From 8bca5cd13e896a03246ac7098dcb6b6389c94f0a Mon Sep 17 00:00:00 2001 From: shimon Date: Tue, 31 May 2022 18:41:12 +0300 Subject: [PATCH 01/14] api keys --- app/config/collections.php | 13 ++++++++- app/controllers/api/projects.php | 9 ++++-- app/controllers/general.php | 12 +++++++- src/Appwrite/Extend/Exception.php | 3 +- src/Appwrite/Utopia/Response/Model/Key.php | 6 ++++ .../Projects/ProjectsConsoleClientTest.php | 29 ++++++++++++++++++- 6 files changed, 66 insertions(+), 6 deletions(-) diff --git a/app/config/collections.php b/app/config/collections.php index 0e2a558210..36a82c0033 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -800,7 +800,7 @@ $collections = [ 'size' => Database::LENGTH_KEY, 'signed' => true, 'required' => false, - 'default' => null, + 'default' => 0, 'array' => false, 'filters' => [], ], @@ -837,6 +837,17 @@ $collections = [ 'array' => false, 'filters' => ['encrypt'], ], + [ + '$id' => 'expire', + 'type' => Database::VAR_INTEGER, + 'format' => '', + 'size' => 0, + 'signed' => false, + 'required' => false, + 'default' => null, + 'array' => false, + 'filters' => [], + ], ], 'indexes' => [ [ diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 7e730513f7..c710118376 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -26,6 +26,7 @@ use Appwrite\Extend\Exception; use Utopia\Validator\ArrayList; use Utopia\Validator\Boolean; use Utopia\Validator\Hostname; +use Utopia\Validator\Integer; use Utopia\Validator\Range; use Utopia\Validator\Text; use Utopia\Validator\WhiteList; @@ -777,9 +778,10 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') + ->param('expire', 0, new Integer() , 'Key expiration time') ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $name, array $scopes, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); @@ -794,6 +796,7 @@ App::post('/v1/projects/:projectId/keys') 'projectId' => $project->getId(), 'name' => $name, 'scopes' => $scopes, + 'expire' => $expire, 'secret' => \bin2hex(\random_bytes(128)), ]); @@ -884,9 +887,10 @@ App::put('/v1/projects/:projectId/keys/:keyId') ->param('keyId', null, new UID(), 'Key unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.') + ->param('expire', 0, new Integer() , 'Key expiration time') ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $keyId, string $name, array $scopes, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $keyId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); @@ -906,6 +910,7 @@ App::put('/v1/projects/:projectId/keys/:keyId') $key ->setAttribute('name', $name) ->setAttribute('scopes', $scopes) + ->setAttribute('expire', $expire) ; $dbForConsole->updateDocument('keys', $key->getId(), $key); diff --git a/app/controllers/general.php b/app/controllers/general.php index 8cd4553e33..962eec9781 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -45,6 +45,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $dbForCons /* * Request format */ + $route = $utopia->match($request); Request::setRoute($route); @@ -265,11 +266,14 @@ App::init(function ($utopia, $request, $response, $console, $project, $dbForCons if (!empty($authKey)) { // API Key authentication // Check if given key match project API keys $key = $project->find('secret', $authKey, 'keys'); - + var_dump($project->getAttribute('keys')); + var_dump($authKey); + var_dump($key); /* * Try app auth when we have project key and no user * Mock user to app and grant API key scopes in addition to default app scopes */ + if ($key && $user->isEmpty()) { $user = new Document([ '$id' => '', @@ -282,6 +286,12 @@ App::init(function ($utopia, $request, $response, $console, $project, $dbForCons $role = Auth::USER_ROLE_APP; $scopes = \array_merge($roles[$role]['scopes'], $key->getAttribute('scopes', [])); + + //$expire = $key->getAttribute('expire', 0); + // if($expire !== 0 && $expire < \time()){ + //throw new Exception('Project key expired', 401, Exception:: PROJECT_KEY_EXPIRED); + //} + Authorization::setRole('role:'.Auth::USER_ROLE_APP); Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys. } diff --git a/src/Appwrite/Extend/Exception.php b/src/Appwrite/Extend/Exception.php index 95c51ed991..96885ab73e 100644 --- a/src/Appwrite/Extend/Exception.php +++ b/src/Appwrite/Extend/Exception.php @@ -46,7 +46,7 @@ class Exception extends \Exception const GENERAL_ROUTE_NOT_FOUND = 'general_route_not_found'; const GENERAL_CURSOR_NOT_FOUND = 'general_cursor_not_found'; const GENERAL_SERVER_ERROR = 'general_server_error'; - const GENERAL_PROTOCOL_UNSUPPORTED = 'general_protocol_unsupported'; + const GENERAL_PROTOCOL_UNSUPPORTED = 'general_protocol_unsupported'; /** Users */ const USER_COUNT_EXCEEDED = 'user_count_exceeded'; @@ -147,6 +147,7 @@ class Exception extends \Exception const PROJECT_INVALID_FAILURE_URL = 'project_invalid_failure_url'; const PROJECT_MISSING_USER_ID = 'project_missing_user_id'; const PROJECT_RESERVED_PROJECT = 'project_reserved_project'; + const PROJECT_KEY_EXPIRED = 'project_key_expired'; /** Webhooks */ const WEBHOOK_NOT_FOUND = 'webhook_not_found'; diff --git a/src/Appwrite/Utopia/Response/Model/Key.php b/src/Appwrite/Utopia/Response/Model/Key.php index c01136d24f..a399309281 100644 --- a/src/Appwrite/Utopia/Response/Model/Key.php +++ b/src/Appwrite/Utopia/Response/Model/Key.php @@ -27,6 +27,12 @@ class Key extends Model 'default' => '', 'example' => 'My API Key', ]) + ->addRule('expire', [ + 'type' => self::TYPE_INTEGER, + 'description' => 'Key expiration .', + 'default' => 0, + 'example' => '1653990687', + ]) ->addRule('scopes', [ 'type' => self::TYPE_STRING, 'description' => 'Allowed permission scopes.', diff --git a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php index 1154515648..cebb0da73d 100644 --- a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php +++ b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php @@ -1055,6 +1055,7 @@ class ProjectsConsoleClientTest extends Scope ], $this->getHeaders()), [ 'name' => 'Key Test', 'scopes' => ['teams.read', 'teams.write'], + 'expire' => time()-3600, ]); $this->assertEquals(201, $response['headers']['status-code']); @@ -1064,7 +1065,10 @@ class ProjectsConsoleClientTest extends Scope $this->assertContains('teams.write', $response['body']['scopes']); $this->assertNotEmpty($response['body']['secret']); - $data = array_merge($data, ['keyId' => $response['body']['$id']]); + $data = array_merge($data, [ + 'keyId' => $response['body']['$id'], + 'secret' => $response['body']['secret'] + ]); /** * Test for FAILURE @@ -1082,6 +1086,7 @@ class ProjectsConsoleClientTest extends Scope return $data; } + /** * @depends testCreateProjectKey */ @@ -1104,6 +1109,7 @@ class ProjectsConsoleClientTest extends Scope return $data; } + /** * @depends testCreateProjectKey */ @@ -1139,6 +1145,26 @@ class ProjectsConsoleClientTest extends Scope return $data; } + /** + * @depends testCreateProjectKey + */ + public function testValidateProjectKey($data): void + { + $id = $data['projectId'] ?? ''; + $secret = $data['secret'] ?? ''; + + $response = $this->client->call(Client::METHOD_GET, '/projects/' . $id , array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $secret + ], $this->getHeaders()), []); + + //var_dump($id); + //var_dump($secret); + exit; + } + + /** * @depends testCreateProjectKey */ @@ -1153,6 +1179,7 @@ class ProjectsConsoleClientTest extends Scope ], $this->getHeaders()), [ 'name' => 'Key Test Update', 'scopes' => ['users.read', 'users.write', 'collections.read'], + 'expire' => time()+360, ]); $this->assertEquals(200, $response['headers']['status-code']); From 540738101f8595c5a3dfaac23d1e705cf1490741 Mon Sep 17 00:00:00 2001 From: Torsten Dittmann Date: Wed, 1 Jun 2022 00:09:23 +0200 Subject: [PATCH 02/14] fix: error type --- app/controllers/general.