:09 +08:00
"github.com/grafana/grafana/pkg/services/apikey"
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2023-01-27 15:50:36 +08:00
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments
2021-11-29 17:18:01 +08:00
"github.com/grafana/grafana/pkg/web"
API token -> API key rename
2015-01-27 15:26:11 +08:00
)
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// swagger:route GET /auth/keys api_keys getAPIkeys
//
// Get auth keys.
//
// Will return auth keys.
//
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2023-04-11 22:58:35 +08:00
// Deprecated: true.
//
// Deprecated. Please use GET /api/serviceaccounts and GET /api/serviceaccounts/{id}/tokens instead
// see https://grafana.com/docs/grafana/next/administration/api-keys/#migrate-api-keys-to-grafana-service-accounts-using-the-api.
//
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// Responses:
// 200: getAPIkeyResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2023-01-27 15:50:36 +08:00
func (hs *HTTPServer) GetAPIKeys(c *contextmodel.ReqContext) response.Response {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
query := apikey.GetApiKeysQuery{OrgID: c.SignedInUser.GetOrgID(), User: c.SignedInUser, IncludeExpired: c.QueryBool("includeExpired")}
API token -> API key rename
2015-01-27 15:26:11 +08:00
Chore: Remove result field from API keys commands and queries (#65055) * Chore: remove result field from api keys * fix shadowing * actually shadowing was all right
2023-03-21 20:26:33 +08:00
keys, err := hs.apiKeyService.GetAPIKeys(c.Req.Context(), &query)
if err != nil {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusInternalServerError, "Failed to list api keys", err)
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
2022-04-29 21:30:24 +08:00
ids := map[string]bool{}
Chore: Remove result field from API keys commands and queries (#65055) * Chore: remove result field from api keys * fix shadowing * actually shadowing was all right
2023-03-21 20:26:33 +08:00
result := make([]*dtos.ApiKeyDTO, len(keys))
for i, t := range keys {
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2023-02-04 00:23:09 +08:00
ids[strconv.FormatInt(t.ID, 10)] = true
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
2019-06-26 14:47:03 +08:00
var expiration *time.Time = nil
if t.Expires != nil {
v := time.Unix(*t.Expires, 0)
expiration = &v
}
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
2022-04-29 21:30:24 +08:00
result[i] = &dtos.ApiKeyDTO{
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2023-02-04 00:23:09 +08:00
ID: t.ID,
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
2019-06-26 14:47:03 +08:00
Name: t.Name,
Role: t.Role,
Expiration: expiration,
API keys: Add last_used_at and docs changes for migration (#64293) * feat: last_used_at for apikeys * add: docs and copy changes * refactor: use br correctly * remove docs * removed more docs
2023-03-09 22:16:42 +08:00
LastUsedAt: t.LastUsedAt,
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
}
Refactoring some api handlers to use the new Response return object
2015-05-19 03:23:40 +08:00
Auth: Move access control API to SignedInUser interface (#73144) * move access control api to SignedInUser interface * remove unused code * add logic for reading perms from a specific org * move the specific org logic to org_user.go * add a comment --------- Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
2023-08-18 18:42:18 +08:00
metadata := hs.getMultiAccessControlMetadata(c, "apikeys:id", ids)
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
2022-04-29 21:30:24 +08:00
if len(metadata) > 0 {
for _, key := range result {
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2023-02-04 00:23:09 +08:00
key.AccessControl = metadata[strconv.FormatInt(key.ID, 10)]
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
2022-04-29 21:30:24 +08:00
}
}
fix status code 200 (#47818)
2022-04-15 20:01:58 +08:00
return response.JSON(http.StatusOK, result)
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// swagger:route DELETE /auth/keys/{id} api_keys deleteAPIkey
//
// Delete API key.
//
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2023-04-11 22:58:35 +08:00
// Deletes an API key.
// Deprecated. See: https://grafana.com/docs/grafana/next/administration/api-keys/#migrate-api-keys-to-grafana-service-accounts-using-the-api.
