search

TykTechnologies / tyk

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols
Other
9.65k stars 1.08k forks source link

Keys created using POST /tyk/keys without an org_id result in 00000 key created #2510

Closed sedkis closed 4 years ago

sedkis commented 5 years ago

Branch/Environment/Version 2.8

Describe the bug if I create a key through Gateway using POST /tyk/keys that doesn't have an org_id in the payload, it will create a Key with "00000" token.

Curl:

curl -X POST \
  http://localhost:8080/tyk/keys \
  -H 'x-tyk-authorization: 123123' \
  -d '{
    "last_check": 0,
    "certificate": null,
    "allowance": 1000,
    "hmac_enabled": false,
    "hmac_string": "",
    "basic_auth_data": {
        "password": ""
    },
    "rate": 1000,
    "per": 60,
    "throttle_interval": -1,
    "throttle_retry_limit": -1,
    "expires": 1568658788,
    "quota_max": -1,
    "quota_renews": 1568655187,
    "quota_remaining": -1,
    "quota_renewal_rate": -1,
"access_rights":{"0d0d0a2654a649515c6f452c5e13f18c":{"api_id":"0d0d0a2654a649515c6f452c5e13f18c","api_name":"authtoken","versions":["Default"],"allowed_urls":[],"limit":null}},
    "apply_policy_id": "",
    "apply_policies": [],
    "tags": [],
    "jwt_data": {
        "secret": ""
    },
    "meta_data": {},
    "alias": "",
    "org_id" : ""
}'

tyk.conf:

