continue refactoring

Author: giancarloromeo

api/specs/web-server/_auth_api_keys.py

@@ -29,8 +29,8 @@ async def create_api_key(_body: ApiKeyCreate):
 
 @router.get(
     "/auth/api-keys",
-    operation_id="list_display_names",
-    response_model=Envelope[list[str]],
+    operation_id="list_api_keys",
+    response_model=Envelope[list[ApiKeyGet]],
     status_code=status.HTTP_200_OK,
 )
 async def list_api_keys():

packages/models-library/src/models_library/api_schemas_webserver/auth.py

@@ -52,7 +52,7 @@ class UnregisterCheck(InputSchema):
 
 
 class ApiKeyCreate(BaseModel):
-    display_name: str = Field(..., min_length=3)
+    display_name: Annotated[str, Field(..., min_length=3)]
     expiration: timedelta | None = Field(
         None,
         description="Time delta from creation time to expiration. If None, then it does not expire.",
@@ -81,8 +81,8 @@ class ApiKeyGet(BaseModel):
     id: int
     display_name: Annotated[str, Field(..., min_length=3)]
     api_base_url: HttpUrl | None = None
-    api_key: str
-    api_secret: str
+    api_key: str | None = None
+    api_secret: str | None = None
 
     model_config = ConfigDict(
         populate_by_name=True,

services/web/server/src/simcore_service_webserver/api_keys/_api.py

@@ -20,18 +20,6 @@
 _SECRET_LEN: Final = 20
 
 
-async def list_api_keys(
-    app: web.Application,
-    *,
-    user_id: UserID,
-    product_name: ProductName,
-) -> list[str]:
-    names: list[str] = await _db.list_display_names(
-        app, user_id=user_id, product_name=product_name
-    )
-    return names
-
-
 def _generate_api_key_and_secret(name: str):
     prefix = _PUNCTUATION_REGEX.sub("_", name[:5])
     api_key = f"{prefix}_{generate_token_secret_key(_KEY_LEN)}"
@@ -61,14 +49,26 @@ async def create_api_key(
     )
 
 
+async def get_api_keys(
+    app: web.Application,
+    *,
+    user_id: UserID,
+    product_name: ProductName,
+) -> list[ApiKey]:
+    api_keys: list[ApiKey] = await _db.get_all(
+        app, user_id=user_id, product_name=product_name
+    )
+    return api_keys
+
+
 async def get_api_key(
     app: web.Application,
     *,
     api_key_id: int,
     user_id: UserID,
     product_name: ProductName,
 ) -> ApiKey:
-    api_key = await _db.get(
+    api_key: ApiKey | None = await _db.get(
         app, api_key_id=api_key_id, user_id=user_id, product_name=product_name
     )
     if api_key is not None:
@@ -86,18 +86,20 @@ async def get_or_create_api_key(
     expiration: dt.timedelta | None = None,
 ) -> ApiKey:
 
-    api_key, api_secret = _generate_api_key_and_secret(display_name)
+    key, secret = _generate_api_key_and_secret(display_name)
 
-    return await _db.get_or_create(
+    api_key: ApiKey = await _db.get_or_create(
         app,
         user_id=user_id,
         product_name=product_name,
         display_name=display_name,
         expiration=expiration,
-        api_key=api_key,
-        api_secret=api_secret,
+        api_key=key,
+        api_secret=secret,
     )
 
+    return api_key
+
 
 async def delete_api_key(
     app: web.Application,

services/web/server/src/simcore_service_webserver/api_keys/_db.py

@@ -16,23 +16,6 @@
 _logger = logging.getLogger(__name__)
 
 
-async def list_display_names(
-    app: web.Application,
-    connection: AsyncConnection | None = None,
-    *,
-    user_id: UserID,
-    product_name: ProductName,
-) -> list[str]:
-    async with transaction_context(get_asyncpg_engine(app), connection) as conn:
-        stmt = sa.select(api_keys.c.display_name).where(
-            (api_keys.c.user_id == user_id) & (api_keys.c.product_name == product_name)
-        )
-
-        result = await conn.stream(stmt)
-        rows = [row async for row in result]
-        return [r.display_name for r in rows]
-
-
 async def create(
     app: web.Application,
     connection: AsyncConnection | None = None,
@@ -70,37 +53,6 @@ async def create(
         )
 
 
-async def get(
-    app: web.Application,
-    connection: AsyncConnection | None = None,
-    *,
-    api_key_id: int,
-    user_id: UserID,
-    product_name: ProductName,
-) -> ApiKey | None:
-    async with transaction_context(get_asyncpg_engine(app), connection) as conn:
-        stmt = sa.select(api_keys).where(
-            (api_keys.c.user_id == user_id)
-            & (api_keys.c.id == api_key_id)
-            & (api_keys.c.product_name == product_name)
-        )
-
-        result = await conn.stream(stmt)
-        row = await result.first()
-
-        return (
-            ApiKey(
-                id=row.id,
-                display_name=row.display_name,
-                expiration=row.expires_at,
-                api_key=row.api_key,
-                api_secret=row.api_secret,
-            )
-            if row
-            else None
-        )
-
-
 async def get_or_create(
     app: web.Application,
     connection: AsyncConnection | None = None,
@@ -147,6 +99,59 @@ async def get_or_create(
         )
 