//
// Deprecated: true
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// Responses:
// 200: okResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2023-01-27 15:50:36 +08:00
func (hs *HTTPServer) DeleteAPIKey(c *contextmodel.ReqContext) response.Response {
Remove Macaron ParamsInt64 function from code base (#43810) * draft commit * change all calls * Compilation errors
2022-01-15 00:55:57 +08:00
id, err := strconv.ParseInt(web.Params(c.Req)[":id"], 10, 64)
if err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
API token -> API key rename
2015-01-27 15:26:11 +08:00
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
cmd := &apikey.DeleteCommand{ID: id, OrgID: c.SignedInUser.GetOrgID()}
Chore: split APIKey store (#52781) * move apikey store into a separate service * add apikey service to wire graph * fix linter * switch api to use apikey service * fix provideservice in tests * add apikey service test double * try different sql syntax * rolling back the dialect * trigger drone * trigger drone
2022-08-02 22:55:19 +08:00
err = hs.apiKeyService.DeleteApiKey(c.Req.Context(), cmd)
API token -> API key rename
2015-01-27 15:26:11 +08:00
if err != nil {
Return 404 when deleting non-existing API key (#33346) The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
2021-04-28 19:30:09 +08:00
var status int
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 20:19:09 +08:00
if errors.Is(err, apikey.ErrNotFound) {
Return 404 when deleting non-existing API key (#33346) The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
2021-04-28 19:30:09 +08:00
status = 404
} else {
status = 500
}
return response.Error(status, "Failed to delete API key", err)
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
Chore: Moves common and response into separate packages (#30298) * Chore: moves common and response into separate packages * Chore: moves common and response into separate packages * Update pkg/api/utils/common.go Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: changes after PR comments * Chore: move wrap to routing package * Chore: move functions in common to response package * Chore: move functions in common to response package * Chore: formats imports Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-15 21:43:20 +08:00
return response.Success("API key deleted")
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// swagger:route POST /auth/keys api_keys addAPIkey
//
// Creates an API key.
//
Chore: fix formating for swagger definitions (#54993)
2022-09-12 15:40:35 +08:00
// Will return details of the created API key.
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
//
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2023-04-11 22:58:35 +08:00
// Deprecated: true
// Deprecated. Please use POST /api/serviceaccounts and POST /api/serviceaccounts/{id}/tokens
//
// see: https://grafana.com/docs/grafana/next/administration/api-keys/#migrate-api-keys-to-grafana-service-accounts-using-the-api.
//
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// Responses:
// 200: postAPIkeyResponse
// 400: badRequestError
// 401: unauthorisedError
// 403: forbiddenError
// 409: conflictError
// 500: internalServerError
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2023-01-27 15:50:36 +08:00
func (hs *HTTPServer) AddAPIKey(c *contextmodel.ReqContext) response.Response {
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 20:19:09 +08:00
cmd := apikey.AddCommand{}
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments
2021-11-29 17:18:01 +08:00
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
API token -> API key rename
2015-01-27 15:26:11 +08:00
if !cmd.Role.IsValid() {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusBadRequest, "Invalid role specified", nil)
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
if !c.SignedInUser.GetOrgRole().Includes(cmd.Role) {
Access control: service account role check (#47710) * forbid setting role higher than user's role * change response code * can assign API key permissions to non-admin users * add: assign viewer role directly upon creation * refactor: add AddSATcommand infavor of AddAPIkey * refactor: frontend fixes for ServiceAccountToken Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
2022-04-14 00:11:03 +08:00
return response.Error(http.StatusForbidden, "Cannot assign a role higher than user's role", nil)
}
API token -> API key rename
2015-01-27 15:26:11 +08:00
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
2019-06-26 14:47:03 +08:00
if hs.Cfg.ApiKeyMaxSecondsToLive != -1 {
if cmd.SecondsToLive == 0 {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusBadRequest, "Number of seconds before expiration should be set", nil)
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
2019-06-26 14:47:03 +08:00
}
if cmd.SecondsToLive > hs.Cfg.ApiKeyMaxSecondsToLive {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusBadRequest, "Number of seconds before expiration is greater than the global limit", nil)
