diff options
| author | Daniil Baturin <daniil@baturin.org> | 2023-12-04 15:38:11 +0000 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2023-12-04 15:38:11 +0000 |
| commit | 976c800c4ba5bd1f4856ea2fa112e89af979bacf (patch) | |
| tree | f9ee57e27006b8dcf9b3bfb7bd22f55e890075ef | |
| parent | a148b81659afb02947594cc9255b3162069f86f5 (diff) | |
| download | vyos-1x-976c800c4ba5bd1f4856ea2fa112e89af979bacf.tar.gz vyos-1x-976c800c4ba5bd1f4856ea2fa112e89af979bacf.zip | |
https: T5772: require that at least one valid API key is present
| -rwxr-xr-x | src/conf_mode/http-api.py | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py index 2ade3476d..dc75e79b7 100755 --- a/src/conf_mode/http-api.py +++ b/src/conf_mode/http-api.py @@ -94,15 +94,18 @@ def get_config(config=None): key = conf.return_value('keys id {0} key'.format(name)) new_key = { 'id': name, 'key': key } http_api['api_keys'].append(new_key) - keys_added = True - - if keys_added and default_key: - if default_key in http_api['api_keys']: - http_api['api_keys'].remove(default_key) + else: + raise ConfigError(f'Missing HTTPS API key string for key id "{name}"') return http_api def verify(http_api): + # Verify API server settings, if present + keys = http_api['api_keys'] + + if not keys: + raise ConfigError('At least one HTTPS API key is required') + return None def generate(http_api): |