TFMM/ansible-api
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add api stuff

Browse Source
This commit is contained in:
Russ Long
2019-10-29 15:22:32 -04:00
parent 0f9d04c7e3
commit 9bd968f2d9
16 changed files with 1179 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
app/Console/Commands/ActivateApiKey.php Normal file
View File

@ -0,0 +1,63 @@
<?php
namespace App\Console\Commands;
use App\Models\ApiKey;
use Illuminate\Console\Command;
class ActivateApiKey extends Command
{
/**
* Error messages
*/
const MESSAGE_ERROR_INVALID_NAME = 'Invalid name.';
const MESSAGE_ERROR_NAME_DOES_NOT_EXIST = 'Name does not exist.';
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'apikey:activate {name}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Activate an API key by name';
/**
* Execute the console command.
*/
public function handle()
{
$name = $this->argument('name');
$error = $this->validateName($name);
if ($error) {
$this->error($error);
return;
}
$key = ApiKey::where('name', $name)->first();
if ($key->active) {
$this->info('Key "' . $name . '" is already active');
return;
}
$key->active = 1;
$key->save();
$this->info('Activated key: ' . $name);
}
/**
* Validate name
*
* @param string $name
* @return string
*/
protected function validateName($name)
{
if (!ApiKey::isValidName($name)) {
return self::MESSAGE_ERROR_INVALID_NAME;
}
if (!ApiKey::nameExists($name)) {
return self::MESSAGE_ERROR_NAME_DOES_NOT_EXIST;
}
return null;
}
}

63
app/Console/Commands/DeactivateApiKey.php Normal file
View File

@ -0,0 +1,63 @@
<?php
namespace App\Console\Commands;
use App\Models\ApiKey;
use Illuminate\Console\Command;
class DeactivateApiKey extends Command
{
/**
* Error messages
*/
const MESSAGE_ERROR_INVALID_NAME = 'Invalid name.';
const MESSAGE_ERROR_NAME_DOES_NOT_EXIST = 'Name does not exist.';
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'apikey:deactivate {name}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Deactivate an API key by name';
/**
* Execute the console command.
*/
public function handle()
{
$name = $this->argument('name');
$error = $this->validateName($name);
if ($error) {
$this->error($error);
return;
}
$key = ApiKey::where('name', $name)->first();
if (!$key->active) {
$this->info('Key "' . $name . '" is already deactivated');
return;
}
$key->active = 0;
$key->save();
$this->info('Deactivated key: ' . $name);
}
/**
* Validate name
*
* @param string $name
* @return string
*/
protected function validateName($name)
{
if (!ApiKey::isValidName($name)) {
return self::MESSAGE_ERROR_INVALID_NAME;
}
if (!ApiKey::nameExists($name)) {
return self::MESSAGE_ERROR_NAME_DOES_NOT_EXIST;
}
return null;
}
}

62
app/Console/Commands/DeleteApiKey.php Normal file
View File

@ -0,0 +1,62 @@
<?php
namespace App\Console\Commands;
use App\Models\ApiKey;
use Illuminate\Console\Command;
class DeleteApiKey extends Command
{
/**
* Error messages
*/
const MESSAGE_ERROR_INVALID_NAME = 'Invalid name.';
const MESSAGE_ERROR_NAME_DOES_NOT_EXIST = 'Name does not exist.';
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'apikey:delete {name}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Delete an API key by name';
/**
* Execute the console command.
*/
public function handle()
{
$name = $this->argument('name');
$error = $this->validateName($name);
if ($error) {
$this->error($error);
return;
}
$confirmMessage = 'Are you sure you want to delete API key \'' . $name . '\'?';
if (!$this->confirm($confirmMessage)) {
return;
}
$key = ApiKey::where('name', $name)->first();
$key->delete();
$this->info('Deleted key: ' . $name);
}
/**
* Validate name
*
* @param string $name
* @return string
*/
protected function validateName($name)
{
if (!ApiKey::isValidName($name)) {
return self::MESSAGE_ERROR_INVALID_NAME;
}
if (!ApiKey::nameExists($name)) {
return self::MESSAGE_ERROR_NAME_DOES_NOT_EXIST;
}
return null;
}
}