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
2019-06-26 14:47:03 +08:00
}
}
Add/Delete API keys to Service accounts (#44871) * ServiceAccounts: move token handlers to specific file * ServiceAccounts: move Add API key to Service account * APIKeys: api keys can still be used even when service accounts are enabled * APIKeys: legacy endpoint can't be used to add SA tokens * ServiceAccount: add tests for creation with nil and non-nil service account ids * ServiceAccounts: fix unnasigned cfg and AC typo * Test: test service account token adding * fix linting error * ServiceAccounts: Handle Token deletion * rename token funcs * rename token funcs and api wrapping * add token deletion tests * review Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com> * remove bus * Update pkg/api/apikey.go Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
2022-02-07 21:51:54 +08:00
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
cmd.OrgID = c.SignedInUser.GetOrgID()
New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440
2015-02-27 00:23:28 +08:00
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2023-02-04 00:23:09 +08:00
newKeyInfo, err := apikeygen.New(cmd.OrgID, cmd.Name)
pkg/util: Check errors (#19832) * pkg/util: Check errors * pkg/services: DRY up code
2019-10-23 16:40:12 +08:00
if err != nil {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusInternalServerError, "Generating API key failed", err)
pkg/util: Check errors (#19832) * pkg/util: Check errors * pkg/services: DRY up code
2019-10-23 16:40:12 +08:00
}
New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440
2015-02-27 00:23:28 +08:00
cmd.Key = newKeyInfo.HashedKey
Chore: Remove result field from API keys commands and queries (#65055) * Chore: remove result field from api keys * fix shadowing * actually shadowing was all right
2023-03-21 20:26:33 +08:00
key, err := hs.apiKeyService.AddAPIKey(c.Req.Context(), &cmd)
if err != nil {
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 20:19:09 +08:00
if errors.Is(err, apikey.ErrInvalidExpiration) {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusBadRequest, err.Error(), nil)
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
2019-06-26 14:47:03 +08:00
}
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 20:19:09 +08:00
if errors.Is(err, apikey.ErrDuplicate) {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusConflict, err.Error(), nil)
Auth: Duplicate API Key Name Handle With Useful HTTP Code (#17905) * API: Duplicate API Key Name Handle With Useful HTTP Code * 17447: make changes requested during review - use dialect.IsUniqueContraintViolation - change if statement to match others - return error properly * Revert "17447: make changes requested during review" This reverts commit a4a674ea83a9288701611f203f2a75531fb8a131. * API: useful http code on duplicate api key error w/ tests * API: API Key Duplicate Handling fixed small typo associated with error
2019-07-11 16:20:34 +08:00
}
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2023-08-28 16:42:24 +08:00
return response.Error(http.StatusInternalServerError, "Failed to add API Key", err)
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440
2015-02-27 00:23:28 +08:00
result := &dtos.NewApiKeyResult{
Chore: Remove result field from API keys commands and queries (#65055) * Chore: remove result field from api keys * fix shadowing * actually shadowing was all right
2023-03-21 20:26:33 +08:00
ID: key.ID,
Name: key.Name,
API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints (#27419) * API: add ID to auth key and folder endpoints * API: add test for folder permissions update * API: add created user id for /invite/complete endpoint
2020-09-07 23:06:11 +08:00
Key: newKeyInfo.ClientSecret,
}
API token -> API key rename
2015-01-27 15:26:11 +08:00
fix status code 200 (#47818)
2022-04-15 20:01:58 +08:00
return response.JSON(http.StatusOK, result)
API token -> API key rename
2015-01-27 15:26:11 +08:00
}
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
// swagger:parameters getAPIkeys
type GetAPIkeysParams struct {
// Show expired keys
// in:query
// required:false
// default:false
IncludeExpired bool `json:"includeExpired"`
}
// swagger:parameters addAPIkey
type AddAPIkeyParams struct {
// in:body
// required:true
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 20:19:09 +08:00
Body apikey.AddCommand
Chore: Move swagger definitions to the handlers (#52643)
2022-07-27 21:54:37 +08:00
}
// swagger:parameters deleteAPIkey
type DeleteAPIkeyParams struct {
// in:path
// required:true
ID int64 `json:"id"`
}
// swagger:response getAPIkeyResponse
type GetAPIkeyResponse struct {
// The response message
// in: body
Body []*dtos.ApiKeyDTO `json:"body"`
}
// swagger:response postAPIkeyResponse
type PostAPIkeyResponse struct {
// The response message
// in: body
Body dtos.NewApiKeyResult `json:"body"`
}