[
https://issues.apache.org/jira/browse/KNOX-3120?focusedWorklogId=965133&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-965133
]
ASF GitHub Bot logged work on KNOX-3120:
----------------------------------------
Author: ASF GitHub Bot
Created on: 08/Apr/25 00:13
Start Date: 08/Apr/25 00:13
Worklog Time Spent: 10m
Work Description: lmccay opened a new pull request, #1019:
URL: https://github.com/apache/knox/pull/1019
## What changes were proposed in this pull request?
Similar to [KNOX-3112](https://issues.apache.org/jira/browse/KNOX-3112)
which added an API for CLIENTID for acquiring client credentials flow CLIENT_ID
and CLIENT_SECRET we should add a specialized extension of KNOXTOKEN for an
APIKEY API.
The intent here is to add an API that both frees up KNOXTOKEN to be deployed
within the same topology for known token exchange patterns as well as to codify
the conventions that are being used by some that are using the passcode token
as an API Key.
We will make appropriate configuration and metadata defaults within the API
implementation to reduce operations and config requirements and to return a
translated response with the passcode as an
{api_key: xxxx}
or some similar response that meets standard or defacto standard
expectations.
## How was this patch tested?
Added new unit tests and ran all existing and new tests.
Tested manually:
```
curl -ivku admin:admin-password -X POST
"https://localhost:8443/gateway/sandbox/apikey/api/v1/auth/key";
* Connection #0 to host localhost left intact
{"key_id":"d859cf22-007c-40d6-832c-8ddf068f3606","api_key":"WkRnMU9XTm1Nakl0T....1tTXRPR1JrWmpBMk9HWXpOakEyOjpPV1l6WVRFM05tRXRORFpqWVMwME5HUmtMV0pr....Nek15T0dWa1pHUm0="}
```
Issue Time Tracking
-------------------
Worklog Id: (was: 965133)
Remaining Estimate: 0h
Time Spent: 10m
> Add a specialized use API for API KEY based on KNOXTOKEN API
> ------------------------------------------------------------
>
> Key: KNOX-3120
> URL: https://issues.apache.org/jira/browse/KNOX-3120
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Reporter: Larry McCay
> Assignee: Larry McCay
> Priority: Major
> Fix For: 2.2.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Similar to KNOX-3112 which added an API for CLIENTID for acquiring client
> credentials flow CLIENT_ID and CLIENT_SECRET we should add a specialized
> extension of KNOXTOKEN for an APIKEY API.
> The intent here is to add an API that both frees up KNOXTOKEN to be deployed
> within the same topology for known token exchange patterns as well as to
> codify the conventions that are being used by some that are using the
> passcode token as an API Key.
> We will make appropriate configuration and metadata defaults within the API
> implementation to reduce operations and config requirements and to return a
> translated response with the passcode as an {api_key: xxxx} or some similar
> response that meets standard or defacto standard expectations.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