{
  "listen_address": "",
  "listen_port": 8080,
  "secret": "123123",
  "node_secret": "bloop12345",
  "template_path": "./templates",
  "tyk_js_path": "./js/tyk.js",
  "middleware_path": "./middleware",
  "enable_hashed_keys_listing": true,
  "policies": {
    "policy_source": "service",
    "policy_connection_string": "http://www.tyk-test.com:3000",
    "policy_red_name": "tyk_policies",
    "allow_explicit_policy_id": true
  },
  "use_db_app_configs": true,
  "db_app_conf_options": {
    "connection_string": "http://www.tyk-test.com:3000",
    "node_is_segmented": false,
    "tags": [
      "test"
    ]
  },
  "disable_dashboard_zeroconf": false,
  "app_path": "./test_apps/",
  "storage": {
    "type": "redis",
    "host": "localhost",
    "port": 6379,
    "hosts": null,
    "username": "",
    "password": "",
    "database": 0,
    "optimisation_max_idle": 3000,
    "optimisation_max_active": 5000,
    "enable_cluster": false
  },
  "enable_separate_cache_store": false,
  "enable_analytics": true,
  "analytics_config": {
    "type": "mongo",
    "ignored_ips": [],
    "enable_detailed_recording": true,
    "enable_geo_ip": false,
    "geo_ip_db_path": "./GeoLite2-City.mmdb",
    "normalise_urls": {
      "enabled": true,
      "normalise_uuids": true,
      "normalise_numbers": true,
      "custom_patterns": []
    }
  },
  "health_check": {
    "enable_health_checks": false,
    "health_check_value_timeouts": 0
  },
  "optimisations_use_async_session_write": true,
  "allow_master_keys": false,
  "hash_keys": true,
  "suppress_redis_signal_reload": false,
  "suppress_default_org_store": false,
  "use_redis_log": true,
  "sentry_code": "",
  "use_sentry": false,
  "use_syslog": false,
  "use_graylog": false,
  "use_logstash": false,
  "graylog_network_addr": "",
  "logstash_network_addr": "",
  "syslog_transport": "",
  "logstash_transport": "",
  "syslog_network_addr": "",
  "enforce_org_data_age": true,
  "enforce_org_data_detail_logging": false,
  "enforce_org_quotas": true,
  "experimental_process_org_off_thread": false,
  "enable_non_transactional_rate_limiter": true,
  "enable_sentinel_rate_limiter": false,
  "Monitor": {
    "enable_trigger_monitors": false,
    "configuration": {
      "method": "",
      "target_path": "",
      "template_path": "",
      "header_map": null,
      "event_timeout": 0
    },
    "global_trigger_limit": 0,
    "monitor_user_keys": false,
    "monitor_org_keys": false
  },
  "oauth_refresh_token_expire": 0,
  "oauth_token_expire": 0,
  "oauth_redirect_uri_separator": ";",
  "slave_options": {
    "use_rpc": false,
    "connection_string": "",
    "rpc_key": "",
    "api_key": "",
    "enable_rpc_cache": false,
    "bind_to_slugs": false,
    "disable_keyspace_sync": false,
    "group_id": ""
  },
  "disable_virtual_path_blobs": false,
  "local_session_cache": {
    "disable_cached_session_state": true,
    "cached_session_timeout": 0,
    "cached_session_eviction": 0
  },
  "http_server_options": {
    "enable_http2":true,
    "override_defaults": false,
    "read_timeout": 0,
    "write_timeout": 0,
    "use_ssl": false,
    "use_ssl_le": false,
    "enable_websockets": true,
    "certificates": [],
    "server_name": "",
    "min_version": 0,
    "flush_interval": 0
  },
  "service_discovery": {
    "default_cache_timeout": 10
  },
  "close_connections": false,
  "auth_override": {
    "force_auth_provider": false,
    "auth_provider": {
      "name": "",
      "storage_engine": "",
      "meta": null
    },
    "force_session_provider": false,
    "session_provider": {
      "name": "",
      "storage_engine": "",
      "meta": null
    }
  },
  "uptime_tests": {
    "disable": false,
    "config": {
      "failure_trigger_sample_size": 1,
      "time_wait": 2,
      "checker_pool_size": 50,
      "enable_uptime_analytics": true
    }
  },
  "hostname": "",
  "enable_api_segregation": false,
  "control_api_hostname": "",
  "enable_custom_domains": true,
  "enable_jsvm": true,
  "enable_coprocess": true,
  "coprocess_options" : {
    "enable_coprocess": true,
    "coprocess_grpc_server": "tcp://localhost:9111"
  },
  "hide_generator_header": false,
  "event_handlers": {
    "events": {}
  },
  "event_trigers_defunct": {},
  "pid_file_location": "./tyk-gateway.pid",
  "allow_insecure_configs": true,
  "close_idle_connections": false,
  "allow_remote_config": true,
  "enable_bundle_downloader": true,
  "bundle_base_url": "http://localhost:5556/",
  "public_key_path": "",
  "max_idle_connections_per_host": 500,
  "proxy_enable_http2":true
}
sedkis commented 5 years ago

Actually even when I include the org_id I get a "0000" error:

curl -X POST \
  http://localhost:8080/tyk/keys/ \
  -H 'x-tyk-authorization: 123123' \
  -d '{
    "last_check": 0,
    "certificate": null,
    "allowance": 1000,
    "hmac_enabled": false,
    "hmac_string": "",
    "basic_auth_data": {
        "password": ""
    },
    "rate": 1000,
    "per": 60,
    "throttle_interval": -1,
    "throttle_retry_limit": -1,
    "expires": 1568658788,
    "quota_max": -1,
    "quota_renews": 1568655187,
    "quota_remaining": -1,
    "quota_renewal_rate": -1,
"access_rights":{"0d0d0a2654a649515c6f452c5e13f18c":{"api_id":"0d0d0a2654a649515c6f452c5e13f18c","api_name":"authtoken","versions":["Default"],"allowed_urls":[],"limit":null}},
    "apply_policy_id": "",
    "apply_policies": [],
    "tags": [],
    "jwt_data": {
        "secret": ""
    },
    "meta_data": {},
    "alias": "",
    "org_id" : "5d39d4b6f56e1a815a3a27bf"
}'

Response:

{
    "key": "",
    "status": "ok",
    "action": "added",
    "key_hash": "00000000"
}
stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs, please add comments to this ticket if you would like it to stay open. Thank you for your contributions.