🐛 Fix automatic API keys generation (#7625)

giancarloromeo · web-flow · commit 5653559c5480 · 2025-05-02T22:47:19.000+02:00
diff --git a/services/director-v2/src/simcore_service_director_v2/modules/osparc_variables/_api_auth.py b/services/director-v2/src/simcore_service_director_v2/modules/osparc_variables/_api_auth.py
@@ -1,13 +1,13 @@
+import logging
 import uuid
 from datetime import timedelta
 from uuid import uuid5
 
-from aiocache import cached  # type: ignore[import-untyped]
 from fastapi import FastAPI
 from models_library.products import ProductName
 from models_library.projects import ProjectID
 from models_library.projects_nodes_io import NodeID
-from models_library.rpc.webserver.auth.api_keys import ApiKeyGet
+from models_library.rpc.webserver.auth.api_keys import generate_unique_api_key
 from models_library.users import UserID
 
 from ._api_auth_rpc import create_api_key as rpc_create_api_key
@@ -16,6 +16,9 @@
 _EXPIRATION_AUTO_KEYS = timedelta(weeks=4)
 
 
+_logger = logging.getLogger(__name__)
+
+
 def create_unique_api_name_for(
     product_name: ProductName,
     user_id: UserID,
@@ -27,50 +30,17 @@ def create_unique_api_name_for(
     return f"__auto_{uuid5(uuid.NAMESPACE_DNS, f'{product_name}/{user_id}/{project_id}/{node_id}')}"
 
 
-# NOTE: Uses caching to prevent multiple calls to the external service
-# when 'create_user_api_key' or 'create_user_api_secret' are invoked.
-def _cache_key(fct, *_, **kwargs):
-    return f"{fct.__name__}_{kwargs['product_name']}_{kwargs['user_id']}_{kwargs['project_id']}_{kwargs['node_id']}"
-
-
-@cached(ttl=3, key_builder=_cache_key)
-async def _create_for(
-    app: FastAPI,
-    *,
-    product_name: ProductName,
-    user_id: UserID,
-    project_id: ProjectID,
-    node_id: NodeID,
-) -> ApiKeyGet:
-    display_name = create_unique_api_name_for(
-        product_name, user_id, project_id, node_id
-    )
-    return await rpc_create_api_key(
-        app,
-        user_id=user_id,
-        product_name=product_name,
-        display_name=display_name,
-        expiration=_EXPIRATION_AUTO_KEYS,
-    )
-
-
 async def create_user_api_key(
-    app: FastAPI,
+    app: FastAPI,  # pylint: disable=unused-argument
     product_name: ProductName,
     user_id: UserID,
     project_id: ProjectID,
     node_id: NodeID,
 ) -> str:
-    data = await _create_for(
-        app,
-        product_name=product_name,
-        user_id=user_id,
-        project_id=project_id,
-        node_id=node_id,
+    # NOTE: Given the display name, the API key is deterministically generated
+    return generate_unique_api_key(
+        create_unique_api_name_for(product_name, user_id, project_id, node_id)
     )
-    assert data.api_key  # nosec
-    assert isinstance(data.api_key, str)  # nosec
-    return data.api_key
 
 
 async def create_user_api_secret(
@@ -80,12 +50,16 @@ async def create_user_api_secret(
     project_id: ProjectID,
     node_id: NodeID,
 ) -> str:
-    data = await _create_for(
+    display_name = create_unique_api_name_for(
+        product_name, user_id, project_id, node_id
+    )
+    _logger.debug("Creating API key for %s", display_name)
+    data = await rpc_create_api_key(
         app,
-        product_name=product_name,
         user_id=user_id,
-        project_id=project_id,
-        node_id=node_id,
+        product_name=product_name,
+        display_name=display_name,
+        expiration=_EXPIRATION_AUTO_KEYS,
     )
     assert data.api_secret  # nosec
     assert isinstance(data.api_secret, str)  # nosec
