summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2023-12-04 15:48:23 +0000
committerDaniil Baturin <daniil@baturin.org>2023-12-04 15:48:23 +0000
commitf67173b41e4bf55e740313c588cb94d278b0b109 (patch)
treeeffb9e6322644659934121c8eb4a355ab3059cf5 /src
parent7bd6047901167352770b31fe47031363cad5b94d (diff)
downloadvyos-1x-f67173b41e4bf55e740313c588cb94d278b0b109.tar.gz
vyos-1x-f67173b41e4bf55e740313c588cb94d278b0b109.zip
Revert "https api: T5772: check if keys are configured unless PAM auth is enabled for GraphQL"
This reverts commit 1b7e8f9ff7a86125ca7c8a2035650d5203dc54c5.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/https.py25
1 files changed, 0 insertions, 25 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py
index 349cec888..078c2d5f5 100755
--- a/src/conf_mode/https.py
+++ b/src/conf_mode/https.py
@@ -23,7 +23,6 @@ import jinja2
import vyos.defaults
from vyos.config import Config
-from vyos.util import dict_search
from vyos import ConfigError
config_file = '/etc/nginx/sites-available/default'
@@ -144,32 +143,8 @@ def get_config():
return https
def verify(https):
- # Verify API server settings, if present
- if 'api' in https:
- keys = dict_search('api.keys.id', https)
- gql_auth_type = dict_search('api.graphql.authentication.type', https)
-
- # If "api graphql" is not defined and `gql_auth_type` is None,
- # there's certainly no JWT auth option, and keys are required
- jwt_auth = (gql_auth_type == "token")
-
- # Check for incomplete key configurations in every case
- valid_keys_exist = False
- if keys:
- for k in keys:
- if 'key' not in keys[k]:
- raise ConfigError(f'Missing HTTPS API key string for key id "{k}"')
- else:
- valid_keys_exist = True
-
- # If only key-based methods are enabled,
- # fail the commit if no valid key configurations are found
- if (not valid_keys_exist) and (not jwt_auth):
- raise ConfigError('At least one HTTPS API key is required unless GraphQL token authentication is enabled')
-
return None
-
def generate(https):
if https is None:
return None