diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-12-20 22:01:52 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-20 22:01:52 +0200 |
| commit | 7717ed5c70ba8a5dfc1ad2299e449e98b3ef99d2 (patch) | |
| tree | 940a51bcf0086150ea855aacb3fbcaabdb954468 | |
| parent | ac170ee4bb0af8189e56d5cf55da36815a7f5046 (diff) | |
| parent | 495bf4732439ebd55edfbf6050af8b2064993d86 (diff) | |
| download | vyos-1x-7717ed5c70ba8a5dfc1ad2299e449e98b3ef99d2.tar.gz vyos-1x-7717ed5c70ba8a5dfc1ad2299e449e98b3ef99d2.zip | |
Merge pull request #2661 from dmbaturin/T5844
Allow the HTTPS API server to start without any configured keys when GraphQL JWT auth is configured
| -rwxr-xr-x | src/conf_mode/https.py | 6 | ||||
| -rwxr-xr-x | src/services/vyos-http-api-server | 6 |
2 files changed, 9 insertions, 3 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index 40b7de557..3dc5dfc01 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2022 VyOS maintainers and contributors +# Copyright (C) 2019-2023 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -24,6 +24,7 @@ from time import sleep import vyos.defaults import vyos.certbot_util +from vyos.base import Warning from vyos.config import Config from vyos.configdiff import get_config_diff from vyos.configverify import verify_vrf @@ -193,6 +194,9 @@ def verify(https): if (not valid_keys_exist) and (not jwt_auth): raise ConfigError('At least one HTTPS API key is required unless GraphQL token authentication is enabled') + if (not valid_keys_exist) and jwt_auth: + Warning(f'API keys are not configured: the classic (non-GraphQL) API will be unavailable.') + return None def generate(https): diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index bfd50cc80..b64e58132 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -872,13 +872,15 @@ def initialization(session: ConfigSession, app: FastAPI = app): global server try: server_config = load_server_config() - keys = flatten_keys(server_config) except Exception as e: logger.critical(f'Failed to load the HTTP API server config: {e}') sys.exit(1) app.state.vyos_session = session - app.state.vyos_keys = keys + app.state.vyos_keys = [] + + if 'keys' in server_config: + app.state.vyos_keys = flatten_keys(server_config) app.state.vyos_debug = bool('debug' in server_config) app.state.vyos_strict = bool('strict' in server_config) |