Skip to content

Extend webserver's ApiKey API #5022

New issue
New issue
Closed
#6843
Closed
Extend webserver's ApiKey API#5022
#6843
Assignees
giancarloromeoodeimaiz
Labels
a:webserverwebserver's codebase. Assigning the area is particularly useful for bugst:enhancementImprovement or request on an existing feature
Milestone
Event Horizon
@GitHK

Description

@GitHK
GitHK
opened on Nov 13, 2023

The following changes have been removed from #5004 since they are not needed

For reference below are generated from this revert commit 05641ea

api/specs/web-server/_auth.py

 @router.get(
     "/auth/api-keys/{name}",
     operation_id="api_key_get",
     responses={
         status.HTTP_200_OK: {
             "description": "returns the api key or None",
             "model": ApiKeyGet | None,
         },
         status.HTTP_400_BAD_REQUEST: {
             "description": "key name requested is invalid",
         },
         status.HTTP_401_UNAUTHORIZED: {
             "description": "requires login to get the keu",
         },
         status.HTTP_403_FORBIDDEN: {
             "description": "not enough permissions to get the keu",
         },
     },
 )
 async def api_key_get(name: str):
     """returns the key or None"""

services/web/server/src/simcore_service_webserver/api_keys/_handlers.py

 class _RequestParams(BaseModel):
     name: str

@routes.get(f"/{API_VTAG}/auth/api-keys/{{name}}", name="api_key_get")
 @login_required
 @permission_required("user.apikey.*")
 async def api_key_get(request: web.Request):
     req_ctx = _RequestContext.parse_obj(request)
     path_params = parse_request_path_parameters_as(_RequestParams, request)
     key = await _api.get(
         request.app,
         user_id=req_ctx.user_id,
         product_name=req_ctx.product_name,
         name=path_params.name,
     )
     return envelope_json_response(key)

services/web/server/tests/unit/with_dbs/01/test_api_keys.py

@pytest.mark.parametrize("user_role,expected", _USER_ACCESS_PARAMETERS)
async def test_create_api_keys(
    client: TestClient,
    logged_user: UserInfoDict,
    user_role: UserRole,
     expected: type[web.HTTPException],
     disable_gc_manual_guest_users: None,
 ):
     display_name = "foo"
     resp = await client.post("/v0/auth/api-keys", json={"display_name": display_name})

     data, errors = await assert_status(resp, expected)

     if not errors:
         assert data["display_name"] == display_name
         assert "api_key" in data
         assert "api_secret" in data

         resp = await client.get("/v0/auth/api-keys")
         data, _ = await assert_status(resp, expected)
         assert sorted(data) == [
             display_name,
         ]

     # check key existence
     resp = await client.get(f"/v0/auth/api-keys/{display_name}")
     data, errors = await assert_status(resp, expected)

     if not errors:
         assert ApiKeyGet.parse_obj(data).display_name == display_name


 @pytest.mark.parametrize("user_role,expected", _USER_ACCESS_PARAMETERS)
 async def test_api_key_does_not_exists(
     client: TestClient,
     logged_user: UserInfoDict,
     user_role: UserRole,
     expected: type[web.HTTPException],
     disable_gc_manual_guest_users: None,
 ):
     resp = await client.get("/v0/auth/api-keys/missing_key")
     data, errors = await assert_status(resp, expected)

     if not errors:
         assert data is None

NOTE: test_create_api_keys replaces an existing function

Metadata

Metadata

Assignees

Labels

a:webserverwebserver's codebase. Assigning the area is particularly useful for bugst:enhancementImprovement or request on an existing feature

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions