ITISFoundation · giancarloromeo · Dec 10, 2024 · Nov 26, 2024 · Nov 28, 2024 · Nov 28, 2024
@@ -9,8 +9,6 @@
 from fastapi import APIRouter, status
 from models_library.api_schemas_webserver.auth import (
     AccountRequestInfo,
-    ApiKeyCreate,
-    ApiKeyGet,
     UnregisterCheck,
 )
 from models_library.generics import Envelope
@@ -264,72 +262,6 @@ async def email_confirmation(code: str):
     """email link sent to user to confirm an action"""
 
 
-@router.get(
-    "/auth/api-keys",
-    operation_id="list_api_keys",
-    responses={
-        status.HTTP_200_OK: {
-            "description": "returns the display names of API keys",
-            "model": list[str],
-        },
-        status.HTTP_400_BAD_REQUEST: {
-            "description": "key name requested is invalid",
-        },
-        status.HTTP_401_UNAUTHORIZED: {
-            "description": "requires login to  list keys",
-        },
-        status.HTTP_403_FORBIDDEN: {
-            "description": "not enough permissions to list keys",
-        },
-    },
-)
-async def list_api_keys():
-    """lists display names of API keys by this user"""
-
-
-@router.post(
-    "/auth/api-keys",
-    operation_id="create_api_key",
-    responses={
-        status.HTTP_200_OK: {
-            "description": "Authorization granted returning API key",
-            "model": ApiKeyGet,
-        },
-        status.HTTP_400_BAD_REQUEST: {
-            "description": "key name requested is invalid",
-        },
-        status.HTTP_401_UNAUTHORIZED: {
-            "description": "requires login to  list keys",
-        },
-        status.HTTP_403_FORBIDDEN: {
-            "description": "not enough permissions to list keys",
-        },
-    },
-)
-async def create_api_key(_body: ApiKeyCreate):
-    """creates API keys to access public API"""
-
-
-@router.delete(
-    "/auth/api-keys",
-    operation_id="delete_api_key",
-    status_code=status.HTTP_204_NO_CONTENT,
-    responses={
-        status.HTTP_204_NO_CONTENT: {
-            "description": "api key successfully deleted",
-        },
-        status.HTTP_401_UNAUTHORIZED: {
-            "description": "requires login to  delete a key",
-        },
-        status.HTTP_403_FORBIDDEN: {
-            "description": "not enough permissions to delete a key",
-        },
-    },
-)
-async def delete_api_key(_body: ApiKeyCreate):
-    """deletes API key by name"""
-
-
 @router.get(
     "/auth/captcha",
     operation_id="request_captcha",

@@ -0,0 +1,60 @@
+from typing import Annotated
+
+from fastapi import APIRouter, Depends, status
+from models_library.api_schemas_webserver.auth import (
+    ApiKeyCreateRequest,
+    ApiKeyCreateResponse,
+    ApiKeyGet,
+)
+from models_library.generics import Envelope
+from models_library.rest_error import EnvelopedError
+from simcore_service_webserver._meta import API_VTAG
+from simcore_service_webserver.api_keys._exceptions_handlers import _TO_HTTP_ERROR_MAP
+from simcore_service_webserver.api_keys._rest import ApiKeysPathParams
+
+router = APIRouter(
+    prefix=f"/{API_VTAG}",
+    tags=["auth"],
+    responses={
+        i.status_code: {"model": EnvelopedError} for i in _TO_HTTP_ERROR_MAP.values()
+    },
+)
+
+
+@router.post(
+    "/auth/api-keys",
+    operation_id="create_api_key",
+    status_code=status.HTTP_201_CREATED,
+    response_model=Envelope[ApiKeyCreateResponse],
+)
+async def create_api_key(_body: ApiKeyCreateRequest):
+    """creates API keys to access public API"""
+
+
+@router.get(
+    "/auth/api-keys",
+    operation_id="list_api_keys",
+    response_model=Envelope[list[ApiKeyGet]],
+    status_code=status.HTTP_200_OK,
+)
+async def list_api_keys():
+    """lists API keys by this user"""
+
+
+@router.get(
+    "/auth/api-keys/{api_key_id}",
+    operation_id="get_api_key",
+    response_model=Envelope[ApiKeyGet],
+    status_code=status.HTTP_200_OK,
+)
+async def get_api_key(_path: Annotated[ApiKeysPathParams, Depends()]):
+    """returns the API Key with the given ID"""
+
+
+@router.delete(
+    "/auth/api-keys/{api_key_id}",
+    operation_id="delete_api_key",
+    status_code=status.HTTP_204_NO_CONTENT,
+)
+async def delete_api_key(_path: Annotated[ApiKeysPathParams, Depends()]):
+    """deletes the API key with the given ID"""
@@ -20,6 +20,7 @@
         #
         # core ---
         "_auth",
+        "_auth_api_keys",
         "_groups",
         "_tags",
         "_tags_groups",  # after _tags