 
+async def get_all(
+    app: web.Application,
+    connection: AsyncConnection | None = None,
+    *,
+    user_id: UserID,
+    product_name: ProductName,
+) -> list[ApiKey]:
+    async with transaction_context(get_asyncpg_engine(app), connection) as conn:
+        stmt = sa.select(api_keys.c.id, api_keys.c.display_name).where(
+            (api_keys.c.user_id == user_id) & (api_keys.c.product_name == product_name)
+        )
+
+        result = await conn.stream(stmt)
+        rows = [row async for row in result]
+
+        return [
+            ApiKey(
+                id=row.id,
+                display_name=row.display_name,
+            )
+            for row in rows
+        ]
+
+
+async def get(
+    app: web.Application,
+    connection: AsyncConnection | None = None,
+    *,
+    api_key_id: int,
+    user_id: UserID,
+    product_name: ProductName,
+) -> ApiKey | None:
+    async with transaction_context(get_asyncpg_engine(app), connection) as conn:
+        stmt = sa.select(api_keys).where(
+            (api_keys.c.user_id == user_id)
+            & (api_keys.c.id == api_key_id)
+            & (api_keys.c.product_name == product_name)
+        )
+
+        result = await conn.stream(stmt)
+        row = await result.first()
+
+        return (
+            ApiKey(
+                id=row.id,
+                display_name=row.display_name,
+                expiration=row.expires_at,
+            )
+            if row
+            else None
+        )
+
+
 async def delete(
     app: web.Application,
     connection: AsyncConnection | None = None,

services/web/server/src/simcore_service_webserver/api_keys/_models.py

@@ -6,6 +6,6 @@
 class ApiKey:
     id: str
     display_name: str
-    expiration: dt.timedelta
-    api_key: str
-    api_secret: str
+    expiration: dt.timedelta | None = None
+    api_key: str | None = None
+    api_secret: str | None = None

services/web/server/src/simcore_service_webserver/api_keys/_rest.py

@@ -4,6 +4,7 @@
 from aiohttp.web import RouteTableDef
 from models_library.api_schemas_webserver.auth import ApiKeyCreate, ApiKeyGet
 from models_library.rest_base import StrictRequestParameters
+from pydantic import TypeAdapter
 from servicelib.aiohttp import status
 from servicelib.aiohttp.requests_validation import (
     parse_request_body_as,
@@ -33,36 +34,6 @@ class ApiKeysPathParams(StrictRequestParameters):
     api_key_id: int
 
 
-@routes.get(f"/{API_VTAG}/auth/api-keys", name="list_api_keys")
-@login_required
-@permission_required("user.apikey.*")
-@handle_plugin_requests_exceptions
-async def list_api_keys(request: web.Request):
-    req_ctx = RequestContext.model_validate(request)
-    api_keys_names = await _api.list_api_keys(
-        request.app,
-        user_id=req_ctx.user_id,
-        product_name=req_ctx.product_name,
-    )
-    return envelope_json_response(api_keys_names)
-
-
-@routes.get(f"/{API_VTAG}/auth/api-keys/{{api_key_id}}", name="get_api_key")
-@login_required
-@permission_required("user.apikey.*")
-@handle_plugin_requests_exceptions
-async def get_api_key(request: web.Request):
-    req_ctx = RequestContext.model_validate(request)
-    path_params = parse_request_path_parameters_as(ApiKeysPathParams, request)
-    api_key: ApiKey = await _api.get_api_key(
-        request.app,
-        api_key_id=path_params.api_key_id,
-        user_id=req_ctx.user_id,
-        product_name=req_ctx.product_name,
-    )
-    return envelope_json_response(ApiKeyGet.model_validate(api_key))
-
-
 @routes.post(f"/{API_VTAG}/auth/api-keys", name="create_api_key")
 @login_required
 @permission_required("user.apikey.*")
@@ -90,6 +61,38 @@ async def create_api_key(request: web.Request):
     return envelope_json_response(api_key)
 
 
+@routes.get(f"/{API_VTAG}/auth/api-keys", name="get_api_keys")
+@login_required
+@permission_required("user.apikey.*")
+@handle_plugin_requests_exceptions
+async def get_api_keys(request: web.Request):
+    req_ctx = RequestContext.model_validate(request)
+    api_keys = await _api.get_api_keys(
+        request.app,
+        user_id=req_ctx.user_id,
+        product_name=req_ctx.product_name,
+    )
+    return envelope_json_response(
+        TypeAdapter(list[ApiKeyGet]).validate_python(api_keys)
+    )
+
+
+@routes.get(f"/{API_VTAG}/auth/api-keys/{{api_key_id}}", name="get_api_key")
+@login_required
+@permission_required("user.apikey.*")
+@handle_plugin_requests_exceptions
+async def get_api_key(request: web.Request):
+    req_ctx = RequestContext.model_validate(request)
+    path_params = parse_request_path_parameters_as(ApiKeysPathParams, request)
+    api_key: ApiKey = await _api.get_api_key(
+        request.app,
+        api_key_id=path_params.api_key_id,
+        user_id=req_ctx.user_id,
+        product_name=req_ctx.product_name,
+    )
+    return envelope_json_response(ApiKeyGet.model_validate(api_key))
+
+
 @routes.delete(f"/{API_VTAG}/auth/api-keys/{{api_key_id}}", name="delete_api_key")
 @login_required
 @permission_required("user.apikey.*")

services/web/server/tests/unit/with_dbs/01/test_api_keys.py

@@ -110,7 +110,7 @@ async def test_create_api_key(
 
         resp = await client.get("/v0/auth/api-keys")
         data, _ = await assert_status(resp, expected)
-        assert sorted(data) == [display_name]
+        assert [d["display_name"] for d in data] == [display_name]
 
 
 @pytest.mark.parametrize(
@@ -162,7 +162,7 @@ async def test_create_api_key_with_expiration(
         # list created api-key
         resp = await client.get("/v0/auth/api-keys")
         data, _ = await assert_status(resp, expected)
-        assert data == ["foo"]
+        assert [d["display_name"] for d in data] == ["foo"]
 
         # wait for api-key for it to expire and force-run scheduled task
         await asyncio.sleep(expiration_interval.seconds)