apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
58882 Commits
2179 Branches
608 Tags
1.9 GiB
Tag: Branch: Tree: 5bda17e7c1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5bda17e7c1'
${ noResults }
grafana/pkg/api/apikey.go

150 lines
4.0 KiB
Raw Normal View History Unescape

API token -> API key rename
11 years ago
package api
import (
Chore: Handle wrapped errors (#29223) * Chore: Handle wrapped errors Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
5 years ago
"errors"
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments
4 years ago
"net/http"
Remove Macaron ParamsInt64 function from code base (#43810) * draft commit * change all calls * Compilation errors
4 years ago
"strconv"
pkg/util: Check errors (#19832) * pkg/util: Check errors * pkg/services: DRY up code
6 years ago
"time"
New implementation for API Keys that only stores hashed api keys, and the client key is base64 decoded json web token with the unhashed key, Closes #1440
10 years ago
"github.com/grafana/grafana/pkg/api/dtos"
Chore: Moves common and response into separate packages (#30298) * Chore: moves common and response into separate packages * Chore: moves common and response into separate packages * Update pkg/api/utils/common.go Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: changes after PR comments * Chore: move wrap to routing package * Chore: move functions in common to response package * Chore: move functions in common to response package * Chore: formats imports Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
5 years ago
"github.com/grafana/grafana/pkg/api/response"
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
3 years ago
"github.com/grafana/grafana/pkg/services/apikey"
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2 years ago
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments
4 years ago
"github.com/grafana/grafana/pkg/web"
API token -> API key rename
11 years ago
)
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// swagger:route GET /auth/keys api_keys getAPIkeys
//
// Get auth keys.
//
// Will return auth keys.
//
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2 years ago
// Deprecated: true.
//
// Deprecated. Please use GET /api/serviceaccounts and GET /api/serviceaccounts/{id}/tokens instead
IAM docs: Transform `API keys` to `Migrate API keys` docs (#92380) * IAM docs: Transform `API keys` to `Migrate API keys` docs * Update links to `API keys` in other doc pages * Grafana UI: update help button link * Update OpenAPI/Swagger links * Update docs/sources/administration/service-accounts/migrate-api-keys.md Co-authored-by: Jack Baldry <jack.baldry@grafana.com> * Update `relref` links to the new URL * fix space before em dash spaces before or after em dashes are not recommended (https://developers.google.com/style/dashes) --------- Co-authored-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
10 months ago
// see https://grafana.com/docs/grafana/next/administration/service-accounts/migrate-api-keys/.
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2 years ago
//
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// Responses:
// 200: getAPIkeyResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2 years ago
func (hs *HTTPServer) GetAPIKeys(c *contextmodel.ReqContext) response.Response {
CI: Bump golangci-lint to 2.0.2 (#103572)
3 months ago
query := apikey.GetApiKeysQuery{OrgID: c.GetOrgID(), User: c.SignedInUser, IncludeExpired: c.QueryBool("includeExpired")}
API token -> API key rename
11 years ago
Chore: Remove result field from API keys commands and queries (#65055) * Chore: remove result field from api keys * fix shadowing * actually shadowing was all right
2 years ago
keys, err := hs.apiKeyService.GetAPIKeys(c.Req.Context(), &query)
if err != nil {
Chore: Port user services to identity.Requester (#73851) * port api key api to signedinuser * port users to signed in user interface * fix tests
2 years ago
return response.Error(http.StatusInternalServerError, "Failed to list api keys", err)
API token -> API key rename
11 years ago
}
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
3 years ago
ids := map[string]bool{}
Chore: Remove result field from API keys commands and queries (#65055) * Chore: remove result field from api keys * fix shadowing * actually shadowing was all right
2 years ago
result := make([]*dtos.ApiKeyDTO, len(keys))
for i, t := range keys {
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2 years ago
ids[strconv.FormatInt(t.ID, 10)] = true
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
6 years ago
var expiration *time.Time = nil
if t.Expires != nil {
v := time.Unix(*t.Expires, 0)
expiration = &v
}
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
3 years ago
result[i] = &dtos.ApiKeyDTO{
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2 years ago
ID: t.ID,
Auth: Allow expiration of API keys (#17678) * Modify backend to allow expiration of API Keys * Add middleware test for expired api keys * Modify frontend to enable expiration of API Keys * Fix frontend tests * Fix migration and add index for `expires` field * Add api key tests for database access * Substitude time.Now() by a mock for test usage * Front-end modifications * Change input label to `Time to live` * Change input behavior to comply with the other similar * Add tooltip * Modify AddApiKey api call response Expiration should be *time.Time instead of string * Present expiration date in the selected timezone * Use kbn for transforming intervals to seconds * Use `assert` library for tests * Frontend fixes Add checks for empty/undefined/null values * Change expires column from datetime to integer * Restrict api key duration input It should be interval not number * AddApiKey must complain if SecondsToLive is negative * Declare ErrInvalidApiKeyExpiration * Move configuration to auth section * Update docs * Eliminate alias for models in modified files * Omit expiration from api response if empty * Eliminate Goconvey from test file * Fix test Do not sleep, use mocked timeNow() instead * Remove index for expires from api_key table The index should be anyway on both org_id and expires fields. However this commit eliminates completely the index for now since not many rows are expected to be in this table. * Use getTimeZone function * Minor change in api key listing The frontend should display a message instead of empty string if the key does not expire.
