Page MenuHomeVyOS Platform
Create Task
Maniphest T5772

Require HTTPS API server configurations to include at least one key if key-based auth is used
Closed, ResolvedPublic
Actions

Description

Right now it's possible to commit an HTTPS API server configuration without any API keys, even if GraphQL is not configured or its auth type is explicitly set to key. Such configurations are logically useless and should not be allowed.

Details

Version
-
Is it a breaking change?
Stricter validation

Related Objects

Mentioned In
rVYOSONEX7bd604790116: Revert "https api: T5772: fix Python version not supporting f-ormated strings…
rVYOSONEXf67173b41e4b: Revert "https api: T5772: check if keys are configured unless PAM auth is…
rVYOSONEXcc2872fc3eca: https: T5772: require that at least one API key is present
rVYOSONEXf83fc70fb24f: https: T5772: remove the default API key
rVYOSONEX5d6515765efa: https: T5772: return from verify if HTTPS API is not configured
rVYOSONEXdf9bbe008b3b: Merge pull request #2571 from dmbaturin/https-api-keys-fix-crux
rVYOSONEXa148b81659af: Revert "https api: T5772: check if keys are configured"
rVYOSONEX976c800c4ba5: https: T5772: require that at least one valid API key is present
rVYOSONEX7c6de7922793: https: T5772: return from verify if None
rVYOSONEX5d42ac22b2dd: Merge pull request #2570 from dmbaturin/https-api-keys-fix
rVYOSONEXad72670a1f74: https: T5772: remove the default API key
rVYOSONEXfc76d8f78348: Merge pull request #2553 from dmbaturin/T5772
rVYOSONEXe7efd65483e7: https api: T5772: fix Python version not supporting f-ormated strings and dict…
rVYOSONEXa29aba5d92ad: Merge pull request #2538 from c-po/crux-pr-2522-fixup
rVYOSONEXe942d0d1dde2: Merge pull request #2531 from vyos/mergify/bp/equuleus/pr-2522
rVYOSONEX1b7e8f9ff7a8: https api: T5772: check if keys are configured unless PAM auth is enabled for…
rVYOSONEXa54fe17d7e2b: Merge pull request #2535 from c-po/crux-pr-2522
rVYOSONEX1ba7d4e3e91b: https api: T5772: check if keys are configured
rVYOSONEX11d531ece3e0: Merge pull request #2534 from c-po/backport-pr-2522
rVYOSONEX57ba2fa91573: https api: T5772: check if keys are configured
rVYOSONEX58c50db26158: https api: T5772: check if keys are configured
rVYOSONEXca9c77af975e: https api: T5772: check if keys are configured
rVYOSONEX78d4a8268792: https api: T5772: check if keys are configured
rVYOSONEX8c450ea7f538: https api: T5772: check if keys are configured
rVYOSONEXc1e170c88cd2: Merge pull request #2522 from dmbaturin/require-api-keys

Event Timeline

dmbaturin created this task.Nov 22 2023, 12:26 AM
pasik subscribed.Nov 22 2023, 7:05 AM
Restricted Repository Identity mentioned this in rVYOSONEXc1e170c88cd2: Merge pull request #2522 from dmbaturin/require-api-keys.Nov 22 2023, 3:07 PM
dmbaturin mentioned this in rVYOSONEX8c450ea7f538: https api: T5772: check if keys are configured.Nov 22 2023, 3:07 PM
Restricted Repository Identity mentioned this in rVYOSONEX78d4a8268792: https api: T5772: check if keys are configured.Nov 22 2023, 3:08 PM
Restricted Repository Identity mentioned this in rVYOSONEXca9c77af975e: https api: T5772: check if keys are configured.
c-po mentioned this in rVYOSONEX58c50db26158: https api: T5772: check if keys are configured.Nov 23 2023, 10:17 AM
c-po mentioned this in rVYOSONEX57ba2fa91573: https api: T5772: check if keys are configured.Nov 23 2023, 10:25 AM
Restricted Repository Identity mentioned this in rVYOSONEX11d531ece3e0: Merge pull request #2534 from c-po/backport-pr-2522.Nov 23 2023, 12:44 PM
c-po mentioned this in rVYOSONEX1ba7d4e3e91b: https api: T5772: check if keys are configured.Nov 23 2023, 12:44 PM
Restricted Repository Identity mentioned this in rVYOSONEXa54fe17d7e2b: Merge pull request #2535 from c-po/crux-pr-2522.Nov 23 2023, 12:48 PM
c-po mentioned this in rVYOSONEX1b7e8f9ff7a8: https api: T5772: check if keys are configured unless PAM auth is enabled for….Nov 23 2023, 12:48 PM
Restricted Repository Identity mentioned this in rVYOSONEXe942d0d1dde2: Merge pull request #2531 from vyos/mergify/bp/equuleus/pr-2522.Nov 23 2023, 12:49 PM
Restricted Repository Identity mentioned this in rVYOSONEXa29aba5d92ad: Merge pull request #2538 from c-po/crux-pr-2522-fixup.Nov 29 2023, 3:04 PM
c-po mentioned this in rVYOSONEXe7efd65483e7: https api: T5772: fix Python version not supporting f-ormated strings and dict….Nov 29 2023, 3:04 PM
Restricted Repository Identity mentioned this in rVYOSONEXfc76d8f78348: Merge pull request #2553 from dmbaturin/T5772.Nov 30 2023, 3:19 PM
dmbaturin mentioned this in rVYOSONEXad72670a1f74: https: T5772: remove the default API key.Nov 30 2023, 3:19 PM
Restricted Repository Identity mentioned this in rVYOSONEX5d42ac22b2dd: Merge pull request #2570 from dmbaturin/https-api-keys-fix.Dec 4 2023, 6:09 PM
dmbaturin mentioned this in rVYOSONEX7c6de7922793: https: T5772: return from verify if None.Dec 4 2023, 6:09 PM
dmbaturin mentioned this in rVYOSONEX976c800c4ba5: https: T5772: require that at least one valid API key is present.
dmbaturin mentioned this in rVYOSONEXa148b81659af: Revert "https api: T5772: check if keys are configured".
Restricted Repository Identity mentioned this in rVYOSONEXdf9bbe008b3b: Merge pull request #2571 from dmbaturin/https-api-keys-fix-crux.Dec 5 2023, 10:35 AM
dmbaturin mentioned this in rVYOSONEX5d6515765efa: https: T5772: return from verify if HTTPS API is not configured.Dec 5 2023, 10:35 AM
dmbaturin mentioned this in rVYOSONEXf83fc70fb24f: https: T5772: remove the default API key.
dmbaturin mentioned this in rVYOSONEXcc2872fc3eca: https: T5772: require that at least one API key is present.
dmbaturin mentioned this in rVYOSONEXf67173b41e4b: Revert "https api: T5772: check if keys are configured unless PAM auth is….
dmbaturin mentioned this in rVYOSONEX7bd604790116: Revert "https api: T5772: fix Python version not supporting f-ormated strings….
Viacheslav changed the task status from Open to Needs testing.Dec 5 2023, 10:37 AM
dmbaturin closed this task as Resolved.Apr 12 2024, 2:17 PM
dmbaturin edited projects, added VyOS 1.4 Sagitta (1.4.0-epa2); removed VyOS 1.4 Sagitta.