IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

API keys: Return 410 Gone status from POST /auth/keys endpoint (#92965)

Browse Source 
* return 410 Gone status from POST /auth/keys endpoint

* generate swagger

* remove postAPIkeyResponse

* re-generate swagger

* remove docs for api key creation endpoint
This commit is contained in:
Mihai Doarna 2024-09-05 13:10:24 +03:00 committed by GitHub
parent de5bbd2539
commit ebd17adecf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 40 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
docs/sources/developers/http_api/auth.md
View File

@ -89,47 +89,13 @@ Endpoint is obsolete and has been moved to [Grafana service account API]({{< rel
`POST /api/auth/keys`
**Required permissions**
See note in the [introduction]({{< ref "#authentication-api" >}}) for an explanation.
| Action | Scope |
| ---------------- | ----- |
| `apikeys:create` | n/a |
**Example Request**:
```http
POST /api/auth/keys HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
{
"name": "mykey",
"role": "Admin",
"secondsToLive": 86400
}
```
JSON Body schema:
- **name** The key name
- **role** Sets the access level/Grafana Role for the key. Can be one of the following values: `None`, `Viewer`, `Editor` or `Admin`.
- **secondsToLive** Sets the key expiration in seconds. It is optional. If it is a positive number an expiration date for the key is set. If it is null, zero or is omitted completely (unless `api_key_max_seconds_to_live` configuration option is set) the key will never expire.
Error statuses:
- **400** `api_key_max_seconds_to_live` is set but no `secondsToLive` is specified or `secondsToLive` is greater than this value.
- **500** The key was unable to be stored in the database.
**Example Response**:
```http
HTTP/1.1 301
HTTP/1.1 410
Content-Type: application/json
""
{"message":"this endpoint has been removed, please use POST /api/serviceaccounts and POST /api/serviceaccounts/{id}/tokens instead"}
```
## Delete API Key

20
pkg/api/apikey.go
View File

@ -113,15 +113,16 @@ func (hs *HTTPServer) DeleteAPIKey(c *contextmodel.ReqContext) response.Response
// see: https://grafana.com/docs/grafana/next/administration/service-accounts/migrate-api-keys/.
//
// Responses:
// 301: statusMovedPermanently
// 410: goneError
func (hs *HTTPServer) AddAPIKey(c *contextmodel.ReqContext) response.Response {
// Set the Location header to the new URL
hs.log.Warn("Obsolete and Permanently moved API endpoint called", "path", c.Req.URL.Path)
c.Context.Resp.Header().Set("Location", "/api/serviceaccounts/tokens")
// Respond with a 301 Moved Permanently status code
// the Location header is enough for clients to know where to go next.
return response.JSON(http.StatusMovedPermanently, nil)
// Respond with a 410 Gone status code
return response.Error(
http.StatusGone,
"this endpoint has been removed, please use POST /api/serviceaccounts and POST /api/serviceaccounts/{id}/tokens instead",
nil,
)
}
// swagger:parameters getAPIkeys
@ -146,10 +147,3 @@ type GetAPIkeyResponse struct {
// in: body
Body []*dtos.ApiKeyDTO `json:"body"`
}
// swagger:response postAPIkeyResponse
type PostAPIkeyResponse struct {
// The response message
// in: body
Body dtos.NewApiKeyResult `json:"body"`
}

5
pkg/api/swagger_responses.go
View File

@ -77,6 +77,11 @@ type InternalServerError GenericError
// swagger:response unauthorisedError
type UnauthorizedError GenericError
// GoneError is returned when the requested endpoint was removed.
//
// swagger:response goneError
type GoneError GenericError
// AcceptedResponse
//
// swagger:response acceptedResponse

12
public/api-enterprise-spec.json
View File

@ -9439,6 +9439,12 @@
}
}
},
"goneError": {
"description": "GoneError is returned when the requested endpoint was removed.",
"schema": {
"$ref": "#/definitions/ErrorResponseBody"
}
},
"helpFlagResponse": {
"description": "",
"schema": {
@ -9623,12 +9629,6 @@
"$ref": "#/definitions/SuccessResponseBody"
}
},
"postAPIkeyResponse": {
"description": "",
"schema": {
"$ref": "#/definitions/NewApiKeyResult"
}
},
"postAnnotationResponse": {
"description": "",
"schema": {

16
public/api-merged.json
View File

@ -2226,8 +2226,8 @@
"operationId": "addAPIkey",
"deprecated": true,
"responses": {
"301": {
"$ref": "#/responses/statusMovedPermanently"
"410": {
"$ref": "#/responses/goneError"
}
}
}
@ -23806,6 +23806,12 @@
}
}
},
"goneError": {
"description": "GoneError is returned when the requested endpoint was removed.",
"schema": {
"$ref": "#/definitions/ErrorResponseBody"
}
},
"helpFlagResponse": {
"description": "(empty)",
"schema": {
@ -23990,12 +23996,6 @@
"$ref": "#/definitions/SuccessResponseBody"
}
},
"postAPIkeyResponse": {
"description": "(empty)",
"schema": {
"$ref": "#/definitions/NewApiKeyResult"
}
},
"postAnnotationResponse": {
"description": "(empty)",
"schema": {

24
public/openapi3.json
View File

@ -1372,6 +1372,16 @@
},
"description": "(empty)"
},
"goneError": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ErrorResponseBody"
}
}
},
"description": "GoneError is returned when the requested endpoint was removed."
},
"helpFlagResponse": {
"content": {
"application/json": {
@ -1628,16 +1638,6 @@
},
"description": "An OKResponse is returned if the request was successful."
},
"postAPIkeyResponse": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/NewApiKeyResult"
}
}
},
"description": "(empty)"
},
"postAnnotationResponse": {
"content": {
"application/json": {
@ -15392,8 +15392,8 @@
"description": "Will return details of the created API key.",
"operationId": "addAPIkey",
"responses": {
"301": {
"$ref": "#/components/responses/statusMovedPermanently"
"410": {
"$ref": "#/components/responses/goneError"
}
},
"summary": "Creates an API key.",