search

sonatype / nexus-public

Sonatype Nexus Repository Open-source codebase mirror
https://www.sonatype.com/products/repository-oss-download
Eclipse Public License 1.0
1.84k stars 557 forks source link

get Nuget Api Key via groovy return unexpected key nexus version 3.63.0.01 #360

Open rocenpe opened 3 months ago

rocenpe commented 3 months ago

Dear Mr. or Mrs., We update to nexus version 3.63.0.01 form 3.45 and groovy script for get Nuget Api Key return unexpected key value.

Our code is:

`class GetNugetApi { private final log

GetNugetApi(log) {
    this.log = log
}

def getNuGetApiKey(String userName, def container) {
    String realmName = "NexusAuthenticatingRealm"
    String apiKeyDomain = "NuGetApiKey"
    SimplePrincipalCollection principal = new SimplePrincipalCollection(userName, realmName)
    ApiKeyStore keyStore = container.lookup(ApiKeyStore.class.getName()) as ApiKeyStore
    Optional<ApiKey> apiKeyValue = keyStore.getApiKey(apiKeyDomain, principal)
    if (apiKeyValue.isPresent()) {
        log.info("API KEY: " + String.valueOf(apiKeyValue.get().getApiKey()))
        return apiKeyValue.get().getApiKey().toString()
    } else {
        apiKey = keyStore.createApiKey(apiKeyDomain, principal)
    }
    return apiKey.toString()
}

def getNuGetApiKeyJson(def container) {
    return JsonOutput.toJson([
           apiKey: this.getNuGetApiKey("PROCEN", container),
    ])
}

}`

new GetNugetApi(log).getNuGetApiKeyJson(container)`

I changed only `apiKey = keyStore.getApiKey(apiKeyDomain, principal)

if (apiKey == null) {
    apiKey = keyStore.createApiKey(apiKeyDomain, principal)
}
return apiKey.toString()`

to ` Optional apiKeyValue = keyStore.getApiKey(apiKeyDomain, principal)

    if (apiKeyValue.isPresent()) {
        log.info("API KEY: " + String.valueOf(apiKeyValue.get().getApiKey()))
        return apiKeyValue.get().getApiKey().toString()
    } else {
        apiKey = keyStore.createApiKey(apiKeyDomain, principal)
    }

    return apiKey.toString()`

because you changed api.

I don't know where is problem. Could you please help me. Thank you.

Blessings, Petr Rocen

rocenpe commented 2 months ago

Dear Mr. or Mrs., I would add that the return wrong nuget api token is only for ldap users. For internal users the correct token returns.

Blessings, Petr Rocen

github-actions[bot] commented 2 weeks ago

This issue is stale because it has been open for 60 days with no activity.