6 years ago
Name: t.Name,
Role: t.Role,
Expiration: expiration,
API keys: Add last_used_at and docs changes for migration (#64293) * feat: last_used_at for apikeys * add: docs and copy changes * refactor: use br correctly * remove docs * removed more docs
2 years ago
LastUsedAt: t.LastUsedAt,
API token -> API key rename
11 years ago
}
}
Refactoring some api handlers to use the new Response return object
10 years ago
UniStore: Evaluate Folder DTO attributes (#93968) * UniStore: Evaluate Folder DTO attributes * Handle AccessControl * Reduce the number of parameters to newToFolderDto * Detach Metadata helpers from HTTPServer * Add tests --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
9 months ago
metadata := getMultiAccessControlMetadata(c, "apikeys:id", ids)
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
3 years ago
if len(metadata) > 0 {
for _, key := range result {
Rename Id to ID for annotation models (#62886) * Rename Id to ID for annotation models * Add xorm tags * Rename Id to ID for API key models * Add xorm tags
2 years ago
key.AccessControl = metadata[strconv.FormatInt(key.ID, 10)]
Access control: Pass access control metadata for api keys (#48445) * Move ApiKeyDTO to dtos package * Add access control filter to api keys * pass user in GetApiKeysQuery * Add api key metadata to DTO * Remove scope all requirement from get api keys endpoint * Handle api key access control metadata in frondend
3 years ago
}
}
fix status code 200 (#47818)
3 years ago
return response.JSON(http.StatusOK, result)
API token -> API key rename
11 years ago
}
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// swagger:route DELETE /auth/keys/{id} api_keys deleteAPIkey
//
// Delete API key.
//
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2 years ago
// Deletes an API key.
IAM docs: Transform `API keys` to `Migrate API keys` docs (#92380) * IAM docs: Transform `API keys` to `Migrate API keys` docs * Update links to `API keys` in other doc pages * Grafana UI: update help button link * Update OpenAPI/Swagger links * Update docs/sources/administration/service-accounts/migrate-api-keys.md Co-authored-by: Jack Baldry <jack.baldry@grafana.com> * Update `relref` links to the new URL * fix space before em dash spaces before or after em dashes are not recommended (https://developers.google.com/style/dashes) --------- Co-authored-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
10 months ago
// Deprecated. See: https://grafana.com/docs/grafana/next/administration/service-accounts/migrate-api-keys/.
