This is an automated email from the ASF dual-hosted git repository.
klesh pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-devlake.git
The following commit(s) were added to refs/heads/main by this push:
new bd9de62bb Feat support api key, update nginx conf, fix some bugs
(#5795)
bd9de62bb is described below
commit bd9de62bb84b0d42a7f00954a09f2bcd0750801a
Author: Linwei <[email protected]>
AuthorDate: Thu Aug 3 16:53:42 2023 +0800
Feat support api key, update nginx conf, fix some bugs (#5795)
* feat(api-keys): remove basic auth for path `/api/rest` in nginx conf
* feat(api-keys): fix webhook's API
* feat(api-keys): remove unnecessary path trim operation
---
backend/core/models/api_key.go | 2 +-
backend/core/models/common/base.go | 2 +-
backend/helpers/apikeyhelper/apikeyhelper.go | 2 +-
backend/plugins/webhook/impl/impl.go | 6 +++---
backend/server/api/middlewares.go | 10 ++++------
config-ui/nginx.conf | 11 +++++++++++
6 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/backend/core/models/api_key.go b/backend/core/models/api_key.go
index c567c4826..4ef12c5ed 100644
--- a/backend/core/models/api_key.go
+++ b/backend/core/models/api_key.go
@@ -43,7 +43,7 @@ type ApiInputApiKey struct {
Name string `json:"name" validate:"required,max=255"`
Type string `json:"type" validate:"required"`
AllowedPath string `json:"allowedPath" validate:"required"`
- ExpiredAt *time.Time `json:"expiredAt" validate:"required"`
+ ExpiredAt *time.Time `json:"expiredAt" `
}
type ApiOutputApiKey = ApiKey
diff --git a/backend/core/models/common/base.go
b/backend/core/models/common/base.go
index f2165d8dd..296b637b7 100644
--- a/backend/core/models/common/base.go
+++ b/backend/core/models/common/base.go
@@ -44,7 +44,7 @@ type Creator struct {
type Updater struct {
Updater string `json:"updater"`
- UpdaterEmail string `json:"updater_email"`
+ UpdaterEmail string `json:"updaterEmail"`
}
type ScopeConfig struct {
diff --git a/backend/helpers/apikeyhelper/apikeyhelper.go
b/backend/helpers/apikeyhelper/apikeyhelper.go
index 53b9fcde5..81968796d 100644
--- a/backend/helpers/apikeyhelper/apikeyhelper.go
+++ b/backend/helpers/apikeyhelper/apikeyhelper.go
@@ -106,7 +106,7 @@ func (c *ApiKeyHelper) Create(tx dal.Transaction, user
*common.User, name string
}
func (c *ApiKeyHelper) CreateForPlugin(tx dal.Transaction, user *common.User,
name string, pluginName string, allowedPath string, extra string)
(*models.ApiKey, errors.Error) {
- return c.Create(tx, user, name, nil, fmt.Sprintf("plugin:%s",
pluginName), allowedPath, extra)
+ return c.Create(tx, user, name, nil, allowedPath,
fmt.Sprintf("plugin:%s", pluginName), extra)
}
func (c *ApiKeyHelper) Put(user *common.User, id uint64) (*models.ApiKey,
errors.Error) {
diff --git a/backend/plugins/webhook/impl/impl.go
b/backend/plugins/webhook/impl/impl.go
index 5079db77e..ddc0b5095 100644
--- a/backend/plugins/webhook/impl/impl.go
+++ b/backend/plugins/webhook/impl/impl.go
@@ -82,13 +82,13 @@ func (p Webhook) ApiResources()
map[string]map[string]plugin.ApiResourceHandler
"PATCH": api.PatchConnection,
"DELETE": api.DeleteConnection,
},
- ":connectionId/deployments": {
+ "connections/:connectionId/deployments": {
"POST": api.PostDeploymentCicdTask,
},
- ":connectionId/issues": {
+ "connections/:connectionId/issues": {
"POST": api.PostIssue,
},
- ":connectionId/issue/:issueKey/close": {
+ "connections/:connectionId/issue/:issueKey/close": {
"POST": api.CloseIssue,
},
}
diff --git a/backend/server/api/middlewares.go
b/backend/server/api/middlewares.go
index 7145691f1..554fd8c42 100644
--- a/backend/server/api/middlewares.go
+++ b/backend/server/api/middlewares.go
@@ -82,7 +82,7 @@ func OAuth2ProxyAuthentication(basicRes context.BasicRes)
gin.HandlerFunc {
// fetch with basic auth header
user, err = getBasicAuthUserInfo(c)
if err != nil {
- logger.Error(err,
"getBasicAuthUserInfo")
+ logger.Warn(err, "getBasicAuthUserInfo")
}
}
if user != nil && user.Name != "" {
@@ -106,13 +106,13 @@ func RestAuthentication(router *gin.Engine, basicRes
context.BasicRes) gin.Handl
apiKeyHelper := apikeyhelper.NewApiKeyHelper(basicRes, logger)
return func(c *gin.Context) {
path := c.Request.URL.Path
- path = strings.TrimPrefix(path, "/api")
// Only open api needs to check api key
if !strings.HasPrefix(path, "/rest") {
logger.Info("path %s will continue", path)
c.Next()
return
}
+ path = strings.TrimPrefix(path, "/rest")
authHeader := c.GetHeader("Authorization")
if authHeader == "" {
@@ -188,10 +188,8 @@ func RestAuthentication(router *gin.Engine, basicRes
context.BasicRes) gin.Handl
return
}
- if strings.HasPrefix(path, "/rest") {
- logger.Info("redirect path: %s to: %s", path,
strings.TrimPrefix(path, "/rest"))
- c.Request.URL.Path = strings.TrimPrefix(path, "/rest")
- }
+ logger.Info("redirect path: %s to: %s", c.Request.URL.Path,
path)
+ c.Request.URL.Path = path
c.Set(common.USER, &common.User{
Name: apiKey.Creator.Creator,
Email: apiKey.Creator.CreatorEmail,
diff --git a/config-ui/nginx.conf b/config-ui/nginx.conf
index eaf78b087..8f1755a2a 100644
--- a/config-ui/nginx.conf
+++ b/config-ui/nginx.conf
@@ -21,6 +21,17 @@ ${SERVER_CONF}
proxy_pass ${DEVLAKE_ENDPOINT_PROTO}://$target;
}
+ location /api/rest/ {
+ auth_basic off;
+ resolver ${DNS} valid=${DNS_VALID};
+ resolver_timeout 3s;
+ set $target "${DEVLAKE_ENDPOINT}";
+ rewrite /api/(.*) /$1 break;
+ proxy_send_timeout 60s;
+ proxy_read_timeout 60s;
+ proxy_pass ${DEVLAKE_ENDPOINT_PROTO}://$target;
+ }
+
location /grafana/ {
set $external "${USE_EXTERNAL_GRAFANA}";
if ($external = "true") {
