diff options
author | Daniil Baturin <daniil@baturin.org> | 2023-12-04 15:48:23 +0000 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2023-12-04 15:48:23 +0000 |
commit | f67173b41e4bf55e740313c588cb94d278b0b109 (patch) | |
tree | effb9e6322644659934121c8eb4a355ab3059cf5 /src | |
parent | 7bd6047901167352770b31fe47031363cad5b94d (diff) | |
download | vyos-1x-f67173b41e4bf55e740313c588cb94d278b0b109.tar.gz vyos-1x-f67173b41e4bf55e740313c588cb94d278b0b109.zip |
Revert "https api: T5772: check if keys are configured unless PAM auth is enabled for GraphQL"
This reverts commit 1b7e8f9ff7a86125ca7c8a2035650d5203dc54c5.
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/https.py | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index 349cec888..078c2d5f5 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -23,7 +23,6 @@ import jinja2 import vyos.defaults from vyos.config import Config -from vyos.util import dict_search from vyos import ConfigError config_file = '/etc/nginx/sites-available/default' @@ -144,32 +143,8 @@ def get_config(): return https def verify(https): - # Verify API server settings, if present - if 'api' in https: - keys = dict_search('api.keys.id', https) - gql_auth_type = dict_search('api.graphql.authentication.type', https) - - # If "api graphql" is not defined and `gql_auth_type` is None, - # there's certainly no JWT auth option, and keys are required - jwt_auth = (gql_auth_type == "token") - - # Check for incomplete key configurations in every case - valid_keys_exist = False - if keys: - for k in keys: - if 'key' not in keys[k]: - raise ConfigError(f'Missing HTTPS API key string for key id "{k}"') - else: - valid_keys_exist = True - - # If only key-based methods are enabled, - # fail the commit if no valid key configurations are found - if (not valid_keys_exist) and (not jwt_auth): - raise ConfigError('At least one HTTPS API key is required unless GraphQL token authentication is enabled') - return None - def generate(https): if https is None: return None |