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/controllers/general.php b/app/controllers/general.php index ca3cde5ea8..84d158714b 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -12,7 +12,6 @@ use Appwrite\Utopia\Response; use Appwrite\Utopia\View; use Appwrite\Extend\Exception as AppwriteException; use Utopia\Config\Config; -use Utopia\Exception as UtopiaException; use Utopia\Domains\Domain; use Appwrite\Auth\Auth; use Appwrite\Event\Certificate; @@ -333,7 +332,7 @@ App::options(function (Request $request, Response $response) { ->noContent(); }, ['request', 'response']); -App::error(function (AppwriteException|UtopiaException $error, App $utopia, Request $request, Response $response, View $layout, Document $project, ?Logger $logger, array $loggerBreadcrumbs) { +App::error(function (Throwable $error, App $utopia, Request $request, Response $response, View $layout, Document $project, ?Logger $logger, array $loggerBreadcrumbs) { $version = App::getEnv('_APP_VERSION', 'UNKNOWN'); $route = $utopia->match($request); From 801327651522b126a41680c91822986ad3052de8 Mon Sep 17 00:00:00 2001 From: shimon Date: Wed, 1 Jun 2022 09:26:55 +0300 Subject: [PATCH 03/14] api keys, validation and test --- app/controllers/general.php | 12 ++-- .../Projects/ProjectsConsoleClientTest.php | 69 ++++++++++++++++--- 2 files changed, 65 insertions(+), 16 deletions(-) diff --git a/app/controllers/general.php b/app/controllers/general.php index 962eec9781..a66eb23464 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -266,9 +266,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $dbForCons if (!empty($authKey)) { // API Key authentication // Check if given key match project API keys $key = $project->find('secret', $authKey, 'keys'); - var_dump($project->getAttribute('keys')); - var_dump($authKey); - var_dump($key); + /* * Try app auth when we have project key and no user * Mock user to app and grant API key scopes in addition to default app scopes @@ -286,11 +284,11 @@ App::init(function ($utopia, $request, $response, $console, $project, $dbForCons $role = Auth::USER_ROLE_APP; $scopes = \array_merge($roles[$role]['scopes'], $key->getAttribute('scopes', [])); + $expire = $key->getAttribute('expire', 0); - //$expire = $key->getAttribute('expire', 0); - // if($expire !== 0 && $expire < \time()){ - //throw new Exception('Project key expired', 401, Exception:: PROJECT_KEY_EXPIRED); - //} + if($expire !== 0 && $expire < \time()){ + throw new Exception('Project key expired', 401, Exception:: PROJECT_KEY_EXPIRED); + } Authorization::setRole('role:'.Auth::USER_ROLE_APP); Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys. diff --git a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php index cebb0da73d..267e12cf50 100644 --- a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php +++ b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php @@ -1055,7 +1055,6 @@ class ProjectsConsoleClientTest extends Scope ], $this->getHeaders()), [ 'name' => 'Key Test', 'scopes' => ['teams.read', 'teams.write'], - 'expire' => time()-3600, ]); $this->assertEquals(201, $response['headers']['status-code']); @@ -1099,6 +1098,7 @@ class ProjectsConsoleClientTest extends Scope 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), []); + $this->assertEquals(200, $response['headers']['status-code']); $this->assertEquals(1, $response['body']['total']); @@ -1121,6 +1121,7 @@ class ProjectsConsoleClientTest extends Scope $response = $this->client->call(Client::METHOD_GET, '/projects/' . $id . '/keys/' . $keyId, array_merge([ 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $keyId ], $this->getHeaders()), []); $this->assertEquals(200, $response['headers']['status-code']); @@ -1146,22 +1147,72 @@ class ProjectsConsoleClientTest extends Scope } /** - * @depends testCreateProjectKey + * @depends testCreateProject */ public function testValidateProjectKey($data): void { $id = $data['projectId'] ?? ''; - $secret = $data['secret'] ?? ''; - $response = $this->client->call(Client::METHOD_GET, '/projects/' . $id , array_merge([ + /** + * Test for SUCCESS + */ + $response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/keys', array_merge([ 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], - 'x-appwrite-key' => $secret - ], $this->getHeaders()), []); + ], $this->getHeaders()), [ + 'name' => 'Key Test', + 'scopes' => ['health.read'], + 'expire' => time()+3600, + ]); + + $response = $this->client->call(Client::METHOD_GET, '/health' , [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $id, + 'x-appwrite-key' => $response['body']['secret'] + ], []); + + $this->assertEquals(200, $response['headers']['status-code']); + + /** + * Test for SUCCESS + */ + $response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/keys', array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], $this->getHeaders()), [ + 'name' => 'Key Test', + 'scopes' => ['health.read'], + 'expire' => 0, + ]); + + $response = $this->client->call(Client::METHOD_GET, '/health' , [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $id, + 'x-appwrite-key' => $response['body']['secret'] + ], []); + + $this->assertEquals(200, $response['headers']['status-code']); + + /** + * Test for FAILURE + */ + $response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/keys', array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], $this->getHeaders()), [ + 'name' => 'Key Test', + 'scopes' => ['health.read'], + 'expire' => time()-3600, + ]); + + $response = $this->client->call(Client::METHOD_GET, '/health' , [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $id, + 'x-appwrite-key' => $response['body']['secret'] + ], []); + + $this->assertEquals(401, $response['headers']['status-code']); - //var_dump($id); - //var_dump($secret); - exit; } From 1a28c3a909caa5e8369fe5100aa65ce8d506ec68 Mon Sep 17 00:00:00 2001 From: shimon Date: Wed, 1 Jun 2022 09:38:11 +0300 Subject: [PATCH 04/14] api keys, validation and test --- app/controllers/general.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/general.php b/app/controllers/general.php index 87932ecb52..afb254140b 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -282,7 +282,7 @@ App::init(function (App $utopia, Request $request, Response $response, Document $expire = $key->getAttribute('expire', 0); if($expire !== 0 && $expire < \time()){ - throw new AppwriteException('Project key expired', 401, Exception:: PROJECT_KEY_EXPIRED); + throw new AppwriteException('Project key expired', 401, AppwriteException:: PROJECT_KEY_EXPIRED); } Authorization::setRole('role:'.Auth::USER_ROLE_APP); From c31055f144d78f713edcb67e5d9bf5faaa725410 Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 12:55:35 +0300 Subject: [PATCH 05/14] Update app/controllers/api/projects.php Co-authored-by: Torsten Dittmann --- app/controllers/api/projects.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 8145cab3e2..fd562c2003 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -776,7 +776,7 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration time') + ->param('expire', 0, new Integer(), 'Key expiration time') ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { From 0d24ebd6f5ffc38caef4cf0b85d10e0178181715 Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 12:55:46 +0300 Subject: [PATCH 06/14] Update src/Appwrite/Utopia/Response/Model/Key.php Co-authored-by: Torsten Dittmann --- src/Appwrite/Utopia/Response/Model/Key.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Appwrite/Utopia/Response/Model/Key.php b/src/Appwrite/Utopia/Response/Model/Key.php index 48a0b5ac6c..85353cff35 100644 --- a/src/Appwrite/Utopia/Response/Model/Key.php +++ b/src/Appwrite/Utopia/Response/Model/Key.php @@ -29,7 +29,7 @@ class Key extends Model ]) ->addRule('expire', [ 'type' => self::TYPE_INTEGER, - 'description' => 'Key expiration .', + 'description' => 'Key expiration timestamp.', 'default' => 0, 'example' => '1653990687', ]) From e782e4744fc1ee1207f2c64849c7a3dc5801a390 Mon Sep 17 00:00:00 2001 From: shimon Date: Wed, 1 Jun 2022 13:09:53 +0300 Subject: [PATCH 07/14] small fix --- app/controllers/api/projects.php | 4 ++-- app/controllers/general.php | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 8145cab3e2..c26353832b 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -776,7 +776,7 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration time') + ->param('expire', null, new Integer() , 'Key expiration timestamp', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { @@ -885,7 +885,7 @@ App::put('/v1/projects/:projectId/keys/:keyId') ->param('keyId', null, new UID(), 'Key unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration time') + ->param('expire', 0, new Integer() , 'Key expiration timestamp' ,true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $keyId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { diff --git a/app/controllers/general.php b/app/controllers/general.php index afb254140b..f29a8d67ca 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -285,7 +285,6 @@ App::init(function (App $utopia, Request $request, Response $response, Document throw new AppwriteException('Project key expired', 401, AppwriteException:: PROJECT_KEY_EXPIRED); } - Authorization::setRole('role:'.Auth::USER_ROLE_APP); Authorization::setRole('role:' . Auth::USER_ROLE_APP); Authorization::setDefaultStatus(false); // Cancel security segmentation for API keys. } From 2d7bc4fb164de1dc25ba07bbe9f2011b66c9d881 Mon Sep 17 00:00:00 2001 From: shimon Date: Wed, 1 Jun 2022 14:31:03 +0300 Subject: [PATCH 08/14] small fix --- app/controllers/api/projects.php | 4 ++-- app/controllers/general.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 60e0b2b42e..e89016a494 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -779,7 +779,7 @@ App::post('/v1/projects/:projectId/keys') ->param('expire', null, new Integer() , 'Key expiration timestamp', true) ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $name, array $scopes, int|null $expire, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); @@ -888,7 +888,7 @@ App::put('/v1/projects/:projectId/keys/:keyId') ->param('expire', null, new Integer() , 'Key expiration timestamp', true) ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $keyId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $keyId, string $name, array $scopes, int|null $expire, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); diff --git a/app/controllers/general.php b/app/controllers/general.php index f29a8d67ca..690d0aca48 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -281,7 +281,7 @@ App::init(function (App $utopia, Request $request, Response $response, Document $expire = $key->getAttribute('expire', 0); - if($expire !== 0 && $expire < \time()){ + if(!empty($expire) && $expire < \time()){ throw new AppwriteException('Project key expired', 401, AppwriteException:: PROJECT_KEY_EXPIRED); } From cd5e6f2542677e558d95f1d01677a437cdd6998b Mon Sep 17 00:00:00 2001 From: shimon Date: Wed, 1 Jun 2022 15:36:04 +0300 Subject: [PATCH 09/14] small fix --- app/controllers/api/projects.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index e89016a494..86845f0dd3 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -776,10 +776,10 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') - ->param('expire', null, new Integer() , 'Key expiration timestamp', true) + ->param('expire', 0, new Integer() , 'Key expiration timestamp', true) ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $name, array $scopes, int|null $expire, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); @@ -885,10 +885,10 @@ App::put('/v1/projects/:projectId/keys/:keyId') ->param('keyId', null, new UID(), 'Key unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.') - ->param('expire', null, new Integer() , 'Key expiration timestamp', true) + ->param('expire', 0, new Integer() , 'Key expiration timestamp', true) ->inject('response') ->inject('dbForConsole') - ->action(function (string $projectId, string $keyId, string $name, array $scopes, int|null $expire, Response $response, Database $dbForConsole) { + ->action(function (string $projectId, string $keyId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { $project = $dbForConsole->getDocument('projects', $projectId); From 34a80d4b63ba939e765256a0b4a34724f7333076 Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 16:38:22 +0300 Subject: [PATCH 10/14] Update src/Appwrite/Utopia/Response/Model/Key.php Co-authored-by: Eldad A. Fux --- src/Appwrite/Utopia/Response/Model/Key.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Appwrite/Utopia/Response/Model/Key.php b/src/Appwrite/Utopia/Response/Model/Key.php index 85353cff35..ea553ea64b 100644 --- a/src/Appwrite/Utopia/Response/Model/Key.php +++ b/src/Appwrite/Utopia/Response/Model/Key.php @@ -29,7 +29,7 @@ class Key extends Model ]) ->addRule('expire', [ 'type' => self::TYPE_INTEGER, - 'description' => 'Key expiration timestamp.', + 'description' => 'Key expiration in Unix timestamp.', 'default' => 0, 'example' => '1653990687', ]) From 363c073839759c8ca6442d7156918b3a7e47b022 Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 16:39:00 +0300 Subject: [PATCH 11/14] Update app/controllers/api/projects.php Co-authored-by: Eldad A. Fux --- app/controllers/api/projects.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 86845f0dd3..72f52050e1 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -776,7 +776,7 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration timestamp', true) + ->param('expire', 0, new Integer() , 'Key expiration time in Unix timestamp.', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { From ad986fe8521a0f451aab2e3cef662dd742505ce6 Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 17:14:26 +0300 Subject: [PATCH 12/14] Update app/controllers/api/projects.php Co-authored-by: Eldad A. Fux --- app/controllers/api/projects.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 72f52050e1..0524b7726a 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -776,7 +776,7 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration time in Unix timestamp.', true) + ->param('expire', 0, new Integer() , 'Key expiration time in Unix timestamp. Use 0 for unlimited expiry.', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { From 2bad41082bc741d0c087b0fd2ae6f9967f8760af Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 17:23:05 +0300 Subject: [PATCH 13/14] Update projects.php --- app/controllers/api/projects.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 0524b7726a..4b385574be 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -776,7 +776,7 @@ App::post('/v1/projects/:projectId/keys') ->param('projectId', null, new UID(), 'Project unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' scopes are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration time in Unix timestamp. Use 0 for unlimited expiry.', true) + ->param('expire', 0, new Integer() , 'Key expiration time in Unix timestamp. Use 0 for unlimited expiration.', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { @@ -885,7 +885,7 @@ App::put('/v1/projects/:projectId/keys/:keyId') ->param('keyId', null, new UID(), 'Key unique ID.') ->param('name', null, new Text(128), 'Key name. Max length: 128 chars.') ->param('scopes', null, new ArrayList(new WhiteList(array_keys(Config::getParam('scopes')), true), APP_LIMIT_ARRAY_PARAMS_SIZE), 'Key scopes list. Maximum of ' . APP_LIMIT_ARRAY_PARAMS_SIZE . ' events are allowed.') - ->param('expire', 0, new Integer() , 'Key expiration timestamp', true) + ->param('expire', 0, new Integer() , 'Key expiration time in Unix timestamp. Use 0 for unlimited expiration.', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $keyId, string $name, array $scopes, int $expire, Response $response, Database $dbForConsole) { From 57e0679524fbfaa4df9175535b788c95e24ac6c8 Mon Sep 17 00:00:00 2001 From: Shimon Newman Date: Wed, 1 Jun 2022 19:51:12 +0300 Subject: [PATCH 14/14] Update collections.php --- app/config/collections.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/config/collections.php b/app/config/collections.php index 454587b924..1d19c3b848 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -844,7 +844,7 @@ $collections = [ 'size' => 0, 'signed' => false, 'required' => false, - 'default' => null, + 'default' => 0, 'array' => false, 'filters' => [], ],