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2 years ago
//
// Deprecated: true
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// Responses:
// 200: okResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2 years ago
func (hs *HTTPServer) DeleteAPIKey(c *contextmodel.ReqContext) response.Response {
Remove Macaron ParamsInt64 function from code base (#43810) * draft commit * change all calls * Compilation errors
4 years ago
id, err := strconv.ParseInt(web.Params(c.Req)[":id"], 10, 64)
if err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
API token -> API key rename
11 years ago
CI: Bump golangci-lint to 2.0.2 (#103572)
3 months ago
cmd := &apikey.DeleteCommand{ID: id, OrgID: c.GetOrgID()}
Chore: split APIKey store (#52781) * move apikey store into a separate service * add apikey service to wire graph * fix linter * switch api to use apikey service * fix provideservice in tests * add apikey service test double * try different sql syntax * rolling back the dialect * trigger drone * trigger drone
3 years ago
err = hs.apiKeyService.DeleteApiKey(c.Req.Context(), cmd)
API token -> API key rename
11 years ago
if err != nil {
Return 404 when deleting non-existing API key (#33346) The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
4 years ago
var status int
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
3 years ago
if errors.Is(err, apikey.ErrNotFound) {
Grafana: Replace magic number with a constant variable in response status (#80132) * Chore: Replace response status with const var * Apply suggestions from code review Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com> * Add net/http import --------- Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
1 year ago
status = http.StatusNotFound
Return 404 when deleting non-existing API key (#33346) The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
4 years ago
} else {
Grafana: Replace magic number with a constant variable in response status (#80132) * Chore: Replace response status with const var * Apply suggestions from code review Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com> * Add net/http import --------- Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
1 year ago
status = http.StatusInternalServerError
Return 404 when deleting non-existing API key (#33346) The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
4 years ago
}
return response.Error(status, "Failed to delete API key", err)
API token -> API key rename
11 years ago
}
Chore: Moves common and response into separate packages (#30298) * Chore: moves common and response into separate packages * Chore: moves common and response into separate packages * Update pkg/api/utils/common.go Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: changes after PR comments * Chore: move wrap to routing package * Chore: move functions in common to response package * Chore: move functions in common to response package * Chore: formats imports Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
5 years ago
return response.Success("API key deleted")
API token -> API key rename
11 years ago
}
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// swagger:route POST /auth/keys api_keys addAPIkey
//
// Creates an API key.
//
Chore: fix formating for swagger definitions (#54993)
3 years ago
// Will return details of the created API key.
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
//
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2 years ago
// Deprecated: true
// Deprecated. Please use POST /api/serviceaccounts and POST /api/serviceaccounts/{id}/tokens
//
IAM docs: Transform `API keys` to `Migrate API keys` docs (#92380) * IAM docs: Transform `API keys` to `Migrate API keys` docs * Update links to `API keys` in other doc pages * Grafana UI: update help button link * Update OpenAPI/Swagger links * Update docs/sources/administration/service-accounts/migrate-api-keys.md Co-authored-by: Jack Baldry <jack.baldry@grafana.com> * Update `relref` links to the new URL * fix space before em dash spaces before or after em dashes are not recommended (https://developers.google.com/style/dashes) --------- Co-authored-by: Jack Baldry <jack.baldry@grafana.com> Co-authored-by: Irene Rodriguez <irene.rodriguez@grafana.com>
10 months ago
// see: https://grafana.com/docs/grafana/next/administration/service-accounts/migrate-api-keys/.
API keys: Add deprecation to api keys (#65948) * add: deprecation to api keys write path * boolean w. meessage * add read and delete endpoints * better description of deprecation * updated with puncutations
2 years ago
//
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// Responses:
API keys: Return 410 Gone status from POST /auth/keys endpoint (#92965) * return 410 Gone status from POST /auth/keys endpoint * generate swagger * remove postAPIkeyResponse * re-generate swagger * remove docs for api key creation endpoint
10 months ago
// 410: goneError
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports
2 years ago
func (hs *HTTPServer) AddAPIKey(c *contextmodel.ReqContext) response.Response {
API Keys: Removal & Redirect of Create endpoint (#92144) * API keys: redirecting of create endpont * update naming and using admonition * fmt * Apply suggestions from code review Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> --------- Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
10 months ago
hs.log.Warn("Obsolete and Permanently moved API endpoint called", "path", c.Req.URL.Path)
API token -> API key rename
11 years ago
API keys: Return 410 Gone status from POST /auth/keys endpoint (#92965) * return 410 Gone status from POST /auth/keys endpoint * generate swagger * remove postAPIkeyResponse * re-generate swagger * remove docs for api key creation endpoint
10 months ago
// Respond with a 410 Gone status code
return response.Error(
http.StatusGone,
"this endpoint has been removed, please use POST /api/serviceaccounts and POST /api/serviceaccounts/{id}/tokens instead",
nil,
)
API token -> API key rename
11 years ago
}
Chore: Move swagger definitions to the handlers (#52643)
3 years ago
// swagger:parameters getAPIkeys
type GetAPIkeysParams struct {
// Show expired keys
// in:query
// required:false
// default:false
IncludeExpired bool `json:"includeExpired"`
}
// swagger:parameters deleteAPIkey
type DeleteAPIkeyParams struct {
// in:path
// required:true
ID int64 `json:"id"`
}
// swagger:response getAPIkeyResponse
type GetAPIkeyResponse struct {
// The response message
// in: body
Body []*dtos.ApiKeyDTO `json:"body"`
}