62
app/Console/Commands/GenerateApiKey.php Normal file
View File

@ -0,0 +1,62 @@
<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;
use App\Models\ApiKey;
class GenerateApiKey extends Command
{
/**
* Error messages
*/
const MESSAGE_ERROR_INVALID_NAME_FORMAT = 'Invalid name. Must be lowercase alpha & hyphens less than 255 char.';
const MESSAGE_ERROR_NAME_ALREADY_USED = 'Name is unavailable.';
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'apikey:generate {name}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Generate a new API key';
/**
* Execute the console command.
*/
public function handle()
{
$name = $this->argument('name');
$error = $this->validateName($name);
if ($error) {
$this->error($error);
return;
}
$apiKey = new ApiKey;
$apiKey->name = $name;
$apiKey->key = ApiKey::generate();
$apiKey->save();
$this->info('API key created');
$this->info('Name: ' . $apiKey->name);
$this->info('Key: ' . $apiKey->key);
}
/**
* Validate name
*
* @param string $name
* @return string
*/
protected function validateName($name)
{
if (!ApiKey::isValidName($name)) {
return self::MESSAGE_ERROR_INVALID_NAME_FORMAT;
}
if (ApiKey::nameExists($name)) {
return self::MESSAGE_ERROR_NAME_ALREADY_USED;
}
return null;
}
}

49
app/Console/Commands/ListApiKeys.php Normal file
View File

@ -0,0 +1,49 @@
<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;
use App\Models\ApiKey;
class ListApiKeys extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'apikey:list {--D|deleted}';
/**
* The console command description.
*
* @var string
*/
protected $description = 'List all API Keys';
/**
* Execute the console command.
*/
public function handle()
{
$keys = $this->option('deleted')
? ApiKey::withTrashed()->orderBy('name')->get()
: ApiKey::orderBy('name')->get();
if ($keys->count() === 0) {
$this->info('There are no API keys');
return;
}
$headers = ['Name', 'ID', 'Status', 'Status Date', 'Key'];
$rows = $keys->map(function ($key) {
$status = $key->active ? 'active' : 'deactivated';
$status = $key->trashed() ? 'deleted' : $status;
$statusDate = $key->deleted_at ?: $key->updated_at;
return [
$key->name,
$key->id,
$status,
$statusDate,
$key->key
];
});
$this->table($headers, $rows);
}
}

10
app/Http/Controllers/NewHostController.php Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class NewHostController extends Controller
{
//
}

48
app/Http/Middleware/AuthorizeApiKey.php Normal file
View File

@ -0,0 +1,48 @@
<?php
namespace App\Http\Middleware;
use Closure;
use App\Models\ApiKey;
use App\Models\ApiKeyAccessEvent;
use Illuminate\Http\Request;
class AuthorizeApiKey
{
const AUTH_HEADER = 'X-Authorization';
/**
* Handle the incoming request
*
* @param Request $request
* @param Closure $next
* @return \Illuminate\Contracts\Routing\ResponseFactory|mixed|\Symfony\Component\HttpFoundation\Response
*/
public function handle(Request $request, Closure $next)
{
$header = $request->header(self::AUTH_HEADER);
$apiKey = ApiKey::getByKey($header);
if ($apiKey instanceof ApiKey) {
$this->logAccessEvent($request, $apiKey);
return $next($request);
}
return response([
'errors' => [[
'message' => 'Unauthorized'
]]
], 401);
}
/**
* Log an API key access event
*
* @param Request $request
* @param ApiKey $apiKey
*/
protected function logAccessEvent(Request $request, ApiKey $apiKey)
{
$event = new ApiKeyAccessEvent;
$event->api_key_id = $apiKey->id;
$event->ip_address = $request->ip();
$event->url = $request->fullUrl();
$event->save();
}
}