@@ -1,10 +1,12 @@
 from datetime import timedelta
-from typing import Any
+from typing import Annotated, Any
 
-from pydantic import BaseModel, ConfigDict, Field, SecretStr
+from models_library.basic_types import IDStr
+from pydantic import AliasGenerator, ConfigDict, Field, HttpUrl, SecretStr
+from pydantic.alias_generators import to_camel
 
 from ..emails import LowerCaseEmailStr
-from ._base import InputSchema
+from ._base import InputSchema, OutputSchema
 
 
 class AccountRequestInfo(InputSchema):
@@ -51,42 +53,97 @@ class UnregisterCheck(InputSchema):
 #
 
 
-class ApiKeyCreate(BaseModel):
-    display_name: str = Field(..., min_length=3)
+class ApiKeyCreateRequest(InputSchema):
+    display_name: Annotated[str, Field(..., min_length=3)]
     expiration: timedelta | None = Field(
         None,
         description="Time delta from creation time to expiration. If None, then it does not expire.",
     )
 
     model_config = ConfigDict(
+        alias_generator=AliasGenerator(
+            validation_alias=to_camel,
+        ),
+        from_attributes=True,
+        json_schema_extra={
+            "examples": [
+                {
+                    "displayName": "test-api-forever",
+                },
+                {
+                    "displayName": "test-api-for-one-day",
+                    "expiration": 60 * 60 * 24,
+                },
+                {
+                    "displayName": "test-api-for-another-day",
+                    "expiration": "24:00:00",
+                },
+            ]
+        },
+    )
+
+
+class ApiKeyCreateResponse(OutputSchema):
+    id: IDStr
+    display_name: Annotated[str, Field(..., min_length=3)]
+    expiration: timedelta | None = Field(
+        None,
+        description="Time delta from creation time to expiration. If None, then it does not expire.",
+    )
+    api_base_url: HttpUrl
+    api_key: str
+    api_secret: str
+
+    model_config = ConfigDict(
+        alias_generator=AliasGenerator(
+            serialization_alias=to_camel,
+        ),
+        from_attributes=True,
         json_schema_extra={
             "examples": [
                 {
+                    "id": "42",
                     "display_name": "test-api-forever",
+                    "api_base_url": "http://api.osparc.io/v0",  # NOSONAR
+                    "api_key": "key",
+                    "api_secret": "secret",
                 },
                 {
+                    "id": "48",
                     "display_name": "test-api-for-one-day",
                     "expiration": 60 * 60 * 24,
+                    "api_base_url": "http://api.sim4life.io/v0",  # NOSONAR
+                    "api_key": "key",
+                    "api_secret": "secret",
                 },
                 {
+                    "id": "54",
                     "display_name": "test-api-for-another-day",
                     "expiration": "24:00:00",
+                    "api_base_url": "http://api.osparc-master.io/v0",  # NOSONAR
+                    "api_key": "key",
+                    "api_secret": "secret",
                 },
             ]
-        }
+        },
     )
 
 
-class ApiKeyGet(BaseModel):
-    display_name: str = Field(..., min_length=3)
-    api_key: str
-    api_secret: str
+class ApiKeyGet(OutputSchema):
+    id: IDStr
+    display_name: Annotated[str, Field(..., min_length=3)]
 
     model_config = ConfigDict(
+        alias_generator=AliasGenerator(
+            serialization_alias=to_camel,
+        ),
         from_attributes=True,
         json_schema_extra={
             "examples": [
-                {"display_name": "myapi", "api_key": "key", "api_secret": "secret"},
+                {
+                    "id": "42",
+                    "display_name": "myapi",
+                },
             ]
         },
     )
diff --git a/packages/models-library/src/models_library/rpc_auth_api_keys.py b/packages/models-library/src/models_library/rpc_auth_api_keys.py
@@ -0,0 +1,35 @@
+import datetime as dt
+from typing import Annotated
+
+from models_library.basic_types import IDStr
+from pydantic import BaseModel, ConfigDict, Field
+
+
+class ApiKeyCreate(BaseModel):
+    display_name: Annotated[str, Field(..., min_length=3)]
+    expiration: dt.timedelta | None = None
+
+    model_config = ConfigDict(
+        from_attributes=True,
+    )
+
+
+class ApiKeyGet(BaseModel):
+    id: IDStr
+    display_name: Annotated[str, Field(..., min_length=3)]
+    api_key: str | None = None
+    api_secret: str | None = None
+
+    model_config = ConfigDict(
+        from_attributes=True,
+        json_schema_extra={
+            "examples": [
+                {
+                    "id": "42",
+                    "display_name": "test-api-forever",
+                    "api_key": "key",
+                    "api_secret": "secret",
+                },
+            ]
+        },
+    )
@@ -4,8 +4,8 @@
 
 from aiocache import cached  # type: ignore[import-untyped]
 from fastapi import FastAPI
-from models_library.api_schemas_webserver.auth import ApiKeyGet
 from models_library.products import ProductName
+from models_library.rpc_auth_api_keys import ApiKeyGet
 from models_library.users import UserID
 
 from ._api_auth_rpc import get_or_create_api_key_and_secret
@@ -30,10 +30,13 @@ async def _get_or_create_for(
     product_name: ProductName,
     user_id: UserID,
 ) -> ApiKeyGet:
-
-    name = create_unique_api_name_for(product_name, user_id)
+    display_name = create_unique_api_name_for(product_name, user_id)
     return await get_or_create_api_key_and_secret(
-        app, product_name=product_name, user_id=user_id, name=name, expiration=None
+        app,
+        user_id=user_id,
+        product_name=product_name,
+        display_name=display_name,
+        expiration=None,
     )
 
 

@@ -2,9 +2,9 @@
 
 from fastapi import FastAPI
 from models_library.api_schemas_webserver import WEBSERVER_RPC_NAMESPACE
-from models_library.api_schemas_webserver.auth import ApiKeyGet
 from models_library.products import ProductName
 from models_library.rabbitmq_basic_types import RPCMethodName
+from models_library.rpc_auth_api_keys import ApiKeyGet
 from models_library.users import UserID
 from pydantic import TypeAdapter
 
@@ -20,16 +20,16 @@ async def get_or_create_api_key_and_secret(
     *,
     product_name: ProductName,
     user_id: UserID,
-    name: str,
+    display_name: str,
     expiration: timedelta | None = None,
 ) -> ApiKeyGet:
     rpc_client = get_rabbitmq_rpc_client(app)
     result = await rpc_client.request(
         WEBSERVER_RPC_NAMESPACE,
-        TypeAdapter(RPCMethodName).validate_python("get_or_create_api_keys"),
-        product_name=product_name,
+        TypeAdapter(RPCMethodName).validate_python("get_or_create_api_key"),
         user_id=user_id,
-        name=name,
+        display_name=display_name,
         expiration=expiration,
+        product_name=product_name,
     )
     return ApiKeyGet.model_validate(result)
@@ -20,9 +20,9 @@
 from asgi_lifespan import LifespanManager
 from faker import Faker
 from fastapi import FastAPI
-from models_library.api_schemas_webserver.auth import ApiKeyGet
 from models_library.products import ProductName
 from models_library.projects import Node, NodesDict
+from models_library.rpc_auth_api_keys import ApiKeyGet
 from models_library.users import UserID
 from pytest_mock import MockerFixture
 from pytest_simcore.helpers.monkeypatch_envs import (
@@ -347,15 +347,15 @@ async def _create(
         *,
         product_name: ProductName,
         user_id: UserID,
-        name: str,
+        display_name: str,
         expiration: timedelta,
     ):
         assert app
         assert product_name
         assert user_id
         assert expiration is None
 
-        fake_data.display_name = name
+        fake_data.display_name = display_name
         return fake_data
 
     # mocks RPC interface