search

jaredhendrickson13 / pfsense-api

The missing REST and GraphQL API package for pfSense
https://pfrest.org/
Apache License 2.0
685 stars 106 forks source link

missing client-id in Keys tab #461

Closed KristijanL closed 5 months ago

KristijanL commented 5 months ago

when i create an API key with latest v2 dev version i don't get client-id

To Reproduce create API key

Expected behavior Should show the client-id.

Screenshots or Response Screenshot 2024-05-09 at 19 34 35

Screenshot 2024-05-09 at 19 35 02

pfSense Version & Package Version:

Affected Endpoints:

jaredhendrickson13 commented 5 months ago

Hey!

In v2 there is no concept of client-id or client-token like there was in v1. It is simply an API key that you include in your authorization header. For example: Authorization: KeyAuth YOURKEYHERE. The package knows which key is associated with which user already so there is no need for a client-id in v2.

Hope this helps.

Thanks!

KristijanL commented 5 months ago

ah, it works, thanks!

but there is an issue with openapi, the headers are not correctly configured.

Screenshot 2024-05-09 at 20 29 59

Message from syslogd@fw at May  9 20:29:32 ...
php-fpm[94518]: /api/v2/status/carp/index.php: webConfigurator authentication error for user 'unknown' from: 192.168.5.21
jaredhendrickson13 commented 5 months ago

Yeah I noticed that right after my previous response. I'll have a build later today with a fix for the malformed header. I'll mark this as a bug for now.

Thanks!

jaredhendrickson13 commented 5 months ago

The OpenAPI spec doesn't really have a clean way to define the Authorization header with the KeyAuth identifier so I've opted to use the x-api-key header in its place. This has been addressed in the latest dev build and I've verified KeyAuth works as expected in the Swagger docs.