140
app/Models/ApiKey.php Normal file
View File

@ -0,0 +1,140 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
class ApiKey extends Model
{
use SoftDeletes;
const EVENT_NAME_CREATED = 'created';
const EVENT_NAME_ACTIVATED = 'activated';
const EVENT_NAME_DEACTIVATED = 'deactivated';
const EVENT_NAME_DELETED = 'deleted';
protected static $nameRegex = '/^[a-z-]{1,255}$/';
protected $table = 'api_keys';
/**
* Get the related ApiKeyAccessEvents records
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function accessEvents()
{
return $this->hasMany(ApiKeyAccessEvent::class, 'api_key_id');
}
/**
* Get the related ApiKeyAdminEvents records
*
* @return \Illuminate\Database\Eloquent\Relations\HasMany
*/
public function adminEvents()
{
return $this->hasMany(ApiKeyAdminEvent::class, 'api_key_id');
}
/**
* Bootstrapping event handlers
*/
public static function boot()
{
parent::boot();
static::created(function (ApiKey $apiKey) {
self::logApiKeyAdminEvent($apiKey, self::EVENT_NAME_CREATED);
});
static::updated(function ($apiKey) {
$changed = $apiKey->getDirty();
if (isset($changed) && $changed['active'] === 1) {
self::logApiKeyAdminEvent($apiKey, self::EVENT_NAME_ACTIVATED);
}
if (isset($changed) && $changed['active'] === 0) {
self::logApiKeyAdminEvent($apiKey, self::EVENT_NAME_DEACTIVATED);
}
});
static::deleted(function ($apiKey) {
self::logApiKeyAdminEvent($apiKey, self::EVENT_NAME_DELETED);
});
}
/**
* Generate a secure unique API key
*
* @return string
*/
public static function generate()
{
do {
$key = str_random(64);
} while (self::keyExists($key));
return $key;
}
/**
* Get ApiKey record by key value
*
* @param string $key
* @return bool
*/
public static function getByKey($key)
{
return self::where([
'key' => $key,
'active' => 1
])->first();
}
/**
* Check if key is valid
*
* @param string $key
* @return bool
*/
public static function isValidKey($key)
{
return self::getByKey($key) instanceof self;
}
/**
* Check if name is valid format
*
* @param string $name
* @return bool
*/
public static function isValidName($name)
{
return (bool) preg_match(self::$nameRegex, $name);
}
/**
* Check if a key already exists
*
* Includes soft deleted records
*
* @param string $key
* @return bool
*/
public static function keyExists($key)
{
return self::where('key', $key)->withTrashed()->first() instanceof self;
}
/**
* Check if a name already exists
*
* Does not include soft deleted records
*
* @param string $name
* @return bool
*/
public static function nameExists($name)
{
return self::where('name', $name)->first() instanceof self;
}
/**
* Log an API key admin event
*
* @param ApiKey $apiKey
* @param string $eventName
*/
protected static function logApiKeyAdminEvent(ApiKey $apiKey, $eventName)
{
$event = new ApiKeyAdminEvent;
$event->api_key_id = $apiKey->id;
$event->ip_address = request()->ip();
$event->event = $eventName;
$event->save();
}
}

20
app/Models/ApiKeyAccessEvent.php Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
class ApiKeyAccessEvent extends Model
{
protected $table = 'api_key_access_events';
/**
* Get the related ApiKey record
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*/
public function apiKey()
{
return $this->belongsTo(ApiKey::class, 'api_key_id');
}
}

20
app/Models/ApiKeyAdminEvent.php Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\SoftDeletes;
class ApiKeyAdminEvent extends Model
{
protected $table = 'api_key_admin_events';
/**
* Get the related ApiKey record
*
* @return \Illuminate\Database\Eloquent\Relations\BelongsTo
*/
public function apiKey()
{
return $this->belongsTo(ApiKey::class, 'api_key_id');
}
}

67
app/Providers/ApiKeyServiceProvider.php Normal file
View File

@ -0,0 +1,67 @@
<?php
namespace App\Providers;
use App\Console\Commands\ActivateApiKey;
use App\Console\Commands\DeactivateApiKey;
use App\Console\Commands\DeleteApiKey;
use App\Console\Commands\GenerateApiKey;
use App\Console\Commands\ListApiKeys;
use App\Http\Middleware\AuthorizeApiKey;
use Illuminate\Routing\Router;
use Illuminate\Support\ServiceProvider;
class ApiKeyServiceProvider extends ServiceProvider
{
/**
* Bootstrap the application services.
*
* @param Router $router
* @return void
*/
public function boot(Router $router)
{
$this->registerMiddleware($router);
$this->registerMigrations(__DIR__ . '/../../database/migrations');
}
/**
* Register the application services.
*
* @return void
*/
public function register()
{
$this->commands([
ActivateApiKey::class,
DeactivateApiKey::class,
DeleteApiKey::class,
GenerateApiKey::class,
ListApiKeys::class,
]);
}
/**
* Register middleware
*
* Support added for different Laravel versions
*
* @param Router $router
*/
protected function registerMiddleware(Router $router)
{
$versionComparison = version_compare(app()->version(), '5.4.0');
if ($versionComparison >= 0) {
$router->aliasMiddleware('auth.apikey', AuthorizeApiKey::class);
} else {
$router->middleware('auth.apikey', AuthorizeApiKey::class);
}
}
/**
* Register migrations
*/
protected function registerMigrations($migrationsDirectory)
{
$this->publishes([
$migrationsDirectory => database_path('migrations')
], 'migrations');
}
}