When multiple subscription calls are made to a single shared key application, all of the calls appear successful, but some of the subscriptions are missing the key.
To Reproduce :
Steps to reproduce the behaviour:
Create an application that uses a shared API key. Add a couple of subscriptions initially in order to trigger setting the application to use the shared API key.
Create and publish API key plans for a minimum of 3 APIs. Allow auto subscription.
Simultaneously send the subscription requests. For example, use curl1 & curl2 & curl3, where a curl request has the following format, replacing only the planId for each request:
Describe the bug :
When multiple subscription calls are made to a single shared key application, all of the calls appear successful, but some of the subscriptions are missing the key.
To Reproduce :
Steps to reproduce the behaviour:
curl --location 'http://localhost:8083/management/v2/environments/DEFAULT/apis/0138de33-8656-45dd-b8de-338656f5ddd4/subscriptions' --header 'Content-Type: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4=' --header 'Cookie: XSRF-Graviteeio-AM-API-TOKEN=eyJraWQiOiJkZWZhdWx0LWdyYXZpdGVlLUFNLWtleSIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJpc3MiOiJodHRwczpcL1wvZ3Jhdml0ZWUuYW0iLCJpYXQiOjE3MDU1MjgxNzksImp0aSI6IlNzeFluZVp2T2xSN2p0MnpQSm0zZmxvWTZ6VHJONXJJbENFVUNwdUhQam8iLCJ0b2tlbiI6IjRmMmU1MmQxLWE0MmQtNGM4NS1iYjA4LTMzNzZlMWRjNjVmZiJ9.lE_UYBcPaJBxHHybxTRrDr8NNe0sidXrxKgs1qfOXVU; XSRF-TOKEN=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJncmF2aXRlZS1tYW5hZ2VtZW50LWF1dGgiLCJpYXQiOjE3MDU2OTA0MDksInRva2VuIjoiY2Y4NGU1ZjQtYjgwNS00ZjExLWI3NzQtYmVlNDA3ZDRlYmQwIn0.jrZLb0mz_PqoPk33Lg8bWvRajAGnANZ3gUnKPzljJzY' --data '
{ "planId": "bee094d4-055e-4e62-a094-d4055e6e6246", "applicationId": "d64623e1-b3ef-44e1-8623-e1b3ef14e19c"}
'
This behavior occurs with both v2 and v4 APIs. There was no clearly discernible pattern for which APIs would have a missing key.
Expected behaviour :
Simultaneous subscription calls should always successfully bind the key to all of the subscriptions.
Current behaviour :
The API key does not always bind to all subscriptions when concurrent requests are made.
Desktop :
* Please see Zendesk Support tab for further comments